securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Submission: On March 20 via api (March 20th 2021, 12:25:28 pm UTC) from US

Summary HTTP 349 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 76 IPs in 8 countries across 68 domains to perform 349 HTTP transactions. The main IP is 2001:8d8:100f:f000::289, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is securityaffairs.co.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 8th 2020. Valid for: a year.

This is the only time securityaffairs.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	2001:8d8:100f... 2001:8d8:100f:f000::289	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:c000:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:7200:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
23	23.210.250.97 23.210.250.97	16625 (AKAMAI-AS) (AKAMAI-AS)
10	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
30	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f00... 2a03:2880:f00a:e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:8400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	23.62.140.165 23.62.140.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:218... 2600:9000:2182:6e00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.32.238.131 23.32.238.131	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2.16.186.66 2.16.186.66	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.29.155.194 52.29.155.194	16509 (AMAZON-02) (AMAZON-02)
12	52.201.98.35 52.201.98.35	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:42d... 2600:1f18:42df:3a00:13f0:d148:35f2:a1d9	14618 (AMAZON-AES) (AMAZON-AES)
9	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
4 8	34.246.149.44 34.246.149.44	16509 (AMAZON-02) (AMAZON-02)
3	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	34.200.78.134 34.200.78.134	14618 (AMAZON-AES) (AMAZON-AES)
18	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
5 14	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	35.212.210.170 35.212.210.170	15169 (GOOGLE) (GOOGLE)
7	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.171 208.100.17.171	32748 (STEADFAST) (STEADFAST)
11 14	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
7	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
6 6	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7 7	35.158.172.137 35.158.172.137	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
6 6	213.19.147.151 213.19.147.151	26120 (RHYTHMONE) (RHYTHMONE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
8	192.229.233.50 192.229.233.50	15133 (EDGECAST) (EDGECAST)
4 4	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
7 8	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 23	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	54.194.13.58 54.194.13.58	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	188.165.4.142 188.165.4.142	16276 (OVH) (OVH)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3039::6815:c01e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	18.157.138.23 18.157.138.23	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
2 2	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
4	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	63.32.138.105 63.32.138.105	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
3 3	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
1 1	52.202.125.251 52.202.125.251	14618 (AMAZON-AES) (AMAZON-AES)
349	76

43 2001:8d8:100f:f000::289 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

securityaffairs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:c000:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7200:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 23.210.250.97 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00a:e:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:8400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.140.165 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-140-165.deploy.static.akamaitechnologies.com

adservetx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:6e00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4671 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.238.131 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-131.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.66 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.155.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.201.98.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:42df:3a00:13f0:d148:35f2:a1d9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.246.149.44 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.200.78.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-78-134.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.33.220.145 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.212.210.170 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 170.210.212.35.bc.googleusercontent.com

navvy.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.171 (United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.74.194 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.139 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.135.227 (United Kingdom) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.158.172.137 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-172-137.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.151 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.233.50 (Torrance, United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.234 (Denmark) 7 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.13.58 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.4.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip142.ip-188-165-4.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c01e (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.138.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.252.78.131 (United States) 2 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.138.105 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.59.148.16 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.125.251 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	securityaffairs.co securityaffairs.co	1 MB
41	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	123 KB
39	twitter.com platform.twitter.com syndication.twitter.com	8 MB
28	media.net contextual.media.net adservetx.media.net lg3.media.net navvy.media.net	301 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	441 KB
21	doubleclick.net 12 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	55 KB
18	openx.net pixfuture2-d.openx.net eu-u.openx.net us-u.openx.net	5 KB
17	adnxs.com 5 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	62 KB
13	clnmde.com dt.clnmde.com dt6.clnmde.com	4 KB
13	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	458 KB
11	wp.com i0.wp.com i1.wp.com i2.wp.com stats.wp.com pixel.wp.com	88 KB
10	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	13 KB
9	twimg.com cdn.syndication.twimg.com abs-0.twimg.com pbs.twimg.com	120 KB
8	adform.net 7 redirects c1.adform.net	3 KB
8	adsrvr.org 4 redirects match.adsrvr.org	3 KB
7	bidswitch.net 7 redirects x.bidswitch.net	2 KB
6	mathtag.com 6 redirects sync.mathtag.com	3 KB
5	googletagservices.com www.googletagservices.com	154 KB
5	google.com 1 redirects adservice.google.com www.google.com	933 B
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
5	sharethis.com ws.sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	40 KB
4	quantserve.com 4 redirects pixel.quantserve.com	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	64 KB
4	1rx.io 4 redirects sync.1rx.io	3 KB
4	33across.com ssc.33across.com ssc-cms.33across.com	2 KB
4	google-analytics.com www.google-analytics.com google-analytics.com	38 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	zeotap.com 1 redirects mwzeom.zeotap.com spl.zeotap.com	1 KB
3	bidr.io 3 redirects match.prod.bidr.io	1 KB
3	contextweb.com 3 redirects bh.contextweb.com	2 KB
3	google.de adservice.google.de	2 KB
3	googleadservices.com partner.googleadservices.com	1 KB
3	yahoo.com 1 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	2 KB
3	akamaihd.net pxlclnmdecom-a.akamaihd.net qsearch-a.akamaihd.net	38 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	991 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	721 B
2	clientgear.com 2 redirects event.clientgear.com	525 B
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	tapad.com 1 redirects pixel.tapad.com	616 B
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	559 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	googleapis.com fonts.googleapis.com Failed	2 KB
2	facebook.net connect.facebook.net	61 KB
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	bnmla.com match.bnmla.com	114 B
1	gumgum.com 1 redirects rtb.gumgum.com	336 B
1	playground.xyz 1 redirects ads.playground.xyz	487 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	ad4m.at ad4m.at	1 KB
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	327 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	smartadserver.com rtb-csync.smartadserver.com	181 B
1	rfihub.com 1 redirects p.rfihub.com	752 B
1	rlcdn.com api.rlcdn.com	222 B
1	w.org s.w.org	935 B
1	gravatar.com secure.gravatar.com	1 KB
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	5 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
349	68

	Domain	Requested by
43	securityaffairs.co	securityaffairs.co
30	platform.twitter.com	securityaffairs.co platform.twitter.com
16	simage2.pubmatic.com	1 redirects image6.pubmatic.com ads.pubmatic.com
15	pagead2.googlesyndication.com	cdn.pixfuture.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com securityaffairs.co
14	cm.g.doubleclick.net	11 redirects eu-u.openx.net
13	ib.adnxs.com	4 redirects cdn.pixfuture.com acdn.adnxs.com
13	contextual.media.net	securityaffairs.co contextual.media.net
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	dt.clnmde.com	pxlclnmdecom-a.akamaihd.net securityaffairs.co
10	lg3.media.net	securityaffairs.co contextual.media.net
10	served-by.pixfuture.com	securityaffairs.co cdn.pixfuture.com pagead2.googlesyndication.com
9	eu-u.openx.net	cdn.pixfuture.com eu-u.openx.net
9	syndication.twitter.com	platform.twitter.com securityaffairs.co
8	c1.adform.net	7 redirects image6.pubmatic.com
8	match.adsrvr.org	4 redirects cdn.pixfuture.com eu-u.openx.net
7	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
7	x.bidswitch.net	7 redirects
7	sync.go.sonobi.com	securityaffairs.co
7	ads.pubmatic.com	cdn.pixfuture.com ads.pubmatic.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	us-u.openx.net	eu-u.openx.net
6	sync.mathtag.com	6 redirects
5	pbs.twimg.com	securityaffairs.co
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	pixel.quantserve.com	4 redirects
4	sync.1rx.io	4 redirects
4	navvy.media.net	contextual.media.net
3	pixel.onaudience.com	3 redirects
3	match.prod.bidr.io	3 redirects
3	image6.pubmatic.com	ads.pubmatic.com
3	cdn.syndication.twimg.com	platform.twitter.com
3	bh.contextweb.com	3 redirects
3	acdn.adnxs.com	cdn.pixfuture.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	hbopenbid.pubmatic.com	cdn.pixfuture.com
3	pixfuture2-d.openx.net	cdn.pixfuture.com
3	ssc.33across.com	cdn.pixfuture.com
3	apex.go.sonobi.com	cdn.pixfuture.com
3	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	i2.wp.com	securityaffairs.co
3	i1.wp.com	securityaffairs.co
3	i0.wp.com	securityaffairs.co
2	sync.crwdcntrl.net	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	pixel-sync.sitescout.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	event.clientgear.com	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	mwzeom.zeotap.com	ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	pixel.tapad.com	1 redirects image6.pubmatic.com
2	d5p.de17a.com	2 redirects
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	sync.targeting.unrulymedia.com	2 redirects
2	mug.criteo.com	securityaffairs.co
2	gum.criteo.com	1 redirects
2	l.sharethis.com	ws.sharethis.com securityaffairs.co
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	fonts.googleapis.com	securityaffairs.co googleads.g.doubleclick.net
2	connect.facebook.net	securityaffairs.co connect.facebook.net
1	sync.ipredictive.com	1 redirects
1	spl.zeotap.com	1 redirects
1	match.bnmla.com	image6.pubmatic.com
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	match.taboola.com	image6.pubmatic.com
1	trc.taboola.com	1 redirects
1	ad4m.at	image6.pubmatic.com
1	s.tribalfusion.com	image6.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	image6.pubmatic.com
1	green.erne.co	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	rtb-csync.smartadserver.com	image6.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	abs-0.twimg.com	securityaffairs.co
1	p.rfihub.com	1 redirects
1	ssc-cms.33across.com	cdn.pixfuture.com
1	c2shb.ssp.yahoo.com	cdn.pixfuture.com
1	api.rlcdn.com	cdn.pixfuture.com
1	dt6.clnmde.com	securityaffairs.co
1	qsearch-a.akamaihd.net	securityaffairs.co
1	s.w.org	securityaffairs.co
1	pixel.wp.com	securityaffairs.co
1	secure.gravatar.com	securityaffairs.co
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	adservetx.media.net	contextual.media.net
1	google-analytics.com	securityaffairs.co
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	stats.wp.com	securityaffairs.co
1	platform-api.sharethis.com	securityaffairs.co
1	ws.sharethis.com	securityaffairs.co
1	maxcdn.bootstrapcdn.com	securityaffairs.co
1	www.googletagmanager.com	securityaffairs.co
349	109

This site contains links to these domains. Also see Links.

Domain
twitter.com
i2.wp.com
www.f5.com
research.nccgroup.com
www.facebook.com
www.linkedin.com
www.pinterest.com
plus.google.com
www.tumblr.com
www.cssii.unifi.it

Subject Issuer	Validity	Valid
www.securityaffairs.co GeoTrust RSA CA 2018	`2020-03-08` - `2021-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.clnmde.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
dt6.clnmde.com Amazon	`2020-04-27` - `2021-05-27`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh

This page contains 51 frames:

Primary Page: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Frame ID: 1C298D0CD03237BB25279EF359B357D7
Requests: 138 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 734CD1A6E67AAA77658086E2ADCEF2DB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fsecurityaffairs.co
Frame ID: 384C9A81C95BDD913E808F439D266084
Requests: 2 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 18890B284496F66118875251280C4EFA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: CB0A4685A46C3D7D6BBFF65AC05E991D
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Frame ID: 953612953B2AD2679979A8551B2EAB31
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Frame ID: B0898A9288234E88916BC5D7532CB172
Requests: 14 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Frame ID: 83397BDCFBBC8B581DE77749DA3C068A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 7825A195EC687D26AD69959569358F4B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 90F3C56042C18214A7C8AE297A545F56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3B3BA611AE4C61F9B6B18325C992A1B6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5E87E44535B398FFA1B3C2807C5F8511
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV10261.js
Frame ID: A283A9153DB02662825CF06E2C08CD3A
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV10261.js
Frame ID: 78D973C947AD7CE031182A3E2F0FD0BC
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1616243102&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102182&bpp=26&bdt=146&idt=266&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=2&ga_vid=641753397.1616243101&ga_sid=1616243102&ga_hid=1514491438&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=2567501481&scr_x=0&scr_y=0&eid=21066428%2C44739387%2C21069711&oid=3&pvsid=4407677868578281&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.h90h8b888w2p&fsb=1&xpc=HY1COIltls&p=https%3A//securityaffairs.co&dtd=287
Frame ID: B490A06AA2402EB66ED7DF2B7FFDA75C
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV10261.js
Frame ID: 568F3197EF925BA7FB916BFD552DFF48
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV10261.js
Frame ID: E6A5973DB64B9C952B2EBA9EEF2D054A
Requests: 8 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
Frame ID: B3A3A1AF0D40C977E1B400EAC49A3A4C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=1390855164&adf=1480696128&pi=t.ma~as.1139220782&w=300&lmt=1616243103&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102490&bpp=5&bdt=200&idt=574&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=933578306&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=943&biw=1600&bih=1200&isw=320&ish=50&ifk=1692680414&scr_x=0&scr_y=0&eid=21067423%2C31060352%2C44739387&oid=3&pvsid=2955020931716375&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.flwh8l6nrbql&fsb=1&xpc=vVmO1HMQTG&p=https%3A//securityaffairs.co&dtd=583
Frame ID: 188EE0214F2EB69702A31999E825566B
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F9E3959099A0A2C4E42669309F6EE026
Requests: 25 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AFF2917933E4295F2F217DE61B960AB3
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 167B7774D164CDB9E567015BA9149E82
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: B55F608840673E16538542173A05579C
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 36100D3FEA8BC07C8E471714017E7151
Requests: 4 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: B9AEE50604E356B4E1557059F98D6CE2
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B0D74F365876769B65093FE91884634D
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: ECCA40BABC50A66797519A89C6F2B600
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: 51D2E0A9F59352C2D96FA0E7539343AB
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BD6F2088DD0859F0E680DD5D6D4CE7E9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 720A1566B72280ACDEBE92E3D81D3D3B
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8422580588876264401
Frame ID: 10C2009C4AC14FCA5FB0D9B3B9B61E86
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E25B3044E7D015F3A586521D5BFC5993
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: 9633FB1A3DBCCA527039A4913252DDDD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941711274078828692
Frame ID: 73FB502B4B74CF787A1650676F244A76
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yW63AOVWEDjpj6SbpiHBWgLp
Frame ID: E35E8B21D006C756220E9C1C496ADA24
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E7F505AD8795FFAC0A97B4EB3E046D00
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: BBD5F578DD9A6291ECE2A4B8C09896EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jDtc1mGikeg4&pid=557219
Frame ID: 12CDDEFFCF6C128830AB17D1C5274903
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 10B44F9CFD23D7ED4ED8480625A6D94D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C3CD7CAD590A44A6A04C1AAD768D7F84
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 06BC7EA9CFFB060A748106A5AFB4F934
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:T19kHHyp1LnAFa5&gdpr=0&gdpr_consent=
Frame ID: DE16A6219C61B8D690DF518751313FB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: AEE5F1D6771DBAA217E209240A221052
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B05F5E96C5DDE66B7F616A68784B9115
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 18FD31FB72D26A663A47C08A75E997F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 43ADF453679B0D42C7E1EC4964F44745
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E0313EE51561EA9A0C28B6D42DF6E26D
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=D7067CB1-018B-410F-AE64-6F5674474CC7
Frame ID: 4507AB016016B1986F1836A18E7D7CC1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003
Frame ID: 6B4833B2B5AA5DC38968B33BA1A1D620
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:45C8B223DA0D42C48890B83550266340
Frame ID: FFF782146C4A346B746CE0F9E9F962F8
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 9857431C20FBEDD453B63DFB1384CDA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

349
Requests

97 %
HTTPS

36 %
IPv6

68
Domains

109
Subdomains

76
IPs

8
Countries

11292 kB
Transfer

15989 kB
Size

62
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/buffaloverflow/status/1372861157317435394
Title: said

Search URL Search Domain Scan URL

URL: https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/03/F5-BIG-IP-attacks.png?ssl=1

Search URL Search Domain Scan URL

URL: https://www.f5.com/services/support/March2021_Vulnerabilities
Title: advisory

Search URL Search Domain Scan URL

URL: https://research.nccgroup.com/2021/03/18/rift-detection-capabilities-for-recent-f5-big-ip-big-iq-icontrol-rest-api-vulnerabilities-cve-2021-22986/
Title: indicators of compromise

Search URL Search Domain Scan URL

URL: https://twitter.com/securityaffairs
Title: @securityaffairs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sec.affairs
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/pierluigi-paganini/b/742/559
Title: Pierluigi Paganini

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html&text=Threat%20actors%20are%20attempting%20to%20exploit%20CVE-2021-22986%20in%20F5%20BIG-IP%20devices%20in%20the%20wild%20
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&media=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Fwp-includes%2Fimages%2Fmedia%2Fdefault.png

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share/link?url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html

Search URL Search Domain Scan URL

URL: https://www.cssii.unifi.it/vp-89-il-center.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=8CtQDXw5SlV2cDZNLzkwNHJBT0RPUCt4OVdraW8xSWRQcTdKc1J2cmZ4V2tQZ1RUbkYxdGdoa1B2b3J3cTROMzJGWjV1aE9wVXRpUklMZXM0bWZ2dnlNQlRvcGQxTjZHczBIaDRQUDhRWlNUL3VucEtlQkhmMlJlTGk4QVczWmowdHY3dTg5eDJIUEF4eTB2UTRaWmdOa2lPSTVHeTZRYXN2U0ZMV2lrWmZ1YzVST1Z4dnplQTNDejNPdlBNdDVpa054WmxHUjBuTkxTMmhUVkNvdU5VQ2NhMjhGZ1NIM3FvbEN2cThseE1lUnNZM0NFPXw&cppv=2

Request Chain 187

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1480696129&pi=t.ma~as.1680648786&w=300&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&ea=0&flash=0&wgl=1&dt=1616243102479&bpp=10&bdt=184&idt=535&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=23&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=1352657712&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2704884558&scr_x=0&scr_y=0&eid=44735931%2C21068944%2C44737458%2C44739387&oid=3&pvsid=4262988982309806&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.y6tud9doo1ct&fsb=1&dtd=544 HTTP 302
https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MjllZGM4ZjEtYjU3OS00MDkwLTg5ZjMtMGRiN2Q5MmRkZGEx HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXXiFtpVZyqq7yucETBr1U&google_cver=1

Request Chain 210

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=29edc8f1-b579-4090-89f3-0db7d92ddda1&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=T0xZQV8zekNpODZGSHdIeEdWM0R3Zw&gdpr=&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEG6-eM2zO8OYgglnkc1-SO0&google_cver=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=jDtc1mGikeg4

Request Chain 211

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=36076055-e99f-4e00-8fa4-6929312e7278

Request Chain 212

https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0&google_hm=NGUwZTVlMGYtNjdmMy00NTk0LTg5NGYtZDI0N2Y2ZTVjZGYw HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDnDMOkH-w_NCmHu0Z4-e0I&google_cver=1&ssp=sonobi&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0

Request Chain 213

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878968563639145

Request Chain 214

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=112494b5-c340-489e-9048-54e69d69e7ef&pubid=0b24fdfc82

Request Chain 215

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4922363679 HTTP 302
https://sync.1rx.io/usersync/tradedesk/112494b5-c340-489e-9048-54e69d69e7ef HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003

Request Chain 235

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278

Request Chain 236

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NCjVU2chgVYvKIQHMHvNUWAo11EvetYHNCE9G5LF

Request Chain 237

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7700559954002210718

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1

Request Chain 241

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278

Request Chain 242

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_3Y-zax_asjkdm-ZryAmy61zOcHkJzPMrSNx80JV

Request Chain 243

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9206792487271569253

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1

Request Chain 247

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278

Request Chain 248

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Cle7alle728RV-o9X1GjawsDvzwRVOs8CgYmsbTU

Request Chain 249

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=610558415464748635

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1

Request Chain 254

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 257

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 258

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 278

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8422580588876264401

Request Chain 280

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMlkwN0FxOU1BQUJCcnRnTFdzQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir

Request Chain 281

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941711274078828692

Request Chain 282

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yW63AOVWEDjpj6SbpiHBWgLp

Request Chain 284

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 285

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jDtc1mGikeg4&pid=557219

Request Chain 287

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 288

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 289

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:T19kHHyp1LnAFa5&gdpr=0&gdpr_consent=

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1wZ8sQGLQQ-uZG9WdEdMxw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 292

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D7067CB1-018B-410F-AE64-6F5674474CC7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D7067CB1-018B-410F-AE64-6F5674474CC7&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 293

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D7067CB1-018B-410F-AE64-6F5674474CC7&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D7067CB1-018B-410F-AE64-6F5674474CC7&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D7067CB1-018B-410F-AE64-6F5674474CC7&addseg=31

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDcwNjdDQjEtMDE4Qi00MTBGLUFFNjQtNkY1Njc0NDc0Q0M3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcoZyptOfyQkhjiVqsDgsQ&google_cver=1

Request Chain 297

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=112494b5-c340-489e-9048-54e69d69e7ef

Request Chain 298

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7700559954002210718

Request Chain 299

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:36076055-e99f-4e00-8fa4-6929312e7278&gdpr=0&gdpr_consent=

Request Chain 300

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4563328050804415368&gdpr=0&gdpr_consent=

Request Chain 301

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk35abfdd5-c6c9-47d9-90bb-7e22ca728cc5&expires=7&user_group=5&ssp=pubmatic&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 303

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D7067CB1-018B-410F-AE64-6F5674474CC7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pB5BdtE2uWQJmpnnh_tvu.eEoxBBXA-~A&gdpr=0&gdpr_consent=

Request Chain 304

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z

Request Chain 305

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFXpoQAAAGa3dzoG HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFXpoQAAAGa3dzoG&gdpr=0&gdpr_consent=&_test=YFXpoQAAAGa3dzoG

Request Chain 306

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7767812612999482272&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 307

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fe20fa88-419d-495b-8420-bf0ace5f3ff1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 308

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348&gdpr=0&gdpr_consent=

Request Chain 310

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4563328050804415368

Request Chain 311

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6

Request Chain 322

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 348

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003&rndcb=6917383744 HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mka489fdb5-8640-41b6-ad2e-12a57bc0a47f&expires=7&user_group=5&ssp=adconductor&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0 HTTP 302
https://sync.1rx.io/usersync/bidswitch/4e0e5e0f-67f3-4594-894f-d247f6e5cdf0?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003

Request Chain 349

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:45C8B223DA0D42C48890B83550266340

Request Chain 351

https://pixel.onaudience.com/?partner=214&mapped=D7067CB1-018B-410F-AE64-6F5674474CC7 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=112494b5-c340-489e-9048-54e69d69e7ef&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=fb44d718381d0b152587cde6d3a4d2c HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=6e48010d7690195d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae634b38-1f01-47c5-56f6-83aa9c350d5d&reqId=e9cc43a7-f01f-4fd0-49f2-a5adac3a0ccd&zcluid=6e48010d7690195d&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHVhVEYZ6Kli0jMabepbfK4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae634b38-1f01-47c5-56f6-83aa9c350d5d&reqId=e9cc43a7-f01f-4fd0-49f2-a5adac3a0ccd&zcluid=6e48010d7690195d&zdid=1332

Request Chain 352

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=36076055-e99f-4e00-8fa4-6929312e7278

Request Chain 353

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e805a05-8977-11eb-9088-ed40862cf966&gdpr=0&gdpr_consent=

349 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request f5-big-ip-attacks-cve-2021-22986.html Show response
securityaffairs.co/wordpress/115760/hacking/ 88 KB
24 KB 1456ms
1434ms Document
text/html 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: 4a4c4669e79e1284ea4229ef37a04423aa13df76c659fb865741720c4fb2dc99

Request headers

:method: GET
:authority: securityaffairs.co
:scheme: https
:path: /wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 20 Mar 2021 12:24:58 GMT
server: Apache
x-powered-by: PHP/7.2.34
x-pingback: https://securityaffairs.co/wordpress/xmlrpc.php
link: <https://securityaffairs.co/wordpress/wp-json/>; rel="https://api.w.org/", <https://securityaffairs.co/wordpress/wp-json/wp/v2/posts/115760>; rel="alternate"; type="application/json", <https://securityaffairs.co/wordpress/?p=115760>; rel=shortlink
content-encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 24ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-59069958-1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43221c6a8e6f26d42661a8b1434c0c9358a3acede2c2ab1a0a566cf20846126e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39139
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Mar 2021 12:24:59 GMT

GET
H2 200 style.css
securityaffairs.co/wordpress/wp-includes/css/dist/block-library/ 68 KB
68 KB 30ms
26ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/css/dist/block-library/style.css?ver=90d17f278c33fd3fb9b35ecab5d843f1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b00d8dd97e940c4e27ce594c66423c6a66d369faa40feb36827e59c848770607

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Tue, 09 Mar 2021 23:33:44 GMT
server: Apache
accept-ranges: bytes
etag: "10ed7-5bd22fb2ebb51"
content-length: 69335
content-type: text/css

GET
H2 200 cookie-law-info-public.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 3 KB
3 KB 33ms
29ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Thu, 18 Mar 2021 22:58:46 GMT
server: Apache
accept-ranges: bytes
etag: "c25-5bdd78ab0a073"
content-length: 3109
content-type: text/css

GET
H2 200 cookie-law-info-gdpr.css
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/ 28 KB
28 KB 30ms
26ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Thu, 18 Mar 2021 22:58:46 GMT
server: Apache
accept-ranges: bytes
etag: "6ecf-5bdd78ab0a073"
content-length: 28367
content-type: text/css

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 14ms
11ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=90d17f278c33fd3fb9b35ecab5d843f1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 838538
cdn-cachedat: 2021-03-10 20:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08f131a0e900004abdaf830000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0660e0acd218ed3c203051d5aa784ebd
cf-ray: 632eebae4c8c4abd-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 custom.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/ 19 KB
20 KB 45ms
42ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jqueryui/custom.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 13:54:59 GMT
server: Apache
accept-ranges: bytes
etag: "4d92-52704407f72c0"
content-length: 19858
content-type: text/css

GET
H2 200 tipsy.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 539 B
683 B 32ms
29ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/tipsy.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: Apache
accept-ranges: bytes
etag: "21b-526fe6d7cd700"
content-length: 539
content-type: text/css

GET
H2 200 flexslider.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 6 KB
6 KB 45ms
43ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/flexslider.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 13:55:09 GMT
server: Apache
accept-ranges: bytes
etag: "1851-5270441180940"
content-length: 6225
content-type: text/css

GET
H2 200 mediaelementplayer-legacy.min.css
securityaffairs.co/wordpress/wp-includes/js/mediaelement/ 11 KB
11 KB 46ms
43ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "2bf8-5b61073af996a"
content-length: 11256
content-type: text/css

GET
H2 200 animation.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 2 KB
2 KB 46ms
44ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/animation.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
accept-ranges: bytes
etag: "6b4-526fe6d5e5280"
content-length: 1716
content-type: text/css

GET
H2 200 font-awesome.min.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 17 KB
18 KB 53ms
20ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
accept-ranges: bytes
etag: "4574-526fe6d5e5280"
content-length: 17780
content-type: text/css

GET
H2 200 swipebox.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 4 KB
5 KB 55ms
23ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/swipebox.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: Apache
accept-ranges: bytes
etag: "118d-526fe6e527680"
content-length: 4493
content-type: text/css

GET
H2 200 jquery.circliful.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 334 B
478 B 54ms
22ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/jquery.circliful.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 06:58:02 GMT
server: Apache
accept-ranges: bytes
etag: "14e-526fe6d5e5280"
content-length: 334
content-type: text/css

GET
H2 200 screen.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 110 KB
110 KB 61ms
28ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/screen.css?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 06:58:04 GMT
server: Apache
accept-ranges: bytes
etag: "1b844-526fe6d7cd700"
content-length: 112708
content-type: text/css

GET
H2 200 custom-css.php
securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/ 12 KB
12 KB 97ms
59ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/templates/custom-css.php?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache / PHP/7.2.34
Resource Hash: 18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
server: Apache
x-powered-by: PHP/7.2.34
content-type: text/css; charset: UTF-8;charset=UTF-8

GET
H2 200 grid.css
securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/ 49 KB
50 KB 66ms
27ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/grid.css?ver=90d17f278c33fd3fb9b35ecab5d843f1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 16 Dec 2015 06:58:03 GMT
server: Apache
accept-ranges: bytes
etag: "c5f2-526fe6d6d94c0"
content-length: 50674
content-type: text/css

GET
H2 200 frontend-gtag.js Show response
securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 23 KB
23 KB 61ms
22ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.js?ver=1616243099
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0cdc6e956294d2e2352f1c0a62b2ba989108b6e04338e0d24a14b452335697a6

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Thu, 18 Mar 2021 22:58:48 GMT
server: Apache
accept-ranges: bytes
etag: "5b2e-5bdd78ad87b99"
content-length: 23342
content-type: application/javascript

GET
H2 200 jquery.js Show response
securityaffairs.co/wordpress/wp-includes/js/jquery/ 281 KB
281 KB 66ms
28ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery.js?ver=3.5.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "463a2-5b61073af5aea"
content-length: 287650
content-type: application/javascript

GET
H2 200 jquery-migrate.js Show response
securityaffairs.co/wordpress/wp-includes/js/jquery/ 25 KB
25 KB 78ms
32ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "62d4-5b61073af5aea"
content-length: 25300
content-type: application/javascript

GET
H2 200 cookie-law-info-public.js Show response
securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/ 35 KB
35 KB 79ms
31ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 8c8c2e3e0af8248c66e02fd3901558e969a7b0f35cf1fe0da4872e01f77e2ebd

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Thu, 18 Mar 2021 22:58:46 GMT
server: Apache
accept-ranges: bytes
etag: "8bdf-5bdd78ab0b013"
content-length: 35807
content-type: application/javascript

GET
H2 200 medianetAdInjector.js Show response
securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/ 741 B
895 B 79ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.12
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: c8817bacfc84fd39e4daec4096011ed3d117c7fe8b3c55fdd22af47c299099bc

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Tue, 09 Mar 2021 23:34:48 GMT
server: Apache
accept-ranges: bytes
etag: "2e5-5bd22feff7aba"
content-length: 741
content-type: application/javascript

GET
H2 200 st_insights.js Show response
ws.sharethis.com/button/ 26 KB
8 KB 9ms
8ms Script
application/javascript 2600:9000:211e:c000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:30:31 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 71668
etag: W/"60256fd5-676f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 753f415578c1ca010e51a83aef192331.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA56-C2
x-robots-tag: noindex, nofollow
content-length: 7567
x-amz-cf-id: sy4DKndpLHkMMU3j2l_-aPtuH5DLFLVX3yb0tr6UObNxTVh0pfgsFw==
expires: Mon, 22 Mar 2021 16:30:31 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 36ms
10ms Script
text/javascript 2600:9000:2182:7200:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:7200:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d5059f32fbb319603fd421035ba8ae20f2a80c2978279efb10cba65961bdcfe9

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:32 GMT
content-encoding: gzip
age: 27
etag: W/"192cc-S85VNqqDcmpq46cMbazrSJLaAD0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 2B1y2QfsLgyf0uJ5f3jvF_hXi1777WVhBew6GCmRD891Hw6pC3V53w==

GET
H2 200 shield-antibot.js Show response
securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/ 3 KB
3 KB 71ms
28ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/wp-simple-firewall/resources/js/shield-antibot.js?ver=10.2.6&mtime=1614035450
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: af7abdbcee9fe7d9eed8ff21d4a2ef12c31d2c374b77c8c67b1bf7c8b752f925

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Mon, 22 Feb 2021 23:10:50 GMT
server: Apache
accept-ranges: bytes
etag: "bc9-5bbf4e9af07c2"
content-length: 3017
content-type: application/javascript

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 150 KB
51 KB 145ms
86ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a92f2247613f0b6a7d3d9c6f36b88cdc35661ec8559c4c51c9c5267aaac464bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 10-2
content-encoding: gzip
server: Apache
etag: "ece041e6e7767bd82775f0400feef902"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Sat, 20 Mar 2021 12:25:00 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-3
expires: Sat, 20 Mar 2021 12:30:00 GMT

GET
H2 200 logo_SecurityAffairs.png
securityaffairs.co/wordpress/wp-content/uploads/2015/12/ 44 KB
44 KB 17ms
16ms Image
image/png 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2015/12/logo_SecurityAffairs.png
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 17:30:42 GMT
server: Apache
accept-ranges: bytes
etag: "b0e9-5270743f5f480"
content-length: 45289
content-type: image/png

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 973 B
2 KB 352ms
117ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:00 GMT
Last-Modified: Tue, 02 Mar 2021 20:36:48 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "603ea1e0-3cd"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 973
Expires: Mon, 22 Mar 2021 12:25:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 116ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B73) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6B73)
Age: 721
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 33ms
33ms Script
application/x-javascript 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00a:e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c5feff96c2489d2f544705b1a07cceb9e9f66cebb1c2f79ac9c8873997b80dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DTSf3H1bYbF72dVINekdOg==
cross-origin-resource-policy: cross-origin
expires: Sat, 20 Mar 2021 12:29:31 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1782
x-fb-rlafr: 0
x-fb-debug: cTzUVs5YNimTSQRlFtkENmKTfwC+8nB4KwHglGzlJDS24ITij61j6krnBoYAJbAlOxiISEirTBgsLSN27cRHVQ==
x-fb-trip-id: 1082456386
x-fb-content-md5: 56701d5c2eb626e268003c0f2b24f791
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 20 Mar 2021 12:25:01 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "78a953ecc8eb2007bb6c10ef3ea404cc"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 facebook.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 830 B
1 KB 122ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Jun 2020 20:34:29 GMT
server: nginx
etag: "509a053c355d6394"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png>; rel="canonical"
content-length: 830
expires: Sat, 11 Jun 2022 08:34:29 GMT

GET
H2 200 twitter.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
1 KB 40ms
39ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Jun 2020 20:34:29 GMT
server: nginx
etag: "93b18115ddb7cc81"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/twitter.png>; rel="canonical"
content-length: 1082
expires: Sat, 11 Jun 2022 08:34:29 GMT

GET
H2 200 linkedin.png
i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/ 1 KB
1 KB 40ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png?ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Jun 2020 20:34:29 GMT
server: nginx
etag: "c9a9d33942c7897d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/linkedin.png>; rel="canonical"
content-length: 1184
expires: Sat, 11 Jun 2022 08:34:29 GMT

GET
H2 200 Tesla-Model-X.jpg
securityaffairs.co/wordpress/wp-content/uploads/2017/07/ 31 KB
31 KB 27ms
24ms Image
image/jpeg 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2017/07/Tesla-Model-X.jpg
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 4f4d8338a308921d0148b2a613a9272058f49f1486b2cbbea9aa88a10fffb05d

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
last-modified: Sat, 29 Jul 2017 13:41:30 GMT
server: Apache
accept-ranges: bytes
etag: "7be7-55574f488832f"
content-length: 31719
content-type: image/jpeg

GET
H2 200 Amazon-Elastic-Kubernetes-Service-EKS.png
securityaffairs.co/wordpress/wp-content/uploads/2021/03/ 41 KB
41 KB 27ms
25ms Image
image/png 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityaffairs.co/wordpress/wp-content/uploads/2021/03/Amazon-Elastic-Kubernetes-Service-EKS.png
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e1d439780cddc5ad08a7645b7b5b7508de75a8e38d01a8a84327194fb7eb6de9

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
last-modified: Fri, 19 Mar 2021 20:18:50 GMT
server: Apache
accept-ranges: bytes
etag: "a228-5bde96c98f821"
content-length: 41512
content-type: image/png

GET
H2 200 Amazon-Elastic-Kubernetes-Service-EKS.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/03/ 4 KB
4 KB 42ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/03/Amazon-Elastic-Kubernetes-Service-EKS.png?resize=300%2C240&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d332948bbf924b4ac96790446758649e02c90f08cf5f3714b5c20def224ef194

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 21:52:28 GMT
server: nginx
etag: "b658291cbc2c84eb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2021/03/Amazon-Elastic-Kubernetes-Service-EKS.png>; rel="canonical"
content-length: 4342
expires: Mon, 20 Mar 2023 09:52:28 GMT

GET
H2 200 ssba.css
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ 122 KB
122 KB 19ms
18ms Stylesheet
text/css 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=90d17f278c33fd3fb9b35ecab5d843f1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:59 GMT
last-modified: Fri, 25 Dec 2020 23:58:53 GMT
server: Apache
accept-ranges: bytes
etag: "1e76e-5b752b4e76df8"
content-length: 124782
content-type: text/css

GET
H2 200 photon.js Show response
securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/ 2 KB
2 KB 21ms
21ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20191001
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 03 Mar 2021 00:18:15 GMT
server: Apache
accept-ranges: bytes
etag: "6e0-5bc96c98192df"
content-length: 1760
content-type: application/javascript

GET
H2 200 jquery.adrotate.clicktracker.js Show response
securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/ 365 B
519 B 18ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Thu, 18 Mar 2021 22:58:44 GMT
server: Apache
accept-ranges: bytes
etag: "16d-5bdd78a9874f0"
content-length: 365
content-type: application/javascript

GET
H2 200 ssba.js Show response
securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ 2 KB
2 KB 16ms
16ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=90d17f278c33fd3fb9b35ecab5d843f1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Fri, 25 Dec 2020 23:58:53 GMT
server: Apache
accept-ranges: bytes
etag: "792-5b752b4e7bc18"
content-length: 1938
content-type: application/javascript

GET
H2 200 hint.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 987 B
1 KB 18ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/hint.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "3db-526fe6e433440"
content-length: 987
content-type: application/javascript

GET
H2 200 jquery.tipsy.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 4 KB
4 KB 16ms
16ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.tipsy.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "1113-526fe6e433440"
content-length: 4371
content-type: application/javascript

GET
H2 200 jquery.easing.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 8 KB
8 KB 17ms
17ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.easing.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "1fa1-526fe6e433440"
content-length: 8097
content-type: application/javascript

GET
H2 200 browser.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 3 KB
3 KB 18ms
17ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/browser.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: Apache
accept-ranges: bytes
etag: "a36-526fe6e33f200"
content-length: 2614
content-type: application/javascript

GET
H2 200 jquery.flexslider-min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/ 21 KB
21 KB 17ms
17ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/flexslider/jquery.flexslider-min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 13:55:10 GMT
server: Apache
accept-ranges: bytes
etag: "53ae-5270441274b80"
content-length: 21422
content-type: application/javascript

GET
H2 200 waypoints.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 8 KB
8 KB 16ms
16ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/waypoints.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:18 GMT
server: Apache
accept-ranges: bytes
etag: "1f6c-526fe6e527680"
content-length: 8044
content-type: application/javascript

GET
H2 200 mediaelement-and-player.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/ 69 KB
70 KB 21ms
20ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/mediaelement/mediaelement-and-player.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 13:55:14 GMT
server: Apache
accept-ranges: bytes
etag: "11571-5270441645480"
content-length: 71025
content-type: application/javascript

GET
H2 200 jquery.swipebox.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 11 KB
11 KB 17ms
16ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.swipebox.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "2a67-526fe6e433440"
content-length: 10855
content-type: application/javascript

GET
H2 200 jquery.circliful.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 3 KB
3 KB 16ms
15ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.circliful.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "c18-526fe6e433440"
content-length: 3096
content-type: application/javascript

GET
H2 200 jquery.smarticker.min.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 13 KB
13 KB 17ms
17ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/jquery.smarticker.min.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:17 GMT
server: Apache
accept-ranges: bytes
etag: "3225-526fe6e433440"
content-length: 12837
content-type: application/javascript

GET
H2 200 custom.js Show response
securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/ 12 KB
13 KB 18ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/js/custom.js?ver=1.4.1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Wed, 16 Dec 2015 06:58:16 GMT
server: Apache
accept-ranges: bytes
etag: "31d4-526fe6e33f200"
content-length: 12756
content-type: application/javascript

GET
H2 200 wp-embed.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 3 KB
3 KB 18ms
18ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/wp-embed.js?ver=90d17f278c33fd3fb9b35ecab5d843f1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:00 GMT
last-modified: Thu, 21 Feb 2019 22:56:38 GMT
server: Apache
accept-ranges: bytes
etag: "c8e-5826f6315ef61"
content-length: 3214
content-type: application/javascript

GET
H2 200 e-202111.js Show response
stats.wp.com/ 9 KB
3 KB 25ms
24ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202111.js
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 06 Mar 2022 22:21:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3396
date: Sat, 20 Mar 2021 11:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 20 Mar 2021 13:28:25 GMT

GET
H2 200 twemoji.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 27 KB
28 KB 25ms
24ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/twemoji.js?ver=90d17f278c33fd3fb9b35ecab5d843f1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
last-modified: Wed, 09 Dec 2020 23:31:00 GMT
server: Apache
accept-ranges: bytes
etag: "6d6a-5b61073b100ca"
content-length: 28010
content-type: application/javascript

GET
H2 200 wp-emoji.js Show response
securityaffairs.co/wordpress/wp-includes/js/ 9 KB
9 KB 28ms
26ms Script
application/javascript 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-includes/js/wp-emoji.js?ver=90d17f278c33fd3fb9b35ecab5d843f1
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Referer: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
last-modified: Tue, 31 Mar 2020 22:49:14 GMT
server: Apache
accept-ranges: bytes
etag: "231d-5a22e608152f1"
content-length: 8989
content-type: application/javascript

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 35ms
33ms Script
application/x-javascript 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=750a230f054288175518d806c7e8090d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00a:e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4beb87b9f88cc7ab1cbe1b0bf70521de9c4d95b783fab2c8d604269b8c32826b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cxMtrAlwoKPHNIM6nrU/VA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60836
x-fb-rlafr: 0
x-fb-debug: q5pf8wsyluhrlr7jidNJH9cmJEaqekNxA8hnrtFlpl2W0TK/Uiee/KLZZUd9lTGLAm9ZkOuqB8rAbi+nGlItmQ==
x-fb-trip-id: 1082456386
x-fb-content-md5: 07c3c318773a94848496074535de50c0
x-frame-options: DENY
date: Sat, 20 Mar 2021 12:25:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4060ca5b5c6942d3d3ddbab0f90c94f8"
timing-allow-origin: *
expires: Sun, 20 Mar 2022 11:38:19 GMT

GET
H2 200 5b71b64b04b9a500117b1015.js Show response
buttons-config.sharethis.com/js/ 30 B
380 B 30ms
9ms Script
text/javascript 2600:9000:2182:8400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5b71b64b04b9a500117b1015.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:8400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:52 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
last-modified: Mon, 13 Aug 2018 16:48:12 GMT
server: AmazonS3
age: 10
etag: "e6e1643313740711175f51662a65b42f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 30
x-amz-cf-id: DcG_mSkVfqdw6DsA0v0jpvm5h-tlpqdzAvsBsyOpUw36E7p_cZD1Ng==

GET
H2 200 analytics.js Show response
google-analytics.com/ 46 KB
19 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/analytics.js

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4604
date: Sat, 20 Mar 2021 11:08:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 20 Mar 2021 13:08:17 GMT

GET
H2 200 fontawesome-webfont.woff
securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/ 43 KB
44 KB 26ms
26ms Font
application/font-woff 2001:8d8:100f:f000::289
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::289 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/wordpress/wp-content/themes/rigel_old/css/font-awesome.min.css?ver=1.4.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
last-modified: Wed, 16 Dec 2015 06:58:09 GMT
server: Apache
accept-ranges: bytes
etag: "ad90-526fe6dc92240"
content-length: 44432
content-type: application/font-woff

GET
H/1.1 200
OK videoAds.js Show response
adservetx.media.net/ 6 KB
3 KB 144ms
42ms Script
text/javascript 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adservetx.media.net/videoAds.js?cid=8CU5BD6EW&crid=126440378&dn=securityaffairs.co&https=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e274423febb58596ae6d3754a54fb2c0dfb061c45001c7b8173186196bf45c33

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:01 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 2723
Expires: Sat, 20 Mar 2021 12:30:01 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 734C 2 KB
1 KB 10ms
10ms Document
text/html 2600:9000:2182:6e00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:6e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
date: Sat, 20 Mar 2021 12:18:21 GMT
cache-control: max-age=3600, public
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: RQ-KUMs_fjT1LiP2DgXVo-uN21AUt5mEWCfga94sqH6CkuB19hAi2w==
age: 400

GET
H2 200 F5-BIG-IP-attacks.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/03/ 46 KB
46 KB 47ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2021/03/F5-BIG-IP-attacks.png?resize=1024%2C460&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b5e556ff4a0b0661c9c52bafc4c79617955d3fb13b240628551db2d4f0581a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 21:52:28 GMT
server: nginx
etag: "44909ab10af3d8c1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2021/03/F5-BIG-IP-attacks.png>; rel="canonical"
content-length: 47144
expires: Mon, 20 Mar 2023 09:52:28 GMT

GET
H2 200 hb_v2.js Show response
cdn.pixfuture.com/ 33 KB
33 KB 30ms
13ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/hb_v2.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c4c28d6e6e7e34bafea314177ae513eed531e3f297093d858a471bf1b3bf33

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 78827
cf-polished: origSize=40636
cf-bgj: minify
cf-request-id: 08f131a69700004eb6bfb58000000001
last-modified: Fri, 19 Mar 2021 14:30:07 GMT
server: cloudflare
etag: W/"6054b56f-9ebc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=axzeacq4rWk3OzAnEjbi2ZkDTU90zxb2xguPvRkb9rldVtdcMnBkxjSrtBntryRHtAQgWgBtnsv27apP5bxQ9%2F%2FqnmTz8wvgOifMka%2FZMQ26biUxG3Ib%2BA9rXsRrxw%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 632eebb758c24eb6-FRA
expires: Sun, 21 Mar 2021 14:31:14 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ 107 KB
33 KB 127ms
55ms Script
text/javascript 23.32.238.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.32.238.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-131.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: f23c005bfd2a0e63888b59024e3f24d81c796d3229325cc266746486d8633b15

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:01 GMT
Content-Encoding: gzip
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 33824
Expires: Sat, 20 Mar 2021 12:55:01 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 80 KB
24 KB 891ms
891ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=816788371&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&nse=5&vi=1616243100374715847&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5cd2c136f7e961bf9af4b1efc5a3b341deef61d1aa0720f9c513a9b64297da07

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 10-7
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Sat, 20 Mar 2021 12:25:02 GMT
x-mnt-w: 8-3, 8-21
content-length: 24164
expires: Sat, 20 Mar 2021 12:30:02 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 63ms
61ms Image
image/gif 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=816788371&vi=1616243100374715847&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886780938&r=1616243101343&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001616243101338031140534839196&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:01 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 20 Mar 2021 12:25:01 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 80 KB
24 KB 859ms
858ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=816788371&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&nse=5&vi=1616243100971474346&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e4bde64bf35f53b194812011afbed356ba646651528c0fcb8db1c1d9673cd202

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 10-7
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Sat, 20 Mar 2021 12:25:02 GMT
x-mnt-w: 8-11, 8-1
content-length: 24096
expires: Sat, 20 Mar 2021 12:30:02 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 123ms
122ms Image
image/gif 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=816788371&vi=1616243100971474346&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886780938&r=1616243101349&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001616243101338031140534839196&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:01 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 20 Mar 2021 12:25:01 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 15ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1331227426&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&ul=en-us&de=UTF-8&dt=Threat%20actors%20are%20attempting%20to%20exploit%20the%20CVE-2021-22986%20flaw%20in%20F5%20BIG-IP%20devices%20in%20the%20wildSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=477058647&gjid=1718180714&cid=641753397.1616243101&tid=UA-59069958-1&_gid=2014133072.1616243101&_r=1&did=dNDMyYj&gtm=2ou3a0&z=1098574145

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1331227426&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&ul=en-us&de=UTF-8&dt=Threat%20actors%20are%20attempting%20to%20exploit%20the%20CVE-2021-22986%20flaw%20in%20F5%20BIG-IP%20devices%20in%20the%20wildSecurity%20Affairs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=316948426&gjid=1377936342&cid=641753397.1616243101&tid=UA-59069958-1&_gid=2014133072.1616243101&_r=1&_slc=1&z=1272446185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f00db26378ef7df7c440a8ee60ead62b
secure.gravatar.com/avatar/ 1 KB
1 KB 19ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 20 Mar 2021 12:25:01 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="f00db26378ef7df7c440a8ee60ead62b.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/f00db26378ef7df7c440a8ee60ead62b?s=60&d=mm&r=g>; rel="canonical"
content-length: 1186
expires: Sat, 20 Mar 2021 12:30:01 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 80 KB
24 KB 867ms
866ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=184323154&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&nse=5&vi=1616243100349345864&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9bbb4c0f1637ff04d08c36f7848ed1e65f32744592e5da1ea191707091742e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 10-7
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Sat, 20 Mar 2021 12:25:02 GMT
x-mnt-w: 10-15, 10-16
content-length: 24616
expires: Sat, 20 Mar 2021 12:30:02 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 221ms
221ms Image
image/gif 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&vi=1616243100349345864&ugd=4&lf=6&cc=CH&sc=ZH&wsip=2886780938&r=1616243101421&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001616243101418031140534834069&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:01 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 20 Mar 2021 12:25:01 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ 82 KB
25 KB 866ms
865ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CU5BD6EW&cpcd=RlAcVccC-RdUYIl-LjF9ag%3D%3D&crid=647633027&size=300x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&nse=5&vi=1616243100845710280&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d1e2c1dab170432cc819b4c52514b6d85101c617733920bea98b1cc36acafa9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2: 10-7
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Sat, 20 Mar 2021 12:25:02 GMT
x-mnt-w: 10-13, 10-7
content-length: 24900
expires: Sat, 20 Mar 2021 12:30:02 GMT

GET
H2 200 bping.php
lg3.media.net/ 35 B
189 B 329ms
329ms Image
image/gif 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&vi=1616243100845710280&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886780938&r=1616243101425&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001616243101423031140534836640&gdpr=0&vgd_end=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:01 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 20 Mar 2021 12:25:01 GMT

GET
H2 200 pbix.js Show response
cdn.pixfuture.com/ 361 KB
362 KB 20ms
20ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pbix.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6728b678a966b43da0db83cb0c0c4dbdf4e24d2bd10a3356bb64466779f936d

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 78827
cf-polished: origSize=369861
cf-bgj: minify
cf-request-id: 08f131a70000004eb6d29d8000000001
last-modified: Mon, 15 Mar 2021 14:43:41 GMT
server: cloudflare
etag: W/"604f729d-5a4c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kn4Bp3dcvaCBxjj95MmySxSs6qjkaKq%2FbGBpcBT9KP4soq1mcla6VTk640iOhPSqeClMe7qeC50ntkTM1fgexzVP3r%2F0MzsEdyx5bt7VA%2Bx0VVVghVvIsJ%2FPpslv%2Fg%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 632eebb809e54eb6-FRA
expires: Sun, 21 Mar 2021 14:31:14 GMT

GET
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 393ms
158ms XHR
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24274x728x90x4142x_ADSLOT1&keywords=threat,actors,are,attempting,exploit,cve202122986,flaw,f5,bigip,devices,wildsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&jscookie=_ga=GA1.2.641753397.1616243101;%20_gid=GA1.2.2014133072.1616243101;%20_gat_gtag_UA_59069958_1=1;%20_gat=1;%20session_depth=securityaffairs.co%253D1%257C816788371%253D2%257C184323154%253D1%257C647633027%253D1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6b0116cc24564b4e68e1bf19bf7bbdcc8ec1102044c85a34816a35ea9dd00546

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:01 GMT
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:01 GMT

GET
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 3 KB
3 KB 396ms
158ms XHR
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=threat,actors,are,attempting,exploit,cve202122986,flaw,f5,bigip,devices,wildsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&jscookie=_ga=GA1.2.641753397.1616243101;%20_gid=GA1.2.2014133072.1616243101;%20_gat_gtag_UA_59069958_1=1;%20_gat=1;%20session_depth=securityaffairs.co%253D1%257C816788371%253D2%257C184323154%253D1%257C647633027%253D1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b9494c6294517e0663f735befb1f40c0a729e5d08e2bdc42c88028c6332675e3

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:01 GMT
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:01 GMT

GET
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 3 KB
3 KB 386ms
154ms XHR
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24272x320x50x4142x_ADSLOT1&keywords=threat,actors,are,attempting,exploit,cve202122986,flaw,f5,bigip,devices,wildsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&jscookie=_ga=GA1.2.641753397.1616243101;%20_gid=GA1.2.2014133072.1616243101;%20_gat_gtag_UA_59069958_1=1;%20_gat=1;%20session_depth=securityaffairs.co%253D1%257C816788371%253D2%257C184323154%253D1%257C647633027%253D1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b9494c6294517e0663f735befb1f40c0a729e5d08e2bdc42c88028c6332675e3

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:01 GMT
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:01 GMT

GET
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 3 KB
3 KB 389ms
155ms XHR
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=24270x300x250x4142x_ADSLOT1&keywords=threat,actors,are,attempting,exploit,cve202122986,flaw,f5,bigip,devices,wildsecurity,affairs&refUrl=&refresh=false&innerWidth=1600&jscookie=_ga=GA1.2.641753397.1616243101;%20_gid=GA1.2.2014133072.1616243101;%20_gat_gtag_UA_59069958_1=1;%20_gat=1;%20session_depth=securityaffairs.co%253D1%257C816788371%253D2%257C184323154%253D1%257C647633027%253D1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a8cbb8ef1834a1ee98823ea1a764283acd1bcc69e82c1c24b974048a361d6e84

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:01 GMT
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:01 GMT

GET
H2 200 Digging-The-Deep-Web.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/ 6 KB
6 KB 42ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png?resize=236%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
x-bytes-saved: 46713
content-length: 6414
x-nc: HIT ams 6
last-modified: Wed, 10 Jun 2020 20:34:29 GMT
server: nginx
etag: "012d3c7ccbeb8560"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2018/03/Digging-The-Deep-Web.png>; rel="canonical"
expires: Sat, 11 Jun 2022 08:34:29 GMT

GET
H2 200 securityaffairs-best-european-blog2.png
i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/ 10 KB
10 KB 45ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png?resize=300%2C217&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
x-bytes-saved: 103276
content-length: 10314
x-nc: HIT ams 7
last-modified: Tue, 02 Jun 2020 21:29:55 GMT
server: nginx
etag: "c8c3d7b06b174426"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/06/securityaffairs-best-european-blog2.png>; rel="canonical"
expires: Fri, 03 Jun 2022 09:29:55 GMT

GET
H2 200 logo-center-for-cybersecurity.jpg
i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/ 7 KB
7 KB 47ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg?resize=290%2C300&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 09:11:16 GMT
server: nginx
etag: "34ce616fe3b10b35"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2020/10/logo-center-for-cybersecurity.jpg>; rel="canonical"
content-length: 7482
expires: Wed, 26 Oct 2022 21:11:16 GMT

GET
H2 200 newsletter.png
i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/ 6 KB
6 KB 49ms
49ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png?resize=300%2C207&ssl=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Sat, 20 Mar 2021 12:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Dec 2020 07:42:49 GMT
server: nginx
etag: "87af94f3ac2df9da"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://securityaffairs.co/wordpress/wp-content/uploads/2015/03/newsletter.png>; rel="canonical"
content-length: 6336
expires: Thu, 15 Dec 2022 19:42:49 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 23ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5&blog=29506073&post=115760&tz=0&srv=securityaffairs.co&host=securityaffairs.co&ref=&fcp=2853&rand=0.20053566050996618
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 1f1fa-1f1f8.svg
s.w.org/images/core/emoji/13.0.1/svg/ 2 KB
935 B 73ms
23ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f1fa-1f1f8.svg

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1feca2279a6e78133bf577b99e4f3e82896622c255d29017cec5f5cfa93e4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame 384C 320 KB
104 KB 14ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fsecurityaffairs.co
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 833653
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Mar 2021 12:25:01 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
329 B 111ms
31ms Image
image/gif 2.16.186.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=videoerror&cid=8CU5BD6EW&crid=null&dn=securityaffairs.co&REASON=33&ACTION=0&visitorId=2590052659342820000V10&dc=0&adtagId=126440378&bidder_id=99999&biddertagid=99999&bsr=Chrome_89&dt=desktop&os=WIN&id=00001616243101569031811934284869&purl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:01 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 20 Mar 2021 12:25:01 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
340 B 25ms
25ms XHR
text/plain 52.29.155.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1616243101200.67377&hostname=securityaffairs.co&location=%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=369&consent_duration=369&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&title=Threat%20actors%20are%20attempting%20to%20exploit%20the%20CVE-2021-22986%20flaw%20in%20F5%20BIG-IP%20devices%20in%20the%20wildSecurity%20Affairs&sop=false&description=Cybersecurity%20experts%20warn%20of%20ongoing%20attacks%20aimed%20at%20exploiting%20a%20recently%20patched%20critical%20vulnerability%20in%20F5%20BIG-IP%20and%20BIG-IQ%20networking%20devices.%20Cybersecurity%20experts%20from%20NCC%20Group%C2%A0and%C2%A0Bad%20Packets%20security%20firm%20this%20week%20detected%20a%20wave%20of%20attacks%20exploiting%20a%20recently%20patched%20critical%20vulnerability%2C%20tracked%20as%20CVE-2021-22986%2C%20in%20F5%20BIG-IP%20and%20BIG-IQ%20networking%20devices.%20%E2%80%9CAfter%20seeing%20lots%20%5B%E2%80%A6%5D
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:01 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://securityaffairs.co
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 1889 12 KB
4 KB 29ms
28ms Document
text/html 23.32.238.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.32.238.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-131.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 508a8b73dfefe6e9998cca8a66aef5f7b9b5a8b24b35ae0e6e8a02f37d4a2c93

Request headers

Host: pxlclnmdecom-a.akamaihd.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Content-Type: text/html; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Sat, 20 Mar 2021 12:55:01 GMT
Date: Sat, 20 Mar 2021 12:25:01 GMT
Content-Length: 3752
Connection: keep-alive

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
328 B 372ms
119ms Other
text/html 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

GET
H2 200 cenw.js Show response
dt.clnmde.com/ 36 B
359 B 368ms
118ms XHR
text/html 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: a1f301821cf01ba8b2339975d41f8479279a917a6c494a71116b40d07a2d42a1

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-EdrypTbhJ35VcngQvoTgrQ"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H2 200 ptmdDual
dt6.clnmde.com/ 70 B
331 B 272ms
87ms Image
image/gif 2600:1f18:42df:3a00:13f0:d148:35f2:a1d9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%221616243101587342995785%22%2C%22za%22%3A1%2C%22gcd%22%3A1616243101601%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:42df:3a00:13f0:d148:35f2:a1d9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:01 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
331 B 360ms
118ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4IgxmAWDWIFwG0QA4CMA2A7M5BmTqIANChtngcSOgCybq64AMATJiALokAOAlgCYAXeEiZUxJMVxAAnAKYAzAKoyANsMQgq26QGcZYFepEhIgwd10BSXAEErLAGIPHuuWACuM3oICeAQwUFf14ZXQA6MAB7FwB3KJl+bnldaydUVABWeiYXSH8waF4AOwBzFwVMgFoAI15Sqt5uKv9zAuhdKrAANzkqllZUfpYATmR0cLMAW1UqMwtrOxcXN09vP0Dg0IjouISklLTHDOz0XKd8wpLyp0ra+sbm1sF2zp6+gZYhllHxycEZnNzJYbPYnCt3F4fAEgiEwpEYk54olknJUi4Tjk8u1rhVqnUGk0Wm1Cm9ev1BsMxhNprNpN1dAB9AQaBDFDyqVREdmc7kc1TSSAM5lCExMcVMDAYFg0XCoSWMZBMOWoGhMTK4Gh4EaoEbocQSqXoGVyhW4JUqtUarW4HV6g3io0m+WqljMS3qzV4dC0KQkTy6QQi1koADCSkyACEACLoACiAHUqMhw1HY4nk6mY-Gk9IwDJuiZgAAdUhYHD4VCluAlkB+bhyaul-Mi0tEUvdXit+Clp2y+VMEYEOiymjoNuloVMgRNkASyXoaX9s0WjJWr223XjkAAXx3VFraHLFCr8Fr9cbPfAMm77ZAne7cF7i+Ny+VmDoWWQdAnpmFM6vec+1NVBFWVNdPRtO1tz3TgSEDVoPF0EQaCIRg0NQ3BMjQ9A0MwNDkDQkYiEw3AMLQ7DcFw-ACKIki0LIzUKJwvCCOkAAvfx4FQHhSnge8qDkYpCzgEBuCoUpIH44CXUyZBME1UYRmyZBMioQRkNE10xiYD9jUyOSqAZfiJiYcJzRYKh-FmOAyJABQwHgKoeJAORBF4biX2dSV4MEPi4CYeDYC0rzl1QRkvi1Vhv2UrDBKaaTVPCLIJlQTBMmS3TBI8Li4BcjwPICkg5G6GyEFAYp-CmOR+Lqfh+DkG8BCofhWly0A6oapr+HgHkuXvLtmpCpdTUHYcP01fU9yICqqpq0TOsakUWras8QEW7rev5EgHyGkAZPFfBPzkuhdx3PRVEDaTQpAuSJBAVQFG4nbBp64bX1G79snlFglSoAMgz2lMI2zDMSFKRy8pul0XxIABHeaXIUQqWB3IA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:01 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 356ms
118ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4IgxgTgbiBcDaJgB0QA4CMA2A7GtAzDhqrCiAC4CeADgKamqQD6AlgCaoA0qUrbnOKmzYATABYCGAAzSAnMXE5J4rN1QALKAGcBjELNkisEqdIwECaaVIzjpAVgLjCcjHLUgAvl5BckqJi4+EQkcOTU9PosHOogfHpCIMamMjbKxA5oSnFaurFJhuZYYpIyFlY2GHaOzq7unj5+ASBYSliW0qI4pBG0DEkxgjzx-AWwwiUmZbLZDsRd1rk6iRMGhikzdqIEVTVOLgRYbdKoTQC6-mBgGgDWcIgY2QQ7GA7iIJcgNBwUDwaffwQOgAMwAqhAADZ-BAgQEgbQQMAQ6H-DQUCg0bQAUgIAEFsaIAGKEonaOhgACuEFY1AAhiCQXTWBBtAA6MAAe1JAHdORB2DRgdoccTqvMsNJSRo6WBbqwAHYAc1JIIcAFoAEasJXq1g0dV0jGy27adVgKB0dWiLoYa2iORoLBs9EAW0h8JWvweCspkMhXzyAhhiCKmzMdiee3sB0I9iwcnhVO0FGD-zQAGEwQ4AEIAESwAFEAOrwlNGynaB4EORccRcSwN+sEBwNrANnANtBfABedLgGH8NCVcHizToCpgsG+zSVGlH4fKWRwzgdcnmaAczQoVen20d0mUJgcWWaOlHzukbKsomadI9sAI-hBYDg6sHIDoFFYA6mqXM-gpiOsDSIB9x7n+WzMKIdjWKI2Tri2476gum5sm8zoYDgDjoYe46Uv2sAfpSP4gf4dBQA+8CgAqdKunQo7auw7B0BAAjNOwRqEaATEsWxHBwL6-r+AkAkQaUZjyIoyjOFg3heFwNF0Qx068ax7H+JxFDcSAan8ewgl+pCIljAZ4nTJJRBKG82Q4PJikgLR9GMRwfEaSAWk6Xp7GwEJxmjD5ySQZJcwLPB0jyV82iQimC7BUu1jNJCIIDiZgWLrIzhyM4WRtM0yapmJ6BZrmBYlrOr5EfFxSiKI-gAI4qR+IKkQQXhAA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:01 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 26ms
25ms Image
text/plain 52.29.155.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1616243101200.67377&hostname=securityaffairs.co&location=%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&bsamesite=true&consent_cookie_duration=369&consent_duration=369&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&title=Threat%20actors%20are%20attempting%20to%20exploit%20the%20CVE-2021-22986%20flaw%20in%20F5%20BIG-IP%20devices%20in%20the%20wildSecurity%20Affairs&sop=false&description=Cybersecurity%20experts%20warn%20of%20ongoing%20attacks%20aimed%20at%20exploiting%20a%20recently%20patched%20critical%20vulnerability%20in%20F5%20BIG-IP%20and%20BIG-IQ%20networking%20devices.%20Cybersecurity%20experts%20from%20NCC%20Group%C2%A0and%C2%A0Bad%20Packets%20security%20firm%20this%20week%20detected%20a%20wave%20of%20attacks%20exploiting%20a%20recently%20patched%20critical%20vulnerability%2C%20tracked%20as%20CVE-2021-22986%2C%20in%20F5%20BIG-IP%20and%20BIG-IQ%20networking%20devices.%20%E2%80%9CAfter%20seeing%20lots%20%5B%E2%80%A6%5D&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Cybersecurity%20experts%20warn%20of%20ongoing%20attacks%20aimed%20at%20exploiting%20a%20recently%20patched%20critical%20vulnerability%20in%20F5%20BIG-IP%20and%20BIG-IQ%20networking%20devices.%20Cybersecurity%20experts%20from%20NCC%20Group%C2%A0and%C2%A0Bad%20Packets%20security%20firm%20this%20week%20detected%20a%20wave%20of%20attacks%20exploiting%20a%20recently%20patched%20critical%20vulnerability%2C%20tracked%20as%20CVE-2021-22986%2C%20in%20F5%20BIG-IP%20and%20BIG-IQ%20networking%20devices.%20%E2%80%9CAfter%20seeing%20lots%20%5B%E2%80%A6%5D&img_pview=true
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.155.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-155-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:01 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 384C 183 B
411 B 192ms
132ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=34d7969499e9d7574f129799031acce5e03c4c14

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fsecurityaffairs.co

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 103
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
last-modified: Sat, 20 Mar 2021 12:25:01 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
strict-transport-security: max-age=631138519
content-length: 152

GET
H2 200 cenw.js Show response
dt.clnmde.com/ Frame 1889 36 B
360 B 261ms
117ms XHR
text/html 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: dc8b69af09fa8ede018d0b058e788a8a57f9260e662d36aee50f4c049a8d6543

Request headers

Referer: https://pxlclnmdecom-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-i5rsad2wjsyRtV3ZgDrZGw"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H/1.1 200
OK horizon_tweet.34340b4862062ad52a16974fec38ada0.js Show response
platform.twitter.com/js/ 6 KB
3 KB 14ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.34340b4862062ad52a16974fec38ada0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: 62b338caf89fbe98a2df5026edefa2ed6c1bb4a46bb26f7cbcf2a3d95a51dc75

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:13 GMT
Server: ECS (amb/6B75)
Age: 833677
Etag: "e2b05de91f8c78f901db283e3e344817+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2201

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://securityaffairs.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://securityaffairs.co
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1432
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecurityaffairs.co%2F&domain=securityaffairs.co&cw=1
https://mug.criteo.com/sid?cpp=8CtQDXw5SlV2cDZNLzkwNHJBT0RPUCt4OVdraW8xSWRQcTdKc1J2cmZ4V2tQZ1RUbkYxdGdoa1B2b3J3cTROMzJGWjV1aE9wVXRpUklMZXM0bWZ2dnlNQlRvcGQxTjZHczBIaDRQUDhRWlNUL3VucEtlQkhmMlJlTGk4QV...

347 B
627 B

106ms
37ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8CtQDXw5SlV2cDZNLzkwNHJBT0RPUCt4OVdraW8xSWRQcTdKc1J2cmZ4V2tQZ1RUbkYxdGdoa1B2b3J3cTROMzJGWjV1aE9wVXRpUklMZXM0bWZ2dnlNQlRvcGQxTjZHczBIaDRQUDhRWlNUL3VucEtlQkhmMlJlTGk4QVczWmowdHY3dTg5eDJIUEF4eTB2UTRaWmdOa2lPSTVHeTZRYXN2U0ZMV2lrWmZ1YzVST1Z4dnplQTNDejNPdlBNdDVpa054WmxHUjBuTkxTMmhUVkNvdU5VQ2NhMjhGZ1NIM3FvbEN2cThseE1lUnNZM0NFPXw&cppv=2

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

98759cee8255031a5bbde0227864997630122d5574b3a740dcfc37a87f392757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 20 Mar 2021 12:25:01 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2099
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 20 Mar 2021 12:25:01 GMT
location: https://mug.criteo.com/sid?cpp=8CtQDXw5SlV2cDZNLzkwNHJBT0RPUCt4OVdraW8xSWRQcTdKc1J2cmZ4V2tQZ1RUbkYxdGdoa1B2b3J3cTROMzJGWjV1aE9wVXRpUklMZXM0bWZ2dnlNQlRvcGQxTjZHczBIaDRQUDhRWlNUL3VucEtlQkhmMlJlTGk4QVczWmowdHY3dTg5eDJIUEF4eTB2UTRaWmdOa2lPSTVHeTZRYXN2U0ZMV2lrWmZ1YzVST1Z4dnplQTNDejNPdlBNdDVpa054WmxHUjBuTkxTMmhUVkNvdU5VQ2NhMjhGZ1NIM3FvbEN2cThseE1lUnNZM0NFPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1939
content-length: 482
expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
222 B 73ms
33ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://securityaffairs.co
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 142ms
45ms XHR
application/json 34.246.149.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.149.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0c4aba60bfafdf8ac977f9f5fbcef0460b5d529dd2ec33ff66c45b80e9231aa4

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Mar 2021 12:25:01 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 19 Apr 2021 12:25:01 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 184ms
55ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22276dd0af49e3c3%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&s=d372471d-1c07-4632-9e9d-473b6265e56c&pv=3c0db348-90a6-46be-bce0-e8fc275bd156&vp=desktop&lib_name=prebid&lib_v=4.26.0&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22ed08ce2a-c4bd-4d9d-b15d-520e87434f80%22%7D&kw=threat%2Cactors%2Care%2Cattempting%2Cexploit%2Ccve202122986%2Cflaw%2Cf5%2Cbigip%2Cdevices%2Cwildsecurity%2Caffairs

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

73d8389f373600b3eee9b27dcbac02e135adbab8a01c04cfac1361e7dabd6100

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 589
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
632 B 370ms
124ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 2ff9065ca87844f4ea41c061dc59e479ef70ba7a59518bc7e69b1743dfec6419

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
access-control-allow-credentials: true

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ 172 B
562 B 82ms
42ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=be73c4a2-07ee-420d-9306-3ee020476763&nocache=1616243101880&pubcid=ed08ce2a-c4bd-4d9d-b15d-520e87434f80&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divIds=24272x320x50x4142x_ADSLOT1&auid=540580841&tps=bXlrZXl3b3JkPXRocmVhdCxhY3RvcnMsYXJlLGF0dGVtcHRpbmcsZXhwbG9pdCxjdmUyMDIxMjI5ODYsZmxhdyxmNSxiaWdpcCxkZXZpY2VzLHdpbGRzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPXRocmVhdCxhY3RvcnMsYXJlLGF0dGVtcHRpbmcsZXhwbG9pdCxjdmUyMDIxMjI5ODYsZmxhdyxmNSxiaWdpcCxkZXZpY2VzLHdpbGRzZWN1cml0eSxhZmZhaXJz
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 80e4d64d2f1f08a4235c43fc87734dc5053d56ff18d045803810f392a363aab7

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://securityaffairs.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
717 B 111ms
39ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:01 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: 7da87a35-2a32-4f17-907c-62e37e769a8b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 136ms
74ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.co
date: Sat, 20 Mar 2021 12:25:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 180ms
55ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221238cfba009fb08%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&s=34735790-2d8c-445d-a0da-8858ed5c64c3&pv=3c0db348-90a6-46be-bce0-e8fc275bd156&vp=desktop&lib_name=prebid&lib_v=4.26.0&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22ed08ce2a-c4bd-4d9d-b15d-520e87434f80%22%7D&kw=threat%2Cactors%2Care%2Cattempting%2Cexploit%2Ccve202122986%2Cflaw%2Cf5%2Cbigip%2Cdevices%2Cwildsecurity%2Caffairs

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

87cdbd22f3ec5377e8813d62e501e0d1c20774ab03221b44e5629fc3be11f466

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 589
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 135ms
79ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.co
date: Sat, 20 Mar 2021 12:25:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ 172 B
357 B 71ms
43ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c4022bd9-a782-4f11-8998-79899509f4d1&nocache=1616243101891&pubcid=ed08ce2a-c4bd-4d9d-b15d-520e87434f80&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=320x50&divIds=24272x320x50x4142x_ADSLOT1&auid=540580841&tps=bXlrZXl3b3JkPXRocmVhdCxhY3RvcnMsYXJlLGF0dGVtcHRpbmcsZXhwbG9pdCxjdmUyMDIxMjI5ODYsZmxhdyxmNSxiaWdpcCxkZXZpY2VzLHdpbGRzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPXRocmVhdCxhY3RvcnMsYXJlLGF0dGVtcHRpbmcsZXhwbG9pdCxjdmUyMDIxMjI5ODYsZmxhdyxmNSxiaWdpcCxkZXZpY2VzLHdpbGRzZWN1cml0eSxhZmZhaXJz
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: cad57037bf81b6e4f6d2d8ea64ddc70998fbe20a53ce1520b54d9022210f1c38

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://securityaffairs.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
717 B 111ms
38ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:01 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: 4e952868-6418-4f02-b348-42ab11c4342d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
641 B 356ms
125ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 169a73d528484d2ad9cb216950e9cb1a61863aef125ebba50edd98ab95eddc88

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 214ms
94ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2222fd8ccc5e551ff%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&s=f56c252e-1a7e-49a1-8eff-019ec4e30c82&pv=3c0db348-90a6-46be-bce0-e8fc275bd156&vp=desktop&lib_name=prebid&lib_v=4.26.0&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224142%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22ed08ce2a-c4bd-4d9d-b15d-520e87434f80%22%7D&kw=threat%2Cactors%2Care%2Cattempting%2Cexploit%2Ccve202122986%2Cflaw%2Cf5%2Cbigip%2Cdevices%2Cwildsecurity%2Caffairs

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f5e16264db1edc4a05d3d615e24b9cded18c3bec066423c7abf78fbf46ed26a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 590
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
632 B 351ms
125ms XHR
application/json 34.200.78.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-78-134.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: cd5e4a61cc6b76679ce65b9eebad12fa99fff45bd519b8d243a78b5fb89a9ae0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityaffairs.co
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
717 B 123ms
52ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid: 8d91c7ea-c258-4c1f-b1c0-b1e7d5598f5c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://securityaffairs.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
750 B 198ms
147ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_300x250&cmd=bid&secure=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 1d2965888a45dd38717d08a67747691ac45e42e3117df05bf5cb953613fc7b91

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Server: ATS/7.1.2.128
Age: 1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://securityaffairs.co
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ 173 B
360 B 104ms
86ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6e2c3f1a-78ac-4cd2-bd87-11079ab9a345&nocache=1616243101902&pubcid=ed08ce2a-c4bd-4d9d-b15d-520e87434f80&schain=1.0%2C1!pixfuture.com%2C4142%2C1%2C%2C%2C&aus=300x250&divIds=24270x300x250x4142x_ADSLOT1&auid=540580840&tps=bXlrZXl3b3JkPXRocmVhdCxhY3RvcnMsYXJlLGF0dGVtcHRpbmcsZXhwbG9pdCxjdmUyMDIxMjI5ODYsZmxhdyxmNSxiaWdpcCxkZXZpY2VzLHdpbGRzZWN1cml0eSxhZmZhaXJzJm15b3RoZXJrZXl3b3JkPXRocmVhdCxhY3RvcnMsYXJlLGF0dGVtcHRpbmcsZXhwbG9pdCxjdmUyMDIxMjI5ODYsZmxhdyxmNSxiaWdpcCxkZXZpY2VzLHdpbGRzZWN1cml0eSxhZmZhaXJz
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 3690ae72198d9aea5d559897492229c6bd875a0dc69039d7b942a4e2e9728273

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
server: OXGW/16.203.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://securityaffairs.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 122ms
78ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://securityaffairs.co
date: Sat, 20 Mar 2021 12:25:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 120ms
40ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1163
date: Sat, 20 Mar 2021 12:25:01 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame CB0A 96 KB
34 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbfbedeaa94fbff654f4edef88642359e75f767f7cf590cf073f5f4a1b8870bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34835
x-xss-protection: 0
server: cafe
etag: 17714132142724221944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 12:25:02 GMT

POST
H/1.1 204
No Content tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
504 B 120ms
119ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
Server: nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:02 GMT

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 9536 487 B
971 B 15ms
14ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA4) /
Resource Hash: 940c4f37bac6c0c33f65b9f6a2e8d931a42da31d7badf5e242a72dfaaa91ef2b

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 716
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Mar 2021 12:25:02 GMT
Etag: "8cc6bf07c6b7f9bf31a00bb9405f5bea"
Last-Modified: Wed, 10 Mar 2021 20:45:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA4)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame B089 487 B
1001 B 30ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7E) /
Resource Hash: 940c4f37bac6c0c33f65b9f6a2e8d931a42da31d7badf5e242a72dfaaa91ef2b

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 659
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Mar 2021 12:25:02 GMT
Etag: "8cc6bf07c6b7f9bf31a00bb9405f5bea"
Last-Modified: Wed, 10 Mar 2021 20:45:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B7E)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 8339 487 B
1001 B 44ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: 940c4f37bac6c0c33f65b9f6a2e8d931a42da31d7badf5e242a72dfaaa91ef2b

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 659
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Mar 2021 12:25:02 GMT
Etag: "8cc6bf07c6b7f9bf31a00bb9405f5bea"
Last-Modified: Wed, 10 Mar 2021 20:45:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B87)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 118ms
118ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4IgxgTgbiBcDaJgB0QA4CMA2A7GtAzDhqrCiAC4CeADgKamqQD6AlgCaoA0qUrbnOKmzYATABYCGAAzSAnMXE5J4rN1QALKAGcBjELNkisEqdIwECaaVIzjpAVgLjCcjHLUgAvl5BckqJi4+EQkcOTU9PosHOogfHpCIMamMjbKxA5oSnFaurFJhuZYYpIyFlY2GHaOzq7unj5+ASBYSliW0qI4pBG0DEkxgjzx-AWwwiUmZbLZDsRd1rk6iRMGhikzdqIEVTVOLgRYbdKoTf7kGNkEOxgO4r2okQNrQ3EJ45OlZjbics5ZNrLfKCNZFTZmOxXPb2A6EexYORnXwAXX8ADsAIZweDiURyP64URtLgWexoHA2ORcJyzQ7SNEgLHaOD4-ysTEAWxxDPZmJZsDQ-gAHgAzOAGLCijBgfHsABGollOCyojo8oI8us4mlogcHW60maYooEsIdCwdDkcnlovs8uUJgIorABAcFlF7GkYAcci67GarBgsGkADoHP5tBRMRQAK4C+AEals3akuSMgBe2NgGH8NAA5hKYP46OjgyAaM18xoJRDylkcM58XJ5mgHM0KALkni5NZHXqss0dBKsKGw1ZRM1MQAbOAEfwuuAAWlzIDoFFYcDr5kjFELIcjAGta1NUuZmKI7NZRNkW27mnRWJXYMk26G7qOMCr39IcA-Y9mq6xpuB5rlAs4IKAWKcnQEryhw7B0BAAjNOwMbZqA8HsIhyEcHA6KxtO07+B8AYvtu8iKMozhYN4XhcFBXKwS+WE4Sh-hodG4QgKxSEobABFESRYxkckp4zOkSh3Nkf4+AxTJMXBCF8XhHHodxvG4WRgnEaM-Fid8aRzAsN5GnJjEwUp2EqQGalcWQPHKVp+GEbppEnoZsjOP84iAuIdGMto05Rh50yQlkRr+NO4o5sJ+kUd5AJoG0zRgPGFD6WgADCACqDgAEIACJYAAogA6lWYBbuJZiXiq-gAI7MauoogeIXhAA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:02 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame CB0A 226 KB
85 KB 65ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 12:25:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 7825 10 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 04:26:34 GMT
expires: Sat, 03 Apr 2021 04:26:34 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 28708
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 90F3 0
0

POST
H/1.1 204
No Content tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
504 B 120ms
120ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
Server: nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:02 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3B3B 96 KB
34 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbfbedeaa94fbff654f4edef88642359e75f767f7cf590cf073f5f4a1b8870bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34835
x-xss-protection: 0
server: cafe
etag: 17714132142724221944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 12:25:02 GMT

POST
H/1.1 204
No Content tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
504 B 119ms
119ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
Server: nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:02 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5E87 96 KB
34 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbfbedeaa94fbff654f4edef88642359e75f767f7cf590cf073f5f4a1b8870bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34835
x-xss-protection: 0
server: cafe
etag: 17714132142724221944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 12:25:02 GMT

POST
H/1.1 204
No Content tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
504 B 120ms
120ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:02 GMT
Server: nginx/1.10.3 (Ubuntu)
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Mon, 22 Mar 2021 12:25:02 GMT

GET
H/1.1 200
OK embed.runtime.892471bfa3c75ece36a0.js Show response
platform.twitter.com/embed/ Frame 9536 8 KB
4 KB 14ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC7) /
Resource Hash: 2e3fd7db50785b0a534eb5ce59ee7352914fb185636655864de6741d61296299

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC7)
Age: 833679
Etag: "808357fc50ebb4cb54295e289bbcb483+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3212

GET
H/1.1 200
OK embed.modules.bd4d763216e3c493ca8a.js Show response
platform.twitter.com/embed/ Frame 9536 867 KB
273 KB 16ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B80) /
Resource Hash: 2e17cb80f62865b1c23d9e1fd24b008de3977aa47cab246300caffeece2be1ee

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6B80)
Age: 833679
Etag: "37d8d9410f3720c5b8e9d1c4c8dc8da4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 279108

GET
H/1.1 200
OK embed.i18n.c599afdb8b99029d9d01.js Show response
platform.twitter.com/embed/ Frame 9536 145 B
650 B 16ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c599afdb8b99029d9d01.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC8) /
Resource Hash: 5d6ca46fc2d50ebc40db4f46f6170d8df8597c5311af0d552a660934114b7c37

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC8)
Age: 833679
Etag: "80986634aeaf1d56f9ae3cd99d41d080"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 145

GET
H/1.1 200
OK embed.Tweet.7634e45e15726dcc3ed9.js Show response
platform.twitter.com/embed/ Frame 9536 15 KB
6 KB 29ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.7634e45e15726dcc3ed9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA3) /
Resource Hash: 47a85e05b7d0d202666d8d51507c51caa6ca26be0058135f190e5fb86bce323f

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BA3)
Age: 833671
Etag: "e187fa96fda18d11604d4a192f0fae2e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5619

GET
H/1.1 200
OK embed.runtime.892471bfa3c75ece36a0.js Show response
platform.twitter.com/embed/ Frame B089 8 KB
4 KB 29ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC7) /
Resource Hash: 2e3fd7db50785b0a534eb5ce59ee7352914fb185636655864de6741d61296299

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC7)
Age: 833679
Etag: "808357fc50ebb4cb54295e289bbcb483+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3212

GET
H/1.1 200
OK embed.modules.bd4d763216e3c493ca8a.js Show response
platform.twitter.com/embed/ Frame B089 867 KB
273 KB 43ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8E) /
Resource Hash: 2e17cb80f62865b1c23d9e1fd24b008de3977aa47cab246300caffeece2be1ee

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6B8E)
Age: 833676
Etag: "37d8d9410f3720c5b8e9d1c4c8dc8da4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 279108

GET
H/1.1 200
OK embed.i18n.c599afdb8b99029d9d01.js Show response
platform.twitter.com/embed/ Frame B089 145 B
650 B 42ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c599afdb8b99029d9d01.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC8) /
Resource Hash: 5d6ca46fc2d50ebc40db4f46f6170d8df8597c5311af0d552a660934114b7c37

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC8)
Age: 833679
Etag: "80986634aeaf1d56f9ae3cd99d41d080"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 145

GET
H/1.1 200
OK embed.Tweet.7634e45e15726dcc3ed9.js Show response
platform.twitter.com/embed/ Frame B089 15 KB
6 KB 50ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.7634e45e15726dcc3ed9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA3) /
Resource Hash: 47a85e05b7d0d202666d8d51507c51caa6ca26be0058135f190e5fb86bce323f

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BA3)
Age: 833671
Etag: "e187fa96fda18d11604d4a192f0fae2e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5619

GET
H/1.1 200
OK embed.runtime.892471bfa3c75ece36a0.js Show response
platform.twitter.com/embed/ Frame 8339 8 KB
4 KB 51ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC7) /
Resource Hash: 2e3fd7db50785b0a534eb5ce59ee7352914fb185636655864de6741d61296299

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC7)
Age: 833679
Etag: "808357fc50ebb4cb54295e289bbcb483+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3212

GET
H/1.1 200
OK embed.modules.bd4d763216e3c493ca8a.js Show response
platform.twitter.com/embed/ Frame 8339 867 KB
273 KB 56ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8E) /
Resource Hash: 2e17cb80f62865b1c23d9e1fd24b008de3977aa47cab246300caffeece2be1ee

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6B8E)
Age: 833676
Etag: "37d8d9410f3720c5b8e9d1c4c8dc8da4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 279108

GET
H/1.1 200
OK embed.i18n.c599afdb8b99029d9d01.js Show response
platform.twitter.com/embed/ Frame 8339 145 B
650 B 58ms
16ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c599afdb8b99029d9d01.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC8) /
Resource Hash: 5d6ca46fc2d50ebc40db4f46f6170d8df8597c5311af0d552a660934114b7c37

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC8)
Age: 833679
Etag: "80986634aeaf1d56f9ae3cd99d41d080"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 145

GET
H/1.1 200
OK embed.Tweet.7634e45e15726dcc3ed9.js Show response
platform.twitter.com/embed/ Frame 8339 15 KB
6 KB 63ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.7634e45e15726dcc3ed9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA3) /
Resource Hash: 47a85e05b7d0d202666d8d51507c51caa6ca26be0058135f190e5fb86bce323f

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BA3)
Age: 833671
Etag: "e187fa96fda18d11604d4a192f0fae2e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5619

GET
H2 200 nrrV10261.js Show response
contextual.media.net/4a/ Frame A283 89 KB
29 KB 40ms
39ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV10261.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c01fc9c7aa4b03ea89120545b5079b4b6a938ad4dd08c5dbcbdd3118ef043d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "784a9c5bcc529fa412b038c974aac419"
vary: Accept-Encoding
x-mnet-h: 8-12
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Sat, 20 Mar 2021 12:25:02 GMT
content-length: 29275
expires: Sat, 03 Apr 2021 12:25:02 GMT

GET
DATA 200
OK truncated
/ Frame A283 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A283 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A283 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrrV10261.js Show response
contextual.media.net/4a/ Frame 78D9 89 KB
29 KB 44ms
44ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV10261.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c01fc9c7aa4b03ea89120545b5079b4b6a938ad4dd08c5dbcbdd3118ef043d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "784a9c5bcc529fa412b038c974aac419"
vary: Accept-Encoding
x-mnet-h: 8-12
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Sat, 20 Mar 2021 12:25:02 GMT
content-length: 29275
expires: Sat, 03 Apr 2021 12:25:02 GMT

GET
DATA 200
OK truncated
/ Frame 78D9 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 78D9 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 78D9 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame CB0A 208 B
646 B 115ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8210c6027afdd0094fadf708860d0876230e675e3057e2640860555b2f106b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame CB0A 107 B
799 B 39ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co&meb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CB0A 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co&meb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B490 72 KB
22 KB 393ms
379ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1616243102&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102182&bpp=26&bdt=146&idt=266&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=2&ga_vid=641753397.1616243101&ga_sid=1616243102&ga_hid=1514491438&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=2567501481&scr_x=0&scr_y=0&eid=21066428%2C44739387%2C21069711&oid=3&pvsid=4407677868578281&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.h90h8b888w2p&fsb=1&xpc=HY1COIltls&p=https%3A//securityaffairs.co&dtd=287

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0af59e2ad792e9949cbd4988bb622f7e72d606cd536585fad95e51cce2ed871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1616243102&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102182&bpp=26&bdt=146&idt=266&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=2&ga_vid=641753397.1616243101&ga_sid=1616243102&ga_hid=1514491438&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=2567501481&scr_x=0&scr_y=0&eid=21066428%2C44739387%2C21069711&oid=3&pvsid=4407677868578281&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.h90h8b888w2p&fsb=1&xpc=HY1COIltls&p=https%3A//securityaffairs.co&dtd=287
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 12:25:02 GMT
server: cafe
content-length: 22414
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Mar-2021 12:40:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 12:25:02 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB0A 73 KB
28 KB 63ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sat, 20 Mar 2021 12:25:02 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame 5E87 226 KB
84 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 12:25:02 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame 3B3B 226 KB
84 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 12:25:02 GMT

GET
H2 200 nrrV10261.js Show response
contextual.media.net/4a/ Frame 568F 89 KB
29 KB 61ms
60ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV10261.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c01fc9c7aa4b03ea89120545b5079b4b6a938ad4dd08c5dbcbdd3118ef043d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "784a9c5bcc529fa412b038c974aac419"
vary: Accept-Encoding
x-mnet-h: 8-12
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Sat, 20 Mar 2021 12:25:02 GMT
content-length: 29275
expires: Sat, 03 Apr 2021 12:25:02 GMT

GET
DATA 200
OK truncated
/ Frame 568F 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 568F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet3.woff
contextual.media.net/__media__/fonts/bullet3/ Frame 568F 2 KB
2 KB 101ms
38ms Font
application/font-woff 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet3/bullet3.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1688
expires: Sun, 21 Mar 2021 12:25:02 GMT

GET
H2 200 nrrV10261.js Show response
contextual.media.net/4a/ Frame E6A5 89 KB
29 KB 53ms
53ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/4a/nrrV10261.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU5BD6EW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c01fc9c7aa4b03ea89120545b5079b4b6a938ad4dd08c5dbcbdd3118ef043d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=2592000
strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
etag: "784a9c5bcc529fa412b038c974aac419"
vary: Accept-Encoding
x-mnet-h: 8-12
content-type: text/javascript; charset=utf-8
cache-control: max-age=1209600
date: Sat, 20 Mar 2021 12:25:02 GMT
content-length: 29275
expires: Sat, 03 Apr 2021 12:25:02 GMT

GET
H2 200 1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame E6A5 42 B
205 B 39ms
39ms Image
image/gif 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/800028474/1x1.gif

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
last-modified: Mon, 04 Jun 2018 10:04:19 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=690567
accept-ranges: bytes
content-length: 42
expires: Sun, 28 Mar 2021 12:14:29 GMT

GET
DATA 200
OK truncated
/ Frame E6A5 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E6A5 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bullet5.woff
contextual.media.net/__media__/fonts/bullet5/ Frame E6A5 2 KB
2 KB 278ms
229ms Font
application/font-woff 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/bullet5/bullet5.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5478a58e273007bb37b0f168fdbaf319580f1bd42af6219320ef76e82e5b7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:02 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1768
expires: Sun, 21 Mar 2021 12:25:02 GMT

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.5016593ebbdc18fa1795.js Show response
platform.twitter.com/embed/ Frame 9536 19 KB
7 KB 18ms
17ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.5016593ebbdc18fa1795.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: c4479f482aa8ed0403e3f94b524b58350985ae55b8e9d055b71c9de47ce440ff

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC3)
Age: 833679
Etag: "74ce1e258e6373140f812676b55109c6+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6310

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.c1114737cd7b41421bf9.js Show response
platform.twitter.com/embed/ Frame 9536 3 KB
2 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.c1114737cd7b41421bf9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B90) /
Resource Hash: 5d823e7656fb7105e384386176b6584ebcee34e5648062b0dd09389665963791

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6B90)
Age: 833669
Etag: "28adfbfbe5227d54424c2876946b572b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1250

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.5016593ebbdc18fa1795.js Show response
platform.twitter.com/embed/ Frame B089 19 KB
7 KB 15ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.5016593ebbdc18fa1795.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: c4479f482aa8ed0403e3f94b524b58350985ae55b8e9d055b71c9de47ce440ff

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC3)
Age: 833679
Etag: "74ce1e258e6373140f812676b55109c6+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6310

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.c1114737cd7b41421bf9.js Show response
platform.twitter.com/embed/ Frame B089 3 KB
2 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.c1114737cd7b41421bf9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B90) /
Resource Hash: 5d823e7656fb7105e384386176b6584ebcee34e5648062b0dd09389665963791

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6B90)
Age: 833669
Etag: "28adfbfbe5227d54424c2876946b572b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1250

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.5016593ebbdc18fa1795.js Show response
platform.twitter.com/embed/ Frame 8339 19 KB
7 KB 15ms
15ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.5016593ebbdc18fa1795.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: c4479f482aa8ed0403e3f94b524b58350985ae55b8e9d055b71c9de47ce440ff

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC3)
Age: 833679
Etag: "74ce1e258e6373140f812676b55109c6+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6310

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.c1114737cd7b41421bf9.js Show response
platform.twitter.com/embed/ Frame 8339 3 KB
2 KB 14ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.c1114737cd7b41421bf9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B90) /
Resource Hash: 5d823e7656fb7105e384386176b6584ebcee34e5648062b0dd09389665963791

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6B90)
Age: 833669
Etag: "28adfbfbe5227d54424c2876946b572b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1250

GET
H2 200 bql.php Show response
lg3.media.net/ Frame A283 15 B
216 B 37ms
35ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001616243101338031140534839196&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYA-YKOrnvWPx8edztnLhOvJZls-tg7aIC7PplXOTfz2HlxOvntA4RBUpkmae5HMuCFor-3yY89h0&lpid=&tsid=1&q=&prv=&type=&ps=&cme=QBtmEwQY_KPlOOVv2bNTMYvcUMiTpNWoDoqz5TkZ7pCxWV0oLPROQssVbDpvXvGZ-d5Ho0wYSNRptD49h-mYrObfwZkl_FSow3lfQUk6x0dQcdVwdS_91anuzui0HVetnB3P8dfZGt9G6iyW626A-_kjJtGQGF3PgWLEjXzneKTmpU8MHhgXJPONFuHkBEUgA-d0x44M03czyeKuc8RdWHgf451aJIwoW_IyO6CJsFc%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CyvLYWPz6OMciZr0Z3y7QuKJTrwuh7q8gIeRXKtzBnGP-h2naBp6UiOS35i2O3ngjjwezu6Ftaqyv5L-7UrR05OT5Rsnq0QrCKumFdK8AwgaiyJwSyl156w%3D%3D%7CN7fu2vKt8_s%3D%7CsUiNpVdG3uQ7bL9KpaNwswsA5nGyph94rL6dWnLCUvcLwvwN9zoEfyggZcN3Te4N6IgrjQ6kKU4ENs6rnL0hxxi5nOEWtaVo9-IXTbdtFJF8M_UafNL4jrA7x1oBJYhp7NVpDQ4q3JAO2rWbemn6T6E6VtoEB1zQxSrbxtUwlkarPpbsZQI7G71zVXTtAK7VkRTRnkOkwe0pn7IJZJvCpyoScquaoH_jpBQy05nWygA%3D%7C&hint=&td=&cc=CH&wsip=2886781042&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=207&fdkt=244&kwd[]=Best%20Antivirus%20Software%202021&kwt[]=244&kbc[]=1203023066&kwp[]=1&kid[]=330153116&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.52%7C%7Clvl%3D1.57&ktd[]=274894881024&kwd[]=Best%20Password%20Manager&kwt[]=244&kbc[]=1203023066&kwp[]=2&kid[]=3481836&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.12%7C%7Clvl%3D1.00&ktd[]=274911658240&kwd[]=Free%20Software%20Download&kwt[]=244&kbc[]=1203023066&kwp[]=3&kid[]=11660601&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.09%7C%7Clvl%3D3.61&ktd[]=274911658240&kwd[]=Windows%20Server%20System&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=30903458&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.04%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Free%20Malware%20Removing%20Tools&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=329768009&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.07%7C%7Clvl%3D1.00&ktd[]=274894881024&rand=1616243102866&cid=8CU5BD6EW&vwid=1616243100971474346&vi=1616243100971474346&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1616243100196416304&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D2%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1616243101347&upk=1616243101.11362&hvsid=00001616243101338031140534839196&verid=4121199&kbbq=%26sde%3D1%26adepth%3D2%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=91&matm=1616243102875&vgd_ltime=1534&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=804340239&vgd_katbid=-21&vgd_kals=ttype%3D10017%7C%7Cpc%3D91&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886780935&vgd_nrrsf=nrr&vgd_nrrv=10261&vgd_nrrs=10261&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-816788371%7CDIV&vgd_x_pos=367&vgd_y_pos=3307&vgd_ren_page_h=5261&vgd_cty=ZURICH&vgd_l1hcsd=N2%7C1861&vgd_sethcsd=N7%7C1787&vgd_cfud=200721&vgd_is_amp=0&vgd_icat=618&vgd_spcat=-1&vgd_optout=0&vgd_ect=4g&vgd_rensize=524_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1616243100971474346%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D816788371%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f115760%252fhacking%252ff5-big-ip-attacks-cve-2021-22986.html%26%26katid%3D804340239%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A524%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:02 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 20 Mar 2021 12:25:02 GMT

POST
H2 200 log
navvy.media.net/ Frame A283 807 B
980 B 526ms
181ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:03 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 78D9 15 B
216 B 32ms
32ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001616243101338031140534839196&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYA-YKOrnvWPx8edztnLhOvJZls-tg7aIC7PplXOTfz2HlxOvntA4RBUpkmae5HMuCFor-3yY89h0&lpid=&tsid=1&q=&prv=&type=&ps=&cme=QBtmEwQY_KPlOOVv2bNTMYvcUMiTpNWoDoqz5TkZ7pCxWV0oLPROQssVbDpvXvGZ-d5Ho0wYSNRptD49h-mYrObfwZkl_FSow3lfQUk6x0dQcdVwdS_91anuzui0HVetnB3P8dfZGt9G6iyW626A-_kjJtGQGF3PgWLEjXzneKTmpU8MHhgXJPONFuHkBEUgnP7rQSWJAnwpa3Oyz6DJoSTWa9tpJRZoXM76Cm6BodA%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CyvLYWPz6OMciZr0Z3y7QuKJTrwuh7q8gIeRXKtzBnGP-h2naBp6UiOS35i2O3ngjjwezu6Ftaqyv5L-7UrR05OT5Rsnq0QrCKumFdK8AwgaiyJwSyl156w%3D%3D%7CN7fu2vKt8_s%3D%7CMHhIdl_DQHeijKaf0Di_Pei_tjOXDKLtusbCZLHxOR0pfhLb-0gp-2R8Z7UFgKTNRlR1uIfH3jzEAis19xdWjwH-I0u60p6bqePzkpwn-9lHEooFcKT1F2tr2okdgajI6pykM7RaZksSh1pI6x6DWBV5jUJS-dEvpoEZlvtrmHuZdZNEurCNriweOkIniABz_zHJ3Tq5bWGU-Yu0dnb2jZgXnEFXVE2vBEc7hfGBpPo%3D%7C&hint=&td=&cc=CH&wsip=2886780938&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=WoNWNY&vgde_setid=NW&&rc=0&ksu=207&fdkt=244&kwd[]=Online%20Cyber%20Crime%20Portal&kwt[]=244&kbc[]=1203023066&kwp[]=1&kid[]=330029445&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.16%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Best%20Antivirus%20Software%202021&kwt[]=244&kbc[]=1203023066&kwp[]=2&kid[]=330153116&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.52%7C%7Clvl%3D1.57&ktd[]=274894881024&kwd[]=Private%20Internet%20Browsers&kwt[]=244&kbc[]=1203023066&kwp[]=3&kid[]=316522968&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.33%7C%7Clvl%3D1.00&ktd[]=274911658240&kwd[]=Best%20Antivirus%20for%20Windows%2010&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=329785504&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.49%7C%7Clvl%3D3.15&ktd[]=274894881024&kwd[]=Free%20Malware%20Removing%20Tools&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=329768009&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.07%7C%7Clvl%3D1.00&ktd[]=274894881024&rand=1616243102888&cid=8CU5BD6EW&vwid=1616243100374715847&vi=1616243100374715847&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1616243100196416304&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1616243101338&upk=1616243101.11362&hvsid=00001616243101338031140534839196&verid=4121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&pid=8PO5M70HK&katen=1&pc=32&matm=1616243102891&vgd_ltime=1562&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=804340239&vgd_katbid=-21&vgd_kals=ttype%3D10017%7C%7Cpc%3D32&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2886781338&vgd_nrrsf=nrr&vgd_nrrv=10261&vgd_nrrs=10261&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-816788371%7CDIV&vgd_x_pos=367&vgd_y_pos=3564&vgd_ren_page_h=5261&vgd_cty=ZURICH&vgd_l1hcsd=N2%7C1861&vgd_sethcsd=N7%7C1787&vgd_cfud=200721&vgd_is_amp=0&vgd_icat=618&vgd_spcat=-1&vgd_optout=0&vgd_ect=4g&vgd_rensize=524_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&oRurl=http%3A%2F%2Fcdn3%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1616243100374715847%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D816788371%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f115760%252fhacking%252ff5-big-ip-attacks-cve-2021-22986.html%26%26katid%3D804340239%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A524%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:02 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 20 Mar 2021 12:25:02 GMT

POST
H2 200 log
navvy.media.net/ Frame 78D9 807 B
869 B 535ms
201ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:03 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5E87 208 B
623 B 104ms
72ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3db7f59baa4b60eef8247c10fa35b17bef862c8bd17cc2173d9f6bbaa63904e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5E87 107 B
777 B 45ms
31ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5E87 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

afr.php Show response
served-by.pixfuture.com/www/delivery/ Frame B3A3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=250&slotname=1680648786&adk=1022037533&adf=1480696129&pi=t.ma~as.1680648786&w=300&url=https%3A%2F%2Fsecur...
https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529

617 B
1 KB

139ms
138ms

Document
text/html

68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=securityaffairs.co&amaexp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 76d35c700a1d819d2ab5bdeeaa17c7e4a2291f5ca1bdfafa6398e8bd49ad943a

Request headers

Host: served-by.pixfuture.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=172800 public, no-transform
Pragma: no-cache
Expires: Mon, 22 Mar 2021 12:25:03 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Encoding: gzip

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 12:25:03 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUlUZyrgQDdREYK7lVoeOFNdXAzwzU1V82EsRZZmNirfnoviNicm6njhivOMfos; expires=Thu, 14-Apr-2022 12:25:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E87 73 KB
28 KB 67ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 568F 15 B
216 B 33ms
32ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001616243101418031140534834069&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYA-YKOrnvWPxjv6AB2pCHmm6a-D3MykyMd2zAeTk5IcXn9Hi75gbn8DJ7VcQhMeEF4xRlVam5yI1&lpid=&tsid=1&q=&prv=&type=&ps=&cme=QBtmEwQY_KO4lVJQZdQwoW801xut0Xg1o28Ov8RNbZRRrLGC54t1pGuL9GInwfWB59MbRGM1oqqUHYuFqM7hDuM5UUef5CYm67JfnU3JKTzyqtY8nBETq096CTGxkZa5QeocsCswZMc6slTHaYanMXO8VNfpKEbx2-bqRomDwbRbOCApvNIy0c8e4EP_j5YrsG_SLEW2OVi8rWb05m5q6oblhGdeUN4D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CyvLYWPz6OMciZr0Z3y7QuKJTrwuh7q8gIeRXKtzBnGP-h2naBp6UiOS35i2O3ngjjwezu6Ftaqyv5L-7UrR05OT5Rsnq0QrCKumFdK8AwgaiyJwSyl156w%3D%3D%7CN7fu2vKt8_s%3D%7CMO9oxJ-87yqIuGiw0FacFq_MftpljAs3O3VEXjTinsSMPnZSF_lHAJswhYdHDXCf7Y-Frlwkt5LBz_jq8Uzkg3NEW5mkttu39kUEGjXYr4l-pqW-aQ0UBUXjK6Rt33IsKdxrpiMbQu4ulw2DFl3aElEShhHuK93SNi93DIuAEsRqFLmDGTtH8hCq49PnXXg1aeDotaeWs1SLVrH1ucNjBeewe4Yqyjji%7C&hint=&td=&cc=CH&wsip=2887305297&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=207&fdkt=244&kwd[]=Best%20Antivirus%20for%20Windows%2010&kwt[]=244&kbc[]=1203023066&kwp[]=1&kid[]=329785504&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.49%7C%7Clvl%3D3.15&ktd[]=274894881024&kwd[]=Internet%20Security%20Cameras&kwt[]=244&kbc[]=1203023066&kwp[]=2&kid[]=15280835&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.29%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Privacy%20Security%20Software&kwt[]=244&kbc[]=1203023066&kwp[]=3&kid[]=23173568&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.42%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Data%20Protection%20Tips&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=321805524&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.86%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Malware%20Free%20Download&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=210330434&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.73%7C%7Clvl%3D4.00&ktd[]=274894881024&rand=1616243103034&cid=8CU5BD6EW&vwid=1616243100349345864&vi=1616243100349345864&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1616243100196416304&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1616243101418&upk=1616243101.11362&hvsid=00001616243101418031140534834069&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=48&matm=1616243103042&vgd_ltime=1626&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=801353038&vgd_katbid=-21&vgd_kals=ttype%3D10002%7C%7Cpc%3D48&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305298&vgd_nrrsf=nrr&vgd_nrrv=10261&vgd_nrrs=10261&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-184323154%7CDIV&vgd_x_pos=980&vgd_y_pos=413&vgd_ren_page_h=5261&vgd_cty=ZURICH&vgd_l1hcsd=N2%7C1861&vgd_sethcsd=N7%7C1787&vgd_cfud=200313&vgd_is_amp=0&vgd_icat=618&vgd_spcat=-1&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1616243100349345864%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D184323154%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f115760%252fhacking%252ff5-big-ip-attacks-cve-2021-22986.html%26%26katid%3D801353038%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:03 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 20 Mar 2021 12:25:03 GMT

POST
H2 200 log
navvy.media.net/ Frame 568F 807 B
869 B 379ms
196ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:03 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H2 200 OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame E6A5 25 KB
25 KB 33ms
33ms Font
application/font-woff 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://securityaffairs.co
Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:03 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25720
expires: Sun, 21 Mar 2021 12:25:03 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3B3B 208 B
219 B 87ms
86ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=securityaffairs.co&callback=_gfp_s_&client=ca-pub-1575911585432548

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bec8e1bd6c6893b9da2fd753fafb83d31565f833aa86168f71f70eea6f085bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3B3B 107 B
123 B 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=securityaffairs.co

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3B3B 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=securityaffairs.co

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 188E 75 KB
24 KB 460ms
459ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=1390855164&adf=1480696128&pi=t.ma~as.1139220782&w=300&lmt=1616243103&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102490&bpp=5&bdt=200&idt=574&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=933578306&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=943&biw=1600&bih=1200&isw=320&ish=50&ifk=1692680414&scr_x=0&scr_y=0&eid=21067423%2C31060352%2C44739387&oid=3&pvsid=2955020931716375&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.flwh8l6nrbql&fsb=1&xpc=vVmO1HMQTG&p=https%3A//securityaffairs.co&dtd=583

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

997c4a90a63a21dabc5660f6ce037c209792f2dcbc5f02a381a8e301639f1cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=1390855164&adf=1480696128&pi=t.ma~as.1139220782&w=300&lmt=1616243103&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102490&bpp=5&bdt=200&idt=574&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=933578306&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=943&biw=1600&bih=1200&isw=320&ish=50&ifk=1692680414&scr_x=0&scr_y=0&eid=21067423%2C31060352%2C44739387&oid=3&pvsid=2955020931716375&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.flwh8l6nrbql&fsb=1&xpc=vVmO1HMQTG&p=https%3A//securityaffairs.co&dtd=583
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Mar 2021 12:25:03 GMT
server: cafe
content-length: 24303
x-xss-protection: 0
set-cookie: IDE=AHWqTUnQsxVftO0Gd3jj6xwTF1DEvJmMJsstNopclkM75lg0hNLqrEVUm7S0fHd3M3E; expires=Thu, 14-Apr-2022 12:25:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 12:25:03 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B3B 73 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js Show response
platform.twitter.com/embed/ Frame 9536 2 MB
2 MB 15ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB7) /
Resource Hash: 6348cbfbc920dc36067a7f95cb93a53e2f29c6773331cc99a16ea48b867e230f

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BB7)
Age: 833679
Etag: "b4dafb02c4bfceec1acb344ed7a6728e"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 2356672

GET
H/1.1 200
OK embed.ondemand.Tweet.02eb6c35037461aef842.js Show response
platform.twitter.com/embed/ Frame 9536 58 KB
15 KB 14ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.02eb6c35037461aef842.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: 19c88c7b7a418e432cce3b5a3a921e34441e6debf665a1a1b0117872ddfbf735

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1372855324345040898&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC3)
Age: 833655
Etag: "c4f7602d11b1c9491d043435ca6e4212+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 14415

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F9E3 37 KB
14 KB 101ms
35ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=140170
Expires: Mon, 22 Mar 2021 03:21:13 GMT
Date: Sat, 20 Mar 2021 12:25:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AFF2 52 KB
17 KB 109ms
45ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 21 Mar 2021 12:25:05 GMT
Date: Sat, 20 Mar 2021 12:25:03 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 167B 52 KB
17 KB 101ms
37ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 21 Mar 2021 12:25:05 GMT
Date: Sat, 20 Mar 2021 12:25:03 GMT
Connection: keep-alive

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame B55F 668 B
730 B 85ms
85ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 0bdd4b9afc5c83f1493a6198ae75901938b26c321c19bfb5d4d8bc88594951e0

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=ed08ce2a-c4bd-4d9d-b15d-520e87434f80|1616243101
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=ed08ce2a-c4bd-4d9d-b15d-520e87434f80|1616243101; Version=1; Expires=Sun, 20-Mar-2022 12:25:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616243103|gekin0vNiygu; Version=1; Expires=Sun, 04-Apr-2021 12:25:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 20 Mar 2021 12:25:03 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3610 37 KB
14 KB 100ms
38ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=140170
Expires: Mon, 22 Mar 2021 03:21:13 GMT
Date: Sat, 20 Mar 2021 12:25:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame B9AE 668 B
718 B 84ms
84ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 0bdd4b9afc5c83f1493a6198ae75901938b26c321c19bfb5d4d8bc88594951e0

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=ed08ce2a-c4bd-4d9d-b15d-520e87434f80|1616243101
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=ed08ce2a-c4bd-4d9d-b15d-520e87434f80|1616243101; Version=1; Expires=Sun, 20-Mar-2022 12:25:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616243103|gekin0vNiygu; Version=1; Expires=Sun, 04-Apr-2021 12:25:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 20 Mar 2021 12:25:03 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B0D7 52 KB
17 KB 98ms
38ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 21 Mar 2021 12:25:05 GMT
Date: Sat, 20 Mar 2021 12:25:03 GMT
Connection: keep-alive

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame ECCA 0
0 412ms
140ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

x-33x-status: 2020008
server: 33XP002
date: Sat, 20 Mar 2021 12:24:48 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 51D2 668 B
718 B 82ms
81ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 0bdd4b9afc5c83f1493a6198ae75901938b26c321c19bfb5d4d8bc88594951e0

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=ed08ce2a-c4bd-4d9d-b15d-520e87434f80|1616243101
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=ed08ce2a-c4bd-4d9d-b15d-520e87434f80|1616243101; Version=1; Expires=Sun, 20-Mar-2022 12:25:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616243103|gekin0vNiygu; Version=1; Expires=Sun, 04-Apr-2021 12:25:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.203.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 20 Mar 2021 12:25:03 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BD6F 37 KB
14 KB 94ms
31ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://securityaffairs.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=140170
Expires: Mon, 22 Mar 2021 03:21:13 GMT
Date: Sat, 20 Mar 2021 12:25:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MjllZGM4ZjEtYjU3OS00MDkwLTg5ZjMtMGRiN2Q5MmRkZGEx
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXXiFtpVZyqq7yucETBr1U&google_cver=1

49 B
925 B

81ms
49ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXXiFtpVZyqq7yucETBr1U&google_cver=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEKXXiFtpVZyqq7yucETBr1U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=29edc8f1-b579-4090-89f3-0db7d92ddda1&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=T0xZQV8zekNpODZGSHdIeEdWM0R3Zw&gdpr=&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEG6-eM2zO8OYgglnkc1-SO0&google_cver=1
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=jDtc1mGikeg4

49 B
903 B

41ms
41ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=pp&nuid=jDtc1mGikeg4

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.go.sonobi.com/us.gif?nw=pp&nuid=jDtc1mGikeg4
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-568ff9c7d-9cnfz
expires: -1

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=36076055-e99f-4e00-8fa4-6929312e7278

49 B
931 B

117ms
43ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=36076055-e99f-4e00-8fa4-6929312e7278

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 20 Mar 2021 12:25:48 GMT
Server: MT3 3611 f10363c master cdg-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=36076055-e99f-4e00-8fa4-6929312e7278
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 20 Mar 2021 12:25:47 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi
https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0&google_hm=NGUwZTVlMGYtNjdmMy00NTk0LTg5NGYtZDI0N2Y2ZTVjZGYw
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDnDMOkH-w_NCmHu0Z4-e0I&google_cver=1&ssp=sonobi&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0

49 B
931 B

41ms
40ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0
date: Sat, 20 Mar 2021 12:25:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878968563639145

49 B
914 B

42ms
42ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878968563639145

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871878968563639145
Date: Sat, 20 Mar 2021 12:25:03 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=112494b5-c340-489e-9048-54e69d69e7ef&pubid=0b24fdfc82

49 B
931 B

177ms
43ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=112494b5-c340-489e-9048-54e69d69e7ef&pubid=0b24fdfc82

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=112494b5-c340-489e-9048-54e69d69e7ef&pubid=0b24fdfc82
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4922363679
https://sync.1rx.io/usersync/tradedesk/112494b5-c340-489e-9048-54e69d69e7ef
https://sync.targeting.unrulymedia.com/csync/RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-e3d13aa3-be14-4ad2-a744-ce9...
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003

49 B
934 B

51ms
50ms

Image
image/gif

178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
Server: Tengine
ETag: RXe3d13aa3be144ad2a744ce948b5de67e003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003
Connection: keep-alive
Content-Type: text/html

GET
H2 200 bql.php Show response
lg3.media.net/ Frame E6A5 15 B
216 B 256ms
255ms Script
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001616243101423031140534836640&geo=47.37|8.55&dlper=25&lper=100&fp=EIMN-ehR7Pps_CSyS_Yzo-2i1OixKc5bW9c2mufwmM6qC9U44Q2KYA-YKOrnvWPxjv6AB2pCHmm6a-D3MykyMd2zAeTk5IcXn9Hi75gbn8AMQjLXZ6ZG8shn_Gqejg2i&lpid=&tsid=1&q=&prv=&type=&ps=&cme=QBtmEwQY_KNm6w7qAHpu8yAsI6Kd318Kvzljtg-OTDERZANetJYpS4UDXW9g3XQwSc-TrVpxo9e-H02B9z9PXiDY7NHxXItYDfYOiCFN9alyiRye7F9h7ohWgdHl0kKkSqdjmCrQcEUEl1MZO9Y1gQSq1GHIZ2wvh8978WjClDZGVM36yGaJ8htTZytZqyAwsEzQ7I2b1YsERZoKlLR-uDbGalfujrc047WFYlLRjc0%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CyvLYWPz6OMciZr0Z3y7QuKJTrwuh7q8gIeRXKtzBnGP-h2naBp6UiOS35i2O3ngjjwezu6Ftaqyv5L-7UrR05OT5Rsnq0QrCKumFdK8AwgaiyJwSyl156w%3D%3D%7CN7fu2vKt8_s%3D%7CYm6AsLWf1sWuUMInRmROgqTA10G1nkct_cgJDfQSmWpGVX-Q7bZXq1NqQ8E7vjU5y7YjPC1-Agh7kryFBrHy7Uj8oQ1ud9NmNIqjCBbP6m_GWZtaJ50PzgEG44UKIj3ciN1St-0aoeDNNGZMZkhTpVy_tEy7BaQXuKEFLSh0Dsr31S-d2UAH9hLbVWe5tEjNrVTWfVzB2cYYXijZz9o3OXS9j0XgI6Ai%7C&hint=&td=&cc=CH&wsip=2887305290&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_kbbh=u9oNu9&vgde_setid=Nu9&&rc=0&ksu=207&fdkt=244&kwd[]=Free%20Software%20Download&kwt[]=244&kbc[]=1203023066&kwp[]=1&kid[]=11660601&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.09%7C%7Clvl%3D3.61&ktd[]=274911658240&kwd[]=Best%20Antivirus%20for%20Windows%2010&kwt[]=244&kbc[]=1203023066&kwp[]=2&kid[]=329785504&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.49%7C%7Clvl%3D3.15&ktd[]=274894881024&kwd[]=Free%20Malware%20Removing%20Tools&kwt[]=244&kbc[]=1203023066&kwp[]=3&kid[]=329768009&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.07%7C%7Clvl%3D1.00&ktd[]=274894881024&kwd[]=Best%20Antivirus%20Software%202021&kwt[]=244&kbc[]=1203023066&kwp[]=4&kid[]=330153116&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.52%7C%7Clvl%3D1.57&ktd[]=274894881024&kwd[]=Online%20Cyber%20Crime%20Portal&kwt[]=244&kbc[]=1203023066&kwp[]=5&kid[]=330029445&kbc2[]=ps%3D0.524%7C%7Crpc%3D0.16%7C%7Clvl%3D1.00&ktd[]=274894881024&rand=1616243103049&cid=8CU5BD6EW&vwid=1616243100845710280&vi=1616243100845710280&l3ch=0&slnkp=no&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1616243100196416304&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1616243101423&upk=1616243101.11362&hvsid=00001616243101423031140534836640&verid=3121199&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_isiolc=1&npgv=1&pid=8PO5M70HK&katen=1&pc=39&matm=1616243103057&vgd_ltime=1755&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=806241094&vgd_katbid=-21&vgd_kals=ttype%3D10002%7C%7Cpc%3D39&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305233&vgd_nrrsf=nrr&vgd_nrrv=10261&vgd_nrrs=10261&vgd_nrrmf=4a&vgd_cntrdt=AS%7CDIV-647633027%7CDIV&vgd_x_pos=980&vgd_y_pos=723&vgd_ren_page_h=5261&vgd_cty=ZURICH&vgd_l1hcsd=N2%7C1861&vgd_sethcsd=N7%7C1787&vgd_cfud=200312&vgd_is_amp=0&vgd_icat=618&vgd_spcat=-1&vgd_optout=0&vgd_ect=4g&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fdmedianet.js&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1616243100845710280%26lw%3D1%26esi%3D1%26size%3D300x250%26crid%3D647633027%26vpf%3D000%26cid%3D8CU5BD6EW%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DRlAcVccC-RdUYIl-LjF9ag%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8PO5M70HK%26requrl%3Dhttps%253a%252f%252fsecurityaffairs.co%252fwordpress%252f115760%252fhacking%252ff5-big-ip-attacks-cve-2021-22986.html%26%26katid%3D806241094%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A5&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:03 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 20 Mar 2021 12:25:03 GMT

POST
H2 200 log
navvy.media.net/ Frame E6A5 807 B
869 B 193ms
193ms Other
image/gif 35.212.210.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://navvy.media.net/log
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV10261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.210.170 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 170.210.212.35.bc.googleusercontent.com
Software: Jetty(9.4.7.v20170914) /
Resource Hash: 0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:03 GMT
via: 1.1 google
server: Jetty(9.4.7.v20170914)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache,no-store
alt-svc: clear
content-length: 807
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js Show response
platform.twitter.com/embed/ Frame B089 2 MB
2 MB 15ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B98) /
Resource Hash: 6348cbfbc920dc36067a7f95cb93a53e2f29c6773331cc99a16ea48b867e230f

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6B98)
Age: 833679
Etag: "b4dafb02c4bfceec1acb344ed7a6728e"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 2356672

GET
H/1.1 200
OK embed.ondemand.Tweet.02eb6c35037461aef842.js Show response
platform.twitter.com/embed/ Frame B089 58 KB
15 KB 14ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.02eb6c35037461aef842.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: 19c88c7b7a418e432cce3b5a3a921e34441e6debf665a1a1b0117872ddfbf735

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-1&frame=false&hideCard=false&hideThread=false&id=1372650076024107009&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC3)
Age: 833655
Etag: "c4f7602d11b1c9491d043435ca6e4212+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 14415

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js Show response
platform.twitter.com/embed/ Frame 8339 2 MB
2 MB 15ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.8f687f105e1077615abc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAE) /
Resource Hash: 6348cbfbc920dc36067a7f95cb93a53e2f29c6773331cc99a16ea48b867e230f

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BAE)
Age: 833679
Etag: "b4dafb02c4bfceec1acb344ed7a6728e"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 2356672

GET
H/1.1 200
OK embed.ondemand.Tweet.02eb6c35037461aef842.js Show response
platform.twitter.com/embed/ Frame 8339 58 KB
15 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.02eb6c35037461aef842.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.892471bfa3c75ece36a0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: 19c88c7b7a418e432cce3b5a3a921e34441e6debf665a1a1b0117872ddfbf735

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=securityaffairs&dnt=true&embedId=twitter-widget-2&frame=false&hideCard=false&hideThread=false&id=1373017186818781190&lang=en&origin=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&siteScreenName=securityaffairs&theme=light&widgetsVersion=e1ffbdb%3A1614796141937&width=500px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 20:45:02 GMT
Server: ECS (amb/6BC3)
Age: 833655
Etag: "c4f7602d11b1c9491d043435ca6e4212+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 14415

GET
H2 200 css
fonts.googleapis.com/ Frame B490 3 KB
674 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1616243102&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102182&bpp=26&bdt=146&idt=266&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=2&ga_vid=641753397.1616243101&ga_sid=1616243102&ga_hid=1514491438&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=2567501481&scr_x=0&scr_y=0&eid=21066428%2C44739387%2C21069711&oid=3&pvsid=4407677868578281&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.h90h8b888w2p&fsb=1&xpc=HY1COIltls&p=https%3A//securityaffairs.co&dtd=287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 10:30:43 GMT
server: ESF
date: Sat, 20 Mar 2021 12:25:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B490 2 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:10:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame B490 17 KB
7 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:22:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B490 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:24:37 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B490 117 KB
36 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 12:25:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B490 13 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:23:43 GMT

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame B490 25 KB
11 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 179403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 720A 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1616243102&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102182&bpp=26&bdt=146&idt=266&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=2&ga_vid=641753397.1616243101&ga_sid=1616243102&ga_hid=1514491438&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=2567501481&scr_x=0&scr_y=0&eid=21066428%2C44739387%2C21069711&oid=3&pvsid=4407677868578281&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.h90h8b888w2p&fsb=1&xpc=HY1COIltls&p=https%3A//securityaffairs.co&dtd=287
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnQsxVftO0Gd3jj6xwTF1DEvJmMJsstNopclkM75lg0hNLqrEVUm7S0fHd3M3E
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=1480696132&pi=t.ma~as.3157381981&w=728&lmt=1616243102&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102182&bpp=26&bdt=146&idt=266&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=2&ga_vid=641753397.1616243101&ga_sid=1616243102&ga_hid=1514491438&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=320&ady=518&biw=1600&bih=1200&isw=728&ish=90&ifk=2567501481&scr_x=0&scr_y=0&eid=21066428%2C44739387%2C21069711&oid=3&pvsid=4407677868578281&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.h90h8b888w2p&fsb=1&xpc=HY1COIltls&p=https%3A//securityaffairs.co&dtd=287

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Mar 2021 11:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2617
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B490 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08f2866249551fe28c73ac1814600b55a251a91d3dc457de2ec5d30a9d960bdd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 9536 3 KB
1 KB 116ms
28ms XHR
application/json 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?id=1372855324345040898&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CF9) / Express

Resource Hash

82f93cb2aebbbc501af87a0a6e7b47566c3faf39519bb1a1ed0d0a8c2b33077a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"bbe-Ij1wyTM6toi1PLOlgGBKOd0aUI0"
age: 51
x-powered-by: Express
x-cache: HIT
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
content-length: 1156
x-xss-protection: 0
x-response-time: 138
last-modified: Sat, 20 Mar 2021 12:24:12 GMT
server: ECS (mil/6CF9)
x-frame-options: SAMEORIGIN
date: Sat, 20 Mar 2021 12:25:03 GMT
vary: Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 2175a0f2ce4f462776cc39a1cfc8a77d
accept-ranges: bytes
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame B089 917 B
1 KB 112ms
27ms XHR
application/json 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?id=1372650076024107009&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDE) / Express

Resource Hash

f3f9851aacd203c1569a3e2094d6da83d0dbb6d2e8fb3b8e522358daaeae5b4b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"395-LVaDegxtAxkUP55dJbZ3fuRjgfk"
age: 51
x-powered-by: Express
x-cache: HIT
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
content-length: 606
x-xss-protection: 0
x-response-time: 137
last-modified: Sat, 20 Mar 2021 12:23:02 GMT
server: ECS (mil/6CDE)
x-frame-options: SAMEORIGIN
date: Sat, 20 Mar 2021 12:25:03 GMT
vary: Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 5f076f960e16bccfb58a7d836925c52d
accept-ranges: bytes
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 118ms
117ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4Ig1ghiBcICwCMCMATArADgGwAYC0GAnAOzF5JICmCehAZgMw3Ep0BMahEEWcAxmhAAacAhhIRfAG4wQwADogAzpSVKAlgHsAdgH0lAF00AnCAHNKi6IsSpMuAiTIVqtRs1YcuPfmkVDFPk1NMHVKXRQIAwgrG2R0bHwiUnIqGnomPBZ2Tm5eAUUAX2EQMwM6GABtHCEaiRqGgF0RMqUqhtrOuublAzboas76rp7KPgMAW1liOBwSygAPWTmRJSDZJCxNtjgGJBwkXTYkOAwcNgw4QjQGQVWgiugJZSCDDa2sHb2Do5Ozi6uNzQugwCDYOAwxGQ5z4hEoDEoaDodEoKCQfBOxAwqNBWJKa005XE90JKHe212+0Ox1O50u11uRwgSGIdAQB3oEAwZwYdD4fGIWAgu2IfCw2LYbFu+NerGJIEokFktlhaH2jhSLhoCFw+ChfDGEDoaLgaDuCrAYiekik-TkihUai0ekMJnMlhgcXR13VyWcaTwOpweoQBr4RpNZv8gWCoXCkWisXgyFVvqcqVcQZDYYjJyjIGKIgmAE8qpUJAwsMQhEQKwwcNXbmhiM1KmwhJXq7WO2heB2MCdWwwhIQzkIkBcanAkMOsFgGI0egB3ACOVR6JeM68kEz4VpAvEFDHrbGIJT4xgmAAcqiBNhTvjgSJjdnAsLoJhB1HokCV759KWDBgZmIJBMDgYgPy-PQ2BAHoIAAGzeAYmlWTQYHbXoogAV36SpCCEKUO2IhcRAALyga0QCvMxZBkERKG0GRYBvFoAAtyQA74wMhBg4DYQhrixc0+g2fjRwbN8OEwEpbVkLAADocAUhgMFgkREJgYcQD5GByAYgx1HED4vipVYDFo6AamUMBONMn4aX+ekgXmdQb1gJAMDQBSwMUllvP2M8GOwyjnmwoyrIYqQEKqUBtAgCZKFkBB1BQFBKGMXRUpKBNKNAFK0oyrKyWgbRsIQhCRCkdRirswCn1AiDXywAtCiEOKEqS2ACvSzLspEXKYHy1Letq0rysqkBqrGu8TPq4CIJ4iDWvakB4sS5KRqK-qQEG6BhsKvqSrKiqqpq7KPLmx9LmbfZJxWjqNu6rajpyqI8pAHrtuOiazpm-97JwPjCD4+w4FanolAQww6u4zAVhABDHmeaaLtmh99iBq5QewcHJFwgwZowABhABVNAACEABEsAAUQAdRKMw+GMjGgcIA4RBXLrnjoCKcEKIA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:03 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 119ms
119ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4IgxgTgtgDiBcBtEBGAbOgTAFgMwoAYCBOAdhW1L2zQH0oBDASwDtaUQAaVDNHfIrirkArAA5K9Zm0xceWPIQK5sxFeLTYprWrjnoFAghJHkCmMQW1tsIALrcGAGwAuCRAU6fvDkAGcAewRsbigAT3dEFE5cNFJOMWJo3FwCeNwRUwdETBi4hKSYkU0YsQps3E5iS04UC09sFEq0NFxskOrPOprSTEqyNt8AdwBHd19wiHHuMCgwACMEEE1SVtTMUjkmADcEXP8XBhcAVz93SsqUYl8ALwYEaJAYAHMl3e4AUxZd+Ce5Z4AFksDHxFAQUOJSCpMMRiKYxCI5C4zr8KDDLFQ+JkxHJtijlgA6AgE3BiWSOJwISogABmYAQAFpHh8XEwHrx+IRHn4XK94J5-ABrYEcsEoWiYCiWCyqEQZOQfJhwVEIgkQtBq0giNVpBXHe7wR7HNn8z7bSlIUAsBhQD5LeZMAAmjo+EFoTrkjqOBtADudrvdjoQLGOTic3G2TEDIsMSjIFCoKjQIAAvinOFabXbfn6XW6PdwvYcEL6nXno-AQ2GI1GPajRUYhJQIRJNmmMyBrbb7WWAwWQEWfSBc32g5XQ+GQJGK-JQUYTGZ6qn05nuzne-mg4XvSXhxuK1XJ9O67POYJVOoxJpl74-E4eTG51zxAQ5E4aQ8azOQWflBfsBotgzKcLgzmIADCACqIgAEIACJoAAogA6v89KGg2hC4MQmD7CM2aPDSJoECmQA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:03 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B55F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278

43 B
106 B

46ms
46ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 20 Mar 2021 12:25:49 GMT
Server: MT3 3611 f10363c master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 20 Mar 2021 12:25:48 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B55F
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NCjVU2chgVYvKIQHMHvNUWAo11EvetYHNCE9G5LF

43 B
122 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NCjVU2chgVYvKIQHMHvNUWAo11EvetYHNCE9G5LF
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NCjVU2chgVYvKIQHMHvNUWAo11EvetYHNCE9G5LF
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B55F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7700559954002210718

43 B
106 B

40ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7700559954002210718
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7700559954002210718
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B55F 70 B
264 B 49ms
47ms Image
image/gif 34.246.149.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=3ea4f173-6d3a-726a-eb8b-9ae6e3647c7d&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.149.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 pixel
cm.g.doubleclick.net/ Frame B55F 170 B
190 B 36ms
35ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJjYjIyYjktYTQ0ZC0yY2NlLWZlNmItYzA1ZjI5ODZiMjFk

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B55F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1

43 B
106 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B9AE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278

43 B
106 B

43ms
43ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 20 Mar 2021 12:25:49 GMT
Server: MT3 3611 f10363c master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 20 Mar 2021 12:25:48 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B9AE
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_3Y-zax_asjkdm-ZryAmy61zOcHkJzPMrSNx80JV

43 B
106 B

34ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_3Y-zax_asjkdm-ZryAmy61zOcHkJzPMrSNx80JV
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_3Y-zax_asjkdm-ZryAmy61zOcHkJzPMrSNx80JV
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B9AE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9206792487271569253

43 B
106 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9206792487271569253
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9206792487271569253
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B9AE 70 B
264 B 49ms
48ms Image
image/gif 34.246.149.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=3ea4f173-6d3a-726a-eb8b-9ae6e3647c7d&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.149.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 pixel
cm.g.doubleclick.net/ Frame B9AE 170 B
224 B 34ms
34ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJjYjIyYjktYTQ0ZC0yY2NlLWZlNmItYzA1ZjI5ODZiMjFk

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B9AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1

43 B
106 B

33ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 51D2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278

43 B
106 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 20 Mar 2021 12:25:49 GMT
Server: MT3 3611 f10363c master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=36076055-e99f-4e00-8fa4-6929312e7278
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 20 Mar 2021 12:25:48 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 51D2
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Cle7alle728RV-o9X1GjawsDvzwRVOs8CgYmsbTU

43 B
106 B

34ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Cle7alle728RV-o9X1GjawsDvzwRVOs8CgYmsbTU
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Cle7alle728RV-o9X1GjawsDvzwRVOs8CgYmsbTU
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 51D2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=610558415464748635

43 B
106 B

34ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=610558415464748635
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=610558415464748635
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 51D2 70 B
264 B 48ms
47ms Image
image/gif 34.246.149.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=3ea4f173-6d3a-726a-eb8b-9ae6e3647c7d&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.149.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 pixel
cm.g.doubleclick.net/ Frame 51D2 170 B
190 B 36ms
36ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJjYjIyYjktYTQ0ZC0yY2NlLWZlNmItYzA1ZjI5ODZiMjFk

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 51D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1

43 B
106 B

43ms
43ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.203.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
server: OXGW/16.203.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECU8mFZg09imgE3OtiWtKLs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F9E3 8 KB
9 KB 153ms
39ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fa48ae9c830471703372294323a557521101066ad57508508b135f632e5e48d0

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 167B
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
820 B

86ms
86ms

Script
text/html

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid: d33f23ff-b274-4b71-a8dc-0ee274101af6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid: 62b6ad4a-0a09-4b92-a50c-64c35b701968
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 34ms
34ms Image
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&katid=806241094&kals=ttype%3D10002%7C%7Cpc%3D39&katen=1&pc=39&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=QBtmEwQY_KNm6w7qAHpu8yAsI6Kd318Kvzljtg-OTDERZANetJYpS4UDXW9g3XQwSc-TrVpxo9e-H02B9z9PXiDY7NHxXItYDfYOiCFN9alyiRye7F9h7ohWgdHl0kKkSqdjmCrQcEUEl1MZO9Y1gQSq1GHIZ2wvh8978WjClDZGVM36yGaJ8htTZytZqyAwsEzQ7I2b1YsERZoKlLR-uDbGalfujrc047WFYlLRjc0=||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|yvLYWPz6OMciZr0Z3y7QuKJTrwuh7q8gIeRXKtzBnGP-h2naBp6UiOS35i2O3ngjjwezu6Ftaqyv5L-7UrR05OT5Rsnq0QrCKumFdK8AwgaiyJwSyl156w==|N7fu2vKt8_s=|Ym6AsLWf1sWuUMInRmROgqTA10G1nkct_cgJDfQSmWpGVX-Q7bZXq1NqQ8E7vjU5y7YjPC1-Agh7kryFBrHy7Uj8oQ1ud9NmNIqjCBbP6m_GWZtaJ50PzgEG44UKIj3ciN1St-0aoeDNNGZMZkhTpVy_tEy7BaQXuKEFLSh0Dsr31S-d2UAH9hLbVWe5tEjNrVTWfVzB2cYYXijZz9o3OXS9j0XgI6Ai|&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=647633027&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&vi=1616243100845710280&ugd=4&cc=CH&sc=ZH&startTime=1616243101422&l2type=setting&vgd_l1rakh=1616243100196416304&l1ch=1&sttm=1616243101423&upk=1616243101.11362&hvsid=00001616243101423031140534836640&verid=3121199&vgd_sc=ZH&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!N2|1861&vgd_uspa=0&vgd_isiolc=1&npgv=1&clp=%7B%7D&l2ch=0&l2wsip=2887305233&sethcsd=set!N7%7C1787

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:04 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 20 Mar 2021 12:25:04 GMT

GET
H2 200 bqi.php
lg3.media.net/ 15 B
15 B 34ms
34ms Image
text/javascript 23.210.250.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8PO5M70HK&katid=801353038&kals=ttype%3D10002%7C%7Cpc%3D48&katen=1&pc=48&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=QBtmEwQY_KO4lVJQZdQwoW801xut0Xg1o28Ov8RNbZRRrLGC54t1pGuL9GInwfWB59MbRGM1oqqUHYuFqM7hDuM5UUef5CYm67JfnU3JKTzyqtY8nBETq096CTGxkZa5QeocsCswZMc6slTHaYanMXO8VNfpKEbx2-bqRomDwbRbOCApvNIy0c8e4EP_j5YrsG_SLEW2OVi8rWb05m5q6oblhGdeUN4D||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|yvLYWPz6OMciZr0Z3y7QuKJTrwuh7q8gIeRXKtzBnGP-h2naBp6UiOS35i2O3ngjjwezu6Ftaqyv5L-7UrR05OT5Rsnq0QrCKumFdK8AwgaiyJwSyl156w==|N7fu2vKt8_s=|MO9oxJ-87yqIuGiw0FacFq_MftpljAs3O3VEXjTinsSMPnZSF_lHAJswhYdHDXCf7Y-Frlwkt5LBz_jq8Uzkg3NEW5mkttu39kUEGjXYr4l-pqW-aQ0UBUXjK6Rt33IsKdxrpiMbQu4ulw2DFl3aElEShhHuK93SNi93DIuAEsRqFLmDGTtH8hCq49PnXXg1aeDotaeWs1SLVrH1ucNjBeewe4Yqyjji|&gdpr=0&prid=8PRHGG6T9&cid=8CU5BD6EW&crid=184323154&requrl=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&vi=1616243100349345864&ugd=4&cc=CH&sc=ZH&startTime=1616243101417&l2type=setting&vgd_l1rakh=1616243100196416304&l1ch=1&sttm=1616243101418&upk=1616243101.11362&hvsid=00001616243101418031140534834069&verid=3121199&vgd_sc=ZH&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&l1hcsd=l1!N2|1861&vgd_uspa=0&vgd_isiolc=1&npgv=1&clp=%7B%7D&l2ch=0&l2wsip=2887305298&sethcsd=set!N7%7C1787

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.250.97 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-250-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Sat, 20 Mar 2021 12:25:04 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Sat, 20 Mar 2021 12:25:04 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame B0D7
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
820 B

43ms
43ms

Script
text/html

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: b4795b3a-7a67-4f8e-8366-b0cbbdba34ca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: e782cbb3-40f1-4541-b7ee-53a809229f16
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame AFF2
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
821 B

39ms
39ms

Script
text/html

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid: e87e70bb-3aa0-4565-ad40-2d60cbb3d2dd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.238:80
AN-X-Request-Uuid: 806eae9d-56d4-47b2-8e14-d5d7f2129a49
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 8339 2 KB
956 B 52ms
51ms XHR
application/json 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?id=1373017186818781190&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.bd4d763216e3c493ca8a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D43) / Express

Resource Hash

735cd4086358617ea5baf19a8f17b3ec715ee8adaef37b7162b6b4b01de41b22

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"639-O3oSkzsJfarVMKVZSJMg/jn0CQs"
age: 42
x-powered-by: Express
x-cache: HIT
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
content-length: 787
x-xss-protection: 0
x-response-time: 138
last-modified: Sat, 20 Mar 2021 12:22:17 GMT
server: ECS (lcy/1D43)
x-frame-options: SAMEORIGIN
date: Sat, 20 Mar 2021 12:25:04 GMT
vary: Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 0a5827b3595c959e7afb1f5eb5a22b79
accept-ranges: bytes
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H2 200 1f1fa-1f1f8.svg
abs-0.twimg.com/emoji/v2/svg/ Frame B089 2 KB
1 KB 78ms
25ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f1fa-1f1f8.svg

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1feca2279a6e78133bf577b99e4f3e82896622c255d29017cec5f5cfa93e4d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
timing-server-allow: https://twitter.com;https:///mobile.twitter.com
server-timing: x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length: 735
x-served-by: cache-fty21331-FTY, cache-hhn4034-HHN
last-modified: Wed, 21 Feb 2018 22:30:48 GMT
etag: "14i5Ix7SAo3CkkX3bPCkFQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 20 Mar 2021 12:25:04 GMT
expires: Fri, 03 Sep 2021 08:31:11 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame B089 43 B
383 B 202ms
202ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243104159%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372650076024107009%22%5D%2C%22item_details%22%3A%7B%221372650076024107009%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 172
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:04 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 007ec0dd000f9dee
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B490 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 01:58:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 210404
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 18 Mar 2022 01:58:20 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame B490 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 225761
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:42:23 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9536 43 B
124 B 145ms
144ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243104239%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372855324345040898%22%5D%2C%22item_details%22%3A%7B%221372855324345040898%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:04 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 006163c500134ce0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 188E 3 KB
1016 B 43ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=1390855164&adf=1480696128&pi=t.ma~as.1139220782&w=300&lmt=1616243103&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102490&bpp=5&bdt=200&idt=574&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=933578306&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=943&biw=1600&bih=1200&isw=320&ish=50&ifk=1692680414&scr_x=0&scr_y=0&eid=21067423%2C31060352%2C44739387&oid=3&pvsid=2955020931716375&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.flwh8l6nrbql&fsb=1&xpc=vVmO1HMQTG&p=https%3A//securityaffairs.co&dtd=583

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 11:55:50 GMT
server: ESF
date: Sat, 20 Mar 2021 12:25:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Mar 2021 12:25:04 GMT

GET
H2 200 300x250.png
cdn.pixfuture.com/banners/ Frame B3A3 44 KB
45 KB 22ms
22ms Image
image/png 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/banners/300x250.png
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/afr.php?zoneid=5529
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6251b4b4525b9007511a48a6cda9a168f07ff77ccc4dd75759486af624a13301

Request headers

Referer: https://served-by.pixfuture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 78828
content-length: 45195
cf-request-id: 08f131b23100004eb610973000000001
last-modified: Wed, 03 Feb 2021 20:39:58 GMT
server: cloudflare
etag: "601b0a1e-b08b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2FnNfKuzBSymOsq2ypU2I6v2PChP5GOo71fFWxP8ekPvw0eg0jQ69z6GMlZR5O0tgn8b2sUThvyXTP5X3ZX7HZxzw2oVopTdLBR0HnTpDzVLeAPoV1JxBS9mP8%2BdUA%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400, no-transform
accept-ranges: bytes
cf-ray: 632eebc9e9424eb6-FRA
expires: Sun, 21 Mar 2021 14:31:14 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 8339 43 B
124 B 144ms
142ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243104342%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-2%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221373017186818781190%22%5D%2C%22item_details%22%3A%7B%221373017186818781190%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:04 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 00ed212c00d5a0a4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 FGltMfZ1_normal.png
pbs.twimg.com/profile_images/1113668754141900801/ Frame B089 2 KB
3 KB 29ms
27ms Image
image/png 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1113668754141900801/FGltMfZ1_normal.png

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CED) /

Resource Hash

185c9e2bc69d60f16dd75642555ec30aca7ed11607d624abff383b8c3ccbdbb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
x-content-type-options: nosniff
age: 422040
x-cache: HIT
content-length: 2339
x-response-time: 169
surrogate-key: profile_images profile_images/bucket/0 profile_images/1113668754141900801
last-modified: Thu, 04 Apr 2019 05:02:56 GMT
server: ECS (mil/6CED)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c7e5ad919ec744129c251121087e79ba
accept-ranges: bytes

GET
H2 200 SC0nli3Y_normal.jpg
pbs.twimg.com/profile_images/1281230140513583109/ Frame 9536 2 KB
2 KB 28ms
27ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1281230140513583109/SC0nli3Y_normal.jpg

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE4) /

Resource Hash

af101f9a2469ae25c7805ff8897510945598106ba0d2d186844f59c9f9a59132

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
x-content-type-options: nosniff
age: 137223
x-cache: HIT
content-length: 2035
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/7 profile_images/1281230140513583109
last-modified: Thu, 09 Jul 2020 14:12:04 GMT
server: ECS (mil/6CE4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c4fb155f80f0c21dd455b68aa428bd78
accept-ranges: bytes

GET
H2 200 GCvP6P-k
pbs.twimg.com/card_img/1372240603057115141/ Frame 9536 3 KB
3 KB 28ms
28ms Image
image/jpeg 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1372240603057115141/GCvP6P-k?format=jpg&name=120x120

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CDF) /

Resource Hash

70e26fb1e5920d7a58651c4fa2c9d25fb0299273285d39658d0a49f4d63c5fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
x-content-type-options: nosniff
age: 226581
x-cache: HIT
content-length: 2985
x-response-time: 137
surrogate-key: card_img card_img/bucket/3 card_img/1372240603057115141
last-modified: Wed, 17 Mar 2021 17:35:09 GMT
server: ECS (mil/6CDF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8b9e1f2881c1e28ca85c38ad1de4f89f
accept-ranges: bytes

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 188E 2 KB
988 B 39ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:10:51 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 188E 17 KB
7 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:22:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 188E 2 KB
1 KB 33ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:24:37 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 188E 117 KB
36 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sat, 20 Mar 2021 12:25:04 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 188E 13 KB
6 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 12:23:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 188E 0
0 14ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAWPXWolUTyYbkSeBGp6DgPDoSnZ2pc-v0LxRFAnxc4gm4Z8Tw7I_jjVr4dV0GMoRAwaBdkrEXBL6DmAtIqE8waBuKBQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=1390855164&adf=1480696128&pi=t.ma~as.1139220782&w=300&lmt=1616243103&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102490&bpp=5&bdt=200&idt=574&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=933578306&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=943&biw=1600&bih=1200&isw=320&ish=50&ifk=1692680414&scr_x=0&scr_y=0&eid=21067423%2C31060352%2C44739387&oid=3&pvsid=2955020931716375&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.flwh8l6nrbql&fsb=1&xpc=vVmO1HMQTG&p=https%3A//securityaffairs.co&dtd=583
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 188E 25 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 179404
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 10C2
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8422580588876264401

42 B
769 B

107ms
30ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8422580588876264401
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=158127:2; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1618790400%3A203%7C1617062400%3A63%7C1617408000%3A56_166_55_13_88_222_71_81_230_78_8_22_204_161_21_165_176_5_220_7_54_3_189%7C1617494400%3A35%7C1616803200%3A223_15_2_67; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941711274078828692; PugT=1616243103
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-8422580588876264401; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:03 GMT; path=/ PugT=1616243103; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:03 GMT; path=/
X-lat: amspug005:0:274
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8422580588876264401
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E25B 43 B
284 B 124ms
40ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sat, 20 Mar 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1172
date: Sat, 20 Mar 2021 12:25:04 GMT
content-length: 43

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 9633
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMlkwN0FxOU1BQUJCcnRnTFdzQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir

43 B
181 B

381ms
46ms

Document
image/gif

185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
content-type: image/gif
transfer-encoding: chunked
x-smrt-reason: 5

Redirect headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
location: https://rtb-csync.smartadserver.com/redir
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 73FB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941711274078828692

42 B
771 B

88ms
31ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941711274078828692
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=158127:2; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1618790400%3A203%7C1617062400%3A63%7C1617408000%3A56_166_55_13_88_222_71_81_230_78_8_22_204_161_21_165_176_5_220_7_54_3_189%7C1617494400%3A35%7C1616803200%3A223_15_2_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6941711274078828692; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:03 GMT; path=/ PugT=1616243103; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:03 GMT; path=/
X-lat: amspug012:0:362
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6941711274078828692; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941711274078828692

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame E35E
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yW63AOVWEDjpj6SbpiHBWgLp

42 B
811 B

165ms
30ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yW63AOVWEDjpj6SbpiHBWgLp
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=158127:2; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1618790400%3A203%7C1617062400%3A63%7C1617408000%3A56_166_55_13_88_222_71_81_230_78_8_22_204_161_21_165_176_5_220_7_54_3_189%7C1617494400%3A35%7C1616803200%3A223_15_2_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_409=22966-yW63AOVWEDjpj6SbpiHBWgLp&KRTB&23212-yW63AOVWEDjpj6SbpiHBWgLp; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:03 GMT; path=/ PugT=1616243103; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:03 GMT; path=/
X-lat: amspug012:0:403
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sat, 20 Mar 2021 12:25:04 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=yW63AOVWEDjpj6SbpiHBWgLp; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=yW63AOVWEDjpj6SbpiHBWgLp
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame E7F5 43 B
408 B 112ms
34ms Document
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-3
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame BBD5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
444 B

194ms
187ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aonoeUq0I1u9yNycRfY7ZbCVRA12S6hMqXBLfieec
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d1bc72fc0a1cd7ab4993e3110e561fea41616243104; expires=Mon, 19-Apr-21 12:25:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aTnseFNj6WkCyhURALhDvMpqMvZaYWZdZagyrCRZbvYsUGWNv110DhSGuGpYAgLmRyKIve1oPO4qKQYLvaC0UPpL; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 12:25:04 GMT; SameSite=None; Secure; ANON_ID_old=aTnseFNj6WkCyhURALhDvMpqMvZaYWZdZagyrCRZbvYsUGWNv110DhSGuGpYAgLmRyKIve1oPO4qKQYLvaC0UPpL; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 12:25:04 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 08f131b3830000c27cee3b9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 632eebcc0befc27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-type: text/html
set-cookie: __cfduid=d1bc72fc0a1cd7ab4993e3110e561fea41616243104; expires=Mon, 19-Apr-21 12:25:04 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aonoeUq0I1u9yNycRfY7ZbCVRA12S6hMqXBLfieec; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 12:25:04 GMT; SameSite=None; Secure; ANON_ID_old=aonoeUq0I1u9yNycRfY7ZbCVRA12S6hMqXBLfieec; path=/; domain=.tribalfusion.com; expires=Fri, 18-Jun-2021 12:25:04 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 1824
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 08f131b2d10000c27ce7261000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 632eebcaea5ec27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 12CD
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jDtc1mGikeg4&pid=557219

1 B
463 B

88ms
30ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jDtc1mGikeg4&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=158127:2; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1618790400%3A203%7C1617062400%3A63%7C1617408000%3A56_166_55_13_88_222_71_81_230_78_8_22_204_161_21_165_176_5_220_7_54_3_189%7C1617494400%3A35%7C1616803200%3A223_15_2_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:03 GMT; path=/
X-lat: amspug019:0:257
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-568ff9c7d-9cnfz
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=jDtc1mGikeg4;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 15-Mar-2022 12:25:04 GMT;Max-Age=31104000;SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jDtc1mGikeg4&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 10B4 42 B
1 KB 42ms
22ms Document
image/gif 2606:4700:3039::6815:c01e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c01e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=d08922ef8b222a99ae7cf2f802846e3c11616243104; expires=Mon, 19-Apr-21 12:25:04 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-9mgd
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 08f131b2d300001786bb871000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 632eebcaea1d1786-FRA

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C3CD
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

35ms
34ms

Document
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 varnish
x-served-by: cache-fra19172-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1616243105.605032,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 20-Mar-2022 12:25:04 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 varnish
x-served-by: cache-fra19172-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1616243105.517603,VS0,VE55
x-vcl-time-ms: 55
content-length: 0

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 06BC
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

33ms
33ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1616243105647; TapAd_DID=4d551ff1-8977-11eb-a494-b6f1718f2367
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Sat, 20 Mar 2021 12:25:05 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1616243105647;Expires=Wed, 19 May 2021 12:25:05 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=4d551ff1-8977-11eb-a494-b6f1718f2367;Expires=Wed, 19 May 2021 12:25:05 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame DE16
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:T19kHHyp1LnAFa5&gdpr=0&gdpr_consent=

42 B
769 B

65ms
30ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:T19kHHyp1LnAFa5&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=24987911&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=158127:2; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1618790400%3A203%7C1617062400%3A63%7C1617408000%3A56_166_55_13_88_222_71_81_230_78_8_22_204_161_21_165_176_5_220_7_54_3_189%7C1617494400%3A35%7C1616803200%3A223_15_2_67; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:03 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_107=1471-uid:T19kHHyp1LnAFa5; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:03 GMT; path=/ PugT=1616243103; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:03 GMT; path=/
X-lat: amspug008:0:382
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Sat, 20 Mar 2021 12:25:03 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:T19kHHyp1LnAFa5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0dbb3bb3e77219ff5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=T19kHHyp1LnAFa5; Domain=.w55c.net; Expires=Wed, 20-Apr-2022 12:25:04 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Mon, 19-Apr-2021 12:25:04 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F9E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1wZ8sQGLQQ-uZG9WdEdMxw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

30ms
30ms

Image
text/html

184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=145463
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Mon, 22 Mar 2021 04:49:27 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame F9E3 95 B
404 B 27ms
21ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=D7067CB1-018B-410F-AE64-6F5674474CC7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 632eebcade684e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08f131b2c700004e9738bca000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame F9E3
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D7067CB1-018B-410F-AE64-6F5674474CC7&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D7067CB1-018B-410F-AE64-6F5674474CC7&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

53ms
52ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D7067CB1-018B-410F-AE64-6F5674474CC7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:03 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:02 GMT
frontend-id: 7
location: /pubmatic/1/info2?sType=sync&sExtCookieId=D7067CB1-018B-410F-AE64-6F5674474CC7&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D7067CB1-018B-410F-AE64-6F5674474CC7&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D7067CB1-018B-410F-AE64-6F5674474CC7&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D7067CB1-018B-410F-AE64-6F5674474CC7&addseg=31

7 B
147 B

101ms
32ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D7067CB1-018B-410F-AE64-6F5674474CC7&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sat, 20 Mar 2021 12:25:04 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D7067CB1-018B-410F-AE64-6F5674474CC7&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDcwNjdDQjEtMDE4Qi00MTBGLUFFNjQtNkY1Njc0NDc0Q0M3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

261ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
X-lat: amspug018:0:432
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcoZyptOfyQkhjiVqsDgsQ&google_cver=1

42 B
855 B

230ms
36ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcoZyptOfyQkhjiVqsDgsQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
X-lat: amspug003:0:399
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcoZyptOfyQkhjiVqsDgsQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F9E3 43 B
607 B 103ms
30ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 19 Mar 2021 12:25:04 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=112494b5-c340-489e-9048-54e69d69e7ef

42 B
882 B

147ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=112494b5-c340-489e-9048-54e69d69e7ef
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
X-lat: amspug005:0:284
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=112494b5-c340-489e-9048-54e69d69e7ef
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7700559954002210718

42 B
801 B

147ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7700559954002210718
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
X-lat: amspug012:0:411
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7700559954002210718
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:36076055-e99f-4e00-8fa4-6929312e7278&gdpr=0&gdpr_consent=

42 B
946 B

110ms
46ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:36076055-e99f-4e00-8fa4-6929312e7278&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
X-lat: amspug011:0:571
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sat, 20 Mar 2021 12:25:50 GMT
Server: MT3 3611 f10363c master cdg-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:36076055-e99f-4e00-8fa4-6929312e7278&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 20 Mar 2021 12:25:49 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4563328050804415368&gdpr=0&gdpr_consent=

42 B
769 B

291ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4563328050804415368&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
X-lat: amspug002:0:383
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: cb08168b-c34f-4e0e-8215-bb851f53087d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4563328050804415368&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk35abfdd5-c6c9-47d9-90bb-7e22ca728cc5&expires=7&user_group=5&ssp=pubmatic&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

31ms
30ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:06 GMT
X-lat: amspug017:0:406
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 20 Mar 2021 12:25:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 D7067CB1-018B-410F-AE64-6F5674474CC7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F9E3 43 B
924 B 106ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/D7067CB1-018B-410F-AE64-6F5674474CC7?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D7067CB1-018B-410F-AE64-6F5674474CC7&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pB5BdtE2uWQJmpnnh_tvu.eEoxBBXA-~A&gdpr=0&gdpr_consent=

0
418 B

380ms
31ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pB5BdtE2uWQJmpnnh_tvu.eEoxBBXA-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 20 Mar 2021 12:25:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7pB5BdtE2uWQJmpnnh_tvu.eEoxBBXA-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z

42 B
894 B

195ms
29ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
X-lat: amspug006:0:367
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFXpoQAAAGa3dzoG&gdpr=0&gdpr_consent=&_test=YFXpoQAAAGa3dzoG

1 B
809 B

31ms
30ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFXpoQAAAGa3dzoG&gdpr=0&gdpr_consent=&_test=YFXpoQAAAGa3dzoG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
X-lat: amspug019:0:412
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616243106.680108,VS0,VE0
x-served-by: cache-hhn4071-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFXpoQAAAGa3dzoG&gdpr=0&gdpr_consent=&_test=YFXpoQAAAGa3dzoG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7767812612999482272&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

111ms
45ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7767812612999482272&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:02 GMT
X-lat: amspug013:0:358
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7767812612999482272&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fe20fa88-419d-495b-8420-bf0ace5f3ff1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

31ms
30ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fe20fa88-419d-495b-8420-bf0ace5f3ff1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:05 GMT
X-lat: amspug016:0:372
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:fe20fa88-419d-495b-8420-bf0ace5f3ff1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 20 Mar 2021 12:25:05 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348&gdpr=0&gdpr_consent=

42 B
800 B

40ms
39ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
X-lat: amspug010:0:400
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame F9E3 0
104 B 94ms
62ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D7067CB1-018B-410F-AE64-6F5674474CC7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4563328050804415368

42 B
505 B

34ms
33ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4563328050804415368
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:03 GMT
X-lat: amspug020:0:397
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:05 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid: c52f45d5-36bb-4647-becb-47e1edfff1dd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4563328050804415368
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame F9E3
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6

42 B
790 B

34ms
33ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:04 GMT
X-lat: amspug019:0:439
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6
date: Sat, 20 Mar 2021 12:25:05 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 200 R440AkUQ_normal.png
pbs.twimg.com/profile_images/1135348556188049409/ Frame 8339 2 KB
2 KB 29ms
29ms Image
image/png 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1135348556188049409/R440AkUQ_normal.png

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE5) /

Resource Hash

2cf71ac2cab9eab07cd7e1aa81ee2a673fc043d0f4b9e69d5cd7e8ce812330c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
x-content-type-options: nosniff
age: 446312
x-cache: HIT
content-length: 1579
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/8 profile_images/1135348556188049409
last-modified: Mon, 03 Jun 2019 00:50:44 GMT
server: ECS (mil/6CE5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e90093c1023b6085dcd6c514b5ccaf99
accept-ranges: bytes

GET
H2 200 Ew3v2ueXAAEY8Rg
pbs.twimg.com/media/ Frame 8339 106 KB
106 KB 31ms
30ms Image
image/png 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Ew3v2ueXAAEY8Rg?format=png&name=small

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Torrance, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEA) /

Resource Hash

2746aab75381b8fb2ea34f3384ea14c70ca992b5462e6bf21c518d26a2d273c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
x-content-type-options: nosniff
age: 55317
x-cache: HIT
content-length: 108675
x-response-time: 122
surrogate-key: media media/bucket/5 media/1373017184885211137
last-modified: Fri, 19 Mar 2021 21:01:00 GMT
server: ECS (mil/6CEA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b3bb3f5be1d7c1b3aa36eabb45187c86
accept-ranges: bytes

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5E87 8 KB
7 KB 48ms
31ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77b31e9111db27fb6486db07425870a00a4276340181475db9a0d4d150163a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6463
x-xss-protection: 0

GET
H3-Q050 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame AEE5 143 B
0 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=1390855164&adf=1480696128&pi=t.ma~as.1139220782&w=300&lmt=1616243103&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102490&bpp=5&bdt=200&idt=574&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=933578306&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=943&biw=1600&bih=1200&isw=320&ish=50&ifk=1692680414&scr_x=0&scr_y=0&eid=21067423%2C31060352%2C44739387&oid=3&pvsid=2955020931716375&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.flwh8l6nrbql&fsb=1&xpc=vVmO1HMQTG&p=https%3A//securityaffairs.co&dtd=583
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnQsxVftO0Gd3jj6xwTF1DEvJmMJsstNopclkM75lg0hNLqrEVUm7S0fHd3M3E
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=50&slotname=1139220782&adk=1390855164&adf=1480696128&pi=t.ma~as.1139220782&w=300&lmt=1616243103&url=https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html&flash=0&wgl=1&dt=1616243102490&bpp=5&bdt=200&idt=574&shv=r20210316&cbv=r20190131&ptt=5&saldr=sa&correlator=6607668833010&frm=21&ife=1&pv=1&ga_vid=641753397.1616243101&ga_sid=1616243103&ga_hid=933578306&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=415&ady=943&biw=1600&bih=1200&isw=320&ish=50&ifk=1692680414&scr_x=0&scr_y=0&eid=21067423%2C31060352%2C44739387&oid=3&pvsid=2955020931716375&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.flwh8l6nrbql&fsb=1&xpc=vVmO1HMQTG&p=https%3A//securityaffairs.co&dtd=583

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Mar 2021 11:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2618
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B05F 1 KB
0 8ms
8ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 03:14:09 GMT
expires: Sun, 21 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 33055
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 188E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4fb7fa98784ded47779ca5133650c15d5bc98eba619ea14c565e646d2e5f8ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E87 17 KB
6 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 20 Mar 2021 12:25:04 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CB0A 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b388023a5a93d4a587c81c1b2b69f46585a8d84a7f1b58f18ce3c91a64ba5f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 12:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6596
x-xss-protection: 0

GET 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 188E 0
0

GET 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 188E 0
0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 720A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
158 B

44ms
39ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnQsxVftO0Gd3jj6xwTF1DEvJmMJsstNopclkM75lg0hNLqrEVUm7S0fHd3M3E
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 12:25:05 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 20-Mar-2021 13:25:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Mar 2021 12:25:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Mar 2021 12:25:05 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 18FD 14 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 94866
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CB0A 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 20 Mar 2021 12:25:05 GMT

GET sodar
pagead2.googlesyndication.com/getconfig/ Frame 3B3B 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 188E 0
0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 167B 0
749 B 90ms
89ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:05 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid: dacfec03-74cd-448c-94b3-4295bfe2ed48
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B0D7 0
749 B 36ms
36ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:05 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid: 93666803-328a-4f66-93ab-c7567852cd29
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AFF2 0
749 B 39ms
39ms Script
text/html 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 12:25:05 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: ce45ac92-9bd7-4ae3-ac32-86e5c17ed7fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 43AD 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 11:53:14 GMT
expires: Sun, 20 Mar 2022 11:53:14 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1911
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9536 43 B
170 B 142ms
142ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243105301%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22seen%22%2C%22section%22%3A%22main%22%2C%22component%22%3A%22privacy-notice%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372855324345040898%22%5D%2C%22item_details%22%3A%7B%221372855324345040898%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 008cf019001c4260
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9536 43 B
124 B 139ms
138ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243105304%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372855324345040898%22%5D%2C%22item_details%22%3A%7B%221372855324345040898%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 00e0cc0800781213
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E031 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://securityaffairs.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://securityaffairs.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 11:53:14 GMT
expires: Sun, 20 Mar 2022 11:53:14 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1911
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9536 43 B
125 B 146ms
145ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243105655%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372855324345040898%22%5D%2C%22item_details%22%3A%7B%221372855324345040898%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A3249.584998935461%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 00f6590300cfd94b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame B089 43 B
124 B 138ms
137ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243105656%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221372650076024107009%22%5D%2C%22item_details%22%3A%7B%221372650076024107009%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A3249.115001410246%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 000b0c79001ce7f8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 8339 43 B
119 B 144ms
143ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1616243105656%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-2%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2F115760%2Fhacking%2Ff5-big-ip-attacks-cve-2021-22986.html%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22securityaffairs%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22securityaffairs%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22251373c9%3A1615319843015%22%2C%22item_ids%22%3A%5B%221373017186818781190%22%5D%2C%22item_details%22%3A%7B%221373017186818781190%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A3248.7749978899956%7D&dnt=1

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Sat, 20 Mar 2021 12:25:05 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e7ad29c8f2f935fae3893ed808393ec3
x-transaction: 0085d75c0001a7f3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 123ms
119ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4IgZghiBcDaDMB2AbADgAzIJzwEyoBoBGdQ9A8yi6q5AFhsfQF0DwIBnGZNgC15iwArIgJDUrcGBhE2AVzkyhdcuABuMECDYBLDdAYgOAFwjG5XOLiHEskgF5RoskAAcA5po1sApgDt9N20QdwFoECJkSNw6eBIicUR4OlwsLBFUIWDjSwiUrAxEOmRrcWC1XOQAOnQq+FRcYIgAGxh4NjAAYxgAWhcfYx0ZKJLY+LYTT2hVDgBrTUjosfQiAH1cIjoMfDp0+CzfHVcFzKqE6qJEITP0RGCfOScXOSHp3zVWuFA-CABbH00ACMdAATEE+ABOq1BwRBZicoGBYMh0JBMD8cmazTYah0qIWIxicXQ6CwiE2RWSyBAAF8aQRvn8AeEkeCoTC2HDTDBEaC2fjoBisTi8TDwotRsT0Eg6OTxLLafTGf8gXyURyQFyESBWeq0YLMdiQLiBRFCctSHQRCR8OhFQyQD8VSy1ey0Zz4Tyda6BUKjSaxWallLkjgrah6IrJBxmiYCcH4uI7WxmtJnCLTRKiSRpbtkuJI2xOhZjKbUABhACqQgAQgARZAAUQA6sF3N1nObiUJkOS2ABHZkuMCvdA0oA
Requested by: Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:05 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 43AD 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 94866
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame E031 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 94866
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B490 42 B
89 B 41ms
39ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO7_RU5JxJitLdVUUtWQdFS9SNmVlYw07ew8C7pzGB6N0yI1Xp9_PTKqMPupOOQxcoBzcio7RWoB3VQwEH54Pg4En3EJZyO22AKT4JLMRmZMhunx1MekgwtAgudQ&sai=AMfl-YT8434t17mu5raFMGjdCEHT15qyhwlQ2cuJIXL8R02uSY_f7ecxrjuFPnB3f6Cbke-a33TnhfUdtmH5&sig=Cg0ArKJSzF6--L_zk3_NEAE&id=osdim&mcvt=1007&p=0,0,90,728&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=141025852&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616243102474&dlt=534&rpt=1583&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E87 0
23 B 42ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=4262988982309806&bg=!U1ClUBTNAAbUo7L91KM7ACkAdvg8Wt2HYUoethEU0r93-79l3QndYwxh_PSB4Q6WlaZ5E2-KvcyrIgIAAADcUgAAABFoAQcKAIDrJsQVlYLJOb02jiSRi8CDFc5qWhyia1DUUvcm9ffYUu8kbsx-HVfg2vMPhT4UeitrHfF_eiwC1HlqnOl-4pDKkCK_srNb8K_b17BeFp8mMzLkLYOUrAWybkCyLM8SfvZlmelRqm5W2hGHlzncD84vt-TG1RNKBrFinXVexAmHDZkB8sweGNFjp8gwQ9r82RIaNW13g4CiLVzVhHasMzNqNh3tH9vfgsOitjISCPiihVkpHRuM6iP8KjrQF1FgDGZ6p7Eh0oZDGQajrQMwuBt3TK_bGalGxlAnL64WqzR42QNemLeXoaewnuL-wMyRpdde6qTN0_zWu_ZQFqTkA4_RPyEqRy1HZjzjFaOLSFMt2XLTXoV0uSOqMbmIj_lLznCfMoDD6fEzbuxtF0_ioHdYJ8Zq3fX1pneAILBs5eh_iuPqFADWaK2a9KbxnPYz6iNeBlBHemXY3mKAm2xwncuT9tJpqqR7KWBDMQ_ArX8XChdl76tntf4LMrPyZm-1w7QdSRsPBQmUeb1n0FetsJ57OOO2ve38dBa4DrT9XUJvsBZ570kHJIhLxKz3eC2sYCkxJ2mauev03cpiqg4P11-w2OaClz-tzeUM4oas0diwSAf2r1Tes8Wkw5QbklKw_jgpfeLg66aqjgaXF9hV_1HZA2y8lckz1RCpRnG1c1Yl6QJAopmNgrqXgEUP_ZoXvWH7YAE5CKZW6l8_JGUDXiRlbfUn7xbPAg-DyNZl_JT96jhJ_UWmpOWU3WlSixdUsL8A1xfpBZlVOw0N-K1ZwqLr9qotI9Hyn0cQLTa7a_dRVfZn87FxKTitrlADk_3Jg1IDVoG8xw

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB0A 0
111 B 39ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=4407677868578281&bg=!LC-lL2vNAAbUo7L91KM7ACkAdvg8Wtzk5mAxUanXo5l3A13OLElXYrUKYT4fzf4g8-ql466BAQkf0gIAAADcUgAAABJoAQcKAJ8ewbgxARCMQVd4rvEZ7_Mp07Z6I_klc1OUsxkP1FlowjQnRM1eY4GSsq31v5XKWX2h1Y1blnAkQRnzPAaxvozUL_cVsSE-lXClC7pdN7dx1Pk66WwILx7I4EizKxjv07Dvo7USMBZKhogyxAceoWaZorV4szMYQjtzOtwYHahiYuZ9AqZ53tIvZTBKxG8OsKYGfKU4rZNhm8Gpw8z6nnqZAehE4VukrTyOKQ-48zZjymYqZZouQGO-VzFPR93QaX8NTg6QB8LWmEIPhfTQTGN0xgH0HrxZQ0FAKxLp609CJ9MpTOwcrPWAEjW9ZyxLIenme5Xico-kTGuQ28wXDcpE06Yow8F3_5CJF-MpGSWcI5Hi12XcRUpEspzQBht_hb66ooCYCZa5stAwFYxrPgjMjcBJbQAvdu4zES_F71j1YgwJXnNI47MVrPjZLPIL0uZPZ7zFPzPpzSJMWYW1vYRHcA-wHmAJFJw6Xfj2xQOvx-zVEirXiJUqdhQu5CLhd4QTf-LftjXrfe-rl6XB8cgCHld8wqhLSpDd5mbe-cfwSEkYI9LqDrEhHT9ngINOy2WYtRY7bjRSfwSA8JBRd0JD_4lrmNZj4qw3yeCSmi7qRL5vIZM2CeNbPBj5Rh79Qorvbwj5WMd9opxt-_ifhVD9zeSWxVwKuuf6vubSqPx40_3cFlTQbeJXwlcJYPPvSz6cipkFwBzCv0ZKzEIGy-3QFNAXKE1HOk9rz8kjEg06jHu-oqFfCRLf_2HP0cZpsENslsGIQb-zXRtznH5v_fswD9I8RtVB-tEOY0la5l2KI_HEJv5Mo2EQDBVIwJrWtFyS3TvCFq37Gf6lzCbddZyZGfIEfzHGe_FVuA

Requested by

Host: securityaffairs.co
URL: https://securityaffairs.co/wordpress/115760/hacking/f5-big-ip-attacks-cve-2021-22986.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame F9E3 0
418 B 124ms
31ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:05 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame BD6F 37 KB
14 KB 35ms
34ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1618790400%3A203%7C1617062400%3A63%7C1617408000%3A56_166_55_13_88_222_71_81_230_78_8_22_204_161_21_165_176_5_220_7_54_3_189%7C1617494400%3A35%7C1616803200%3A223_15_2_67; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941711274078828692; KRTBCOOKIE_107=1471-uid:T19kHHyp1LnAFa5; KRTBCOOKIE_27=16735-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&16736-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23019-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23114-uid:36076055-e99f-4e00-8fa4-6929312e7278; KRTBCOOKIE_22=14911-7767812612999482272; KRTBCOOKIE_409=22966-yW63AOVWEDjpj6SbpiHBWgLp&KRTB&23212-yW63AOVWEDjpj6SbpiHBWgLp; KRTBCOOKIE_391=22924-7700559954002210718&KRTB&23263-7700559954002210718; KRTBCOOKIE_377=6810-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&22918-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&23031-112494b5-c340-489e-9048-54e69d69e7ef; KRTBCOOKIE_336=5844-8422580588876264401; KRTBCOOKIE_153=1923--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&19420--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&22979--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z; KRTBCOOKIE_80=16514-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&22987-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&23025-CAESEAcoZyptOfyQkhjiVqsDgsQ; KRTBCOOKIE_57=22776-4563328050804415368; KRTBCOOKIE_188=3189-d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348; PugT=1616243104; KRTBCOOKIE_218=22978-YFXpoQAAAGa3dzoG&KRTB&23194-YFXpoQAAAGa3dzoG&KRTB&23209-YFXpoQAAAGa3dzoG&KRTB&23244-YFXpoQAAAGa3dzoG; KRTBCOOKIE_1074=22956-e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6; SPugT=1616243105; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=140166
Expires: Mon, 22 Mar 2021 03:21:13 GMT
Date: Sat, 20 Mar 2021 12:25:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3610 37 KB
14 KB 32ms
32ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; chkChromeAb67Sec=1; DPSync3=1617408000%3A201_227_226_221; SyncRTB3=1618790400%3A203%7C1617062400%3A63%7C1617408000%3A56_166_55_13_88_222_71_81_230_78_8_22_204_161_21_165_176_5_220_7_54_3_189%7C1617494400%3A35%7C1616803200%3A223_15_2_67; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941711274078828692; KRTBCOOKIE_107=1471-uid:T19kHHyp1LnAFa5; KRTBCOOKIE_27=16735-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&16736-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23019-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23114-uid:36076055-e99f-4e00-8fa4-6929312e7278; KRTBCOOKIE_22=14911-7767812612999482272; KRTBCOOKIE_409=22966-yW63AOVWEDjpj6SbpiHBWgLp&KRTB&23212-yW63AOVWEDjpj6SbpiHBWgLp; KRTBCOOKIE_391=22924-7700559954002210718&KRTB&23263-7700559954002210718; KRTBCOOKIE_377=6810-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&22918-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&23031-112494b5-c340-489e-9048-54e69d69e7ef; KRTBCOOKIE_336=5844-8422580588876264401; KRTBCOOKIE_153=1923--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&19420--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&22979--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z; KRTBCOOKIE_80=16514-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&22987-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&23025-CAESEAcoZyptOfyQkhjiVqsDgsQ; KRTBCOOKIE_57=22776-4563328050804415368; KRTBCOOKIE_188=3189-d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348; PugT=1616243104; KRTBCOOKIE_218=22978-YFXpoQAAAGa3dzoG&KRTB&23194-YFXpoQAAAGa3dzoG&KRTB&23209-YFXpoQAAAGa3dzoG&KRTB&23244-YFXpoQAAAGa3dzoG; KRTBCOOKIE_1074=22956-e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6; SPugT=1616243105; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=140166
Expires: Mon, 22 Mar 2021 03:21:13 GMT
Date: Sat, 20 Mar 2021 12:25:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BD6F 2 KB
3 KB 39ms
39ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41159341&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d265de22d357e5c330abc40b4174d03c476e2eccf0ec0b0a83cfc1f9113932c4

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:07 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 1819
Content-Type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 4507 35 B
324 B 58ms
57ms Document
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=D7067CB1-018B-410F-AE64-6F5674474CC7

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41159341&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=D7067CB1-018B-410F-AE64-6F5674474CC7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=7700559954002210718
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 20 Mar 2021 12:25:07 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=7700559954002210718; expires=Wed, 19 May 2021 12:25:07 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6B48
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003&rndcb=6917383744
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0
https://x.bidswitch.net/sync?dsp_id=257&user_id=mka489fdb5-8640-41b6-ad2e-12a57bc0a47f&expires=7&user_group=5&ssp=adconductor&bsw_param=4e0e5e0f-67f3-4594-894f-d247f6e5cdf0
https://sync.1rx.io/usersync/bidswitch/4e0e5e0f-67f3-4594-894f-d247f6e5cdf0?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003

42 B
849 B

31ms
30ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41159341&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941711274078828692; KRTBCOOKIE_107=1471-uid:T19kHHyp1LnAFa5; KRTBCOOKIE_27=16735-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&16736-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23019-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23114-uid:36076055-e99f-4e00-8fa4-6929312e7278; KRTBCOOKIE_22=14911-7767812612999482272; KRTBCOOKIE_409=22966-yW63AOVWEDjpj6SbpiHBWgLp&KRTB&23212-yW63AOVWEDjpj6SbpiHBWgLp; KRTBCOOKIE_391=22924-7700559954002210718&KRTB&23263-7700559954002210718; KRTBCOOKIE_377=6810-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&22918-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&23031-112494b5-c340-489e-9048-54e69d69e7ef; KRTBCOOKIE_336=5844-8422580588876264401; KRTBCOOKIE_153=1923--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&19420--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&22979--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z; KRTBCOOKIE_80=16514-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&22987-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&23025-CAESEAcoZyptOfyQkhjiVqsDgsQ; KRTBCOOKIE_57=22776-4563328050804415368; KRTBCOOKIE_188=3189-d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348; PugT=1616243104; KRTBCOOKIE_218=22978-YFXpoQAAAGa3dzoG&KRTB&23194-YFXpoQAAAGa3dzoG&KRTB&23209-YFXpoQAAAGa3dzoG&KRTB&23244-YFXpoQAAAGa3dzoG; KRTBCOOKIE_1074=22956-e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6; SPugT=1616243105; pi=158127:4; chkChromeAb67Sec=2; DPSync3=1616284800%3A174%7C1617408000%3A201_227_226_221_219_197; SyncRTB3=1621382400%3A69%7C1617494400%3A35%7C1617408000%3A78_8_56_13_165_5_3_57_88_222_71_176_104_99_166_230_21_189_204_161_220_7_55_81_22_54%7C1616803200%3A2_223_15_67%7C1618790400%3A203%7C1617062400%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:05 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003&KRTB&17107-RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:05 GMT; path=/ PugT=1616243105; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 19-Apr-2021 12:25:05 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:05 GMT; path=/
X-lat: amspug015:0:383
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: Tengine
Date: Sat, 20 Mar 2021 12:25:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003%22%7D; path=/; expires=Sun, 20 Mar 2022 12:25:07 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003
ETag: RXe3d13aa3be144ad2a744ce948b5de67e003

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame FFF7
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:45C8B223DA0D42C48890B83550266340

1 B
463 B

31ms
30ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:45C8B223DA0D42C48890B83550266340
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41159341&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941711274078828692; KRTBCOOKIE_107=1471-uid:T19kHHyp1LnAFa5; KRTBCOOKIE_27=16735-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&16736-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23019-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23114-uid:36076055-e99f-4e00-8fa4-6929312e7278; KRTBCOOKIE_22=14911-7767812612999482272; KRTBCOOKIE_409=22966-yW63AOVWEDjpj6SbpiHBWgLp&KRTB&23212-yW63AOVWEDjpj6SbpiHBWgLp; KRTBCOOKIE_391=22924-7700559954002210718&KRTB&23263-7700559954002210718; KRTBCOOKIE_377=6810-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&22918-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&23031-112494b5-c340-489e-9048-54e69d69e7ef; KRTBCOOKIE_336=5844-8422580588876264401; KRTBCOOKIE_153=1923--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&19420--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&22979--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z; KRTBCOOKIE_80=16514-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&22987-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&23025-CAESEAcoZyptOfyQkhjiVqsDgsQ; KRTBCOOKIE_57=22776-4563328050804415368; KRTBCOOKIE_188=3189-d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348; PugT=1616243104; KRTBCOOKIE_218=22978-YFXpoQAAAGa3dzoG&KRTB&23194-YFXpoQAAAGa3dzoG&KRTB&23209-YFXpoQAAAGa3dzoG&KRTB&23244-YFXpoQAAAGa3dzoG; KRTBCOOKIE_1074=22956-e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6; SPugT=1616243105; pi=158127:4; chkChromeAb67Sec=2; DPSync3=1616284800%3A174%7C1617408000%3A201_227_226_221_219_197; SyncRTB3=1621382400%3A69%7C1617494400%3A35%7C1617408000%3A78_8_56_13_165_5_3_57_88_222_71_176_104_99_166_230_21_189_204_161_220_7_55_81_22_54%7C1616803200%3A2_223_15_67%7C1618790400%3A203%7C1617062400%3A63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 18-Jun-2021 12:25:05 GMT; path=/
X-lat: amspug012:0:340
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: nginx
date: Sat, 20 Mar 2021 12:25:07 GMT
content-type: text/html
content-length: 154
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:45C8B223DA0D42C48890B83550266340
expires: Fri, 19 Mar 2021 12:25:07 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 9857 0
114 B 362ms
118ms Document
text/plain 38.27.122.158
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=41159341&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: match.bnmla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 20 Mar 2021 12:25:07 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BD6F
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=D7067CB1-018B-410F-AE64-6F5674474CC7
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=112494b5-c340-489e-9048-54e69d69e7ef&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=fb44d718381d0b152587cde6d3a4d2c
https://spl.zeotap.com/?zdid=1332&zcluid=6e48010d7690195d
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae634b38-1f01-47c5-56f6-83aa9c350d5d&reqId=e9cc43a7-f01f-4fd0-49f2-a5adac3a0ccd&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHVhVEYZ6Kli0jMabepbfK4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae634b38-1f01-47c5-56f6-83aa9c350d5d&reqId=e9cc43a7-f01f-4fd0-49f2-a5a...

95 B
203 B

24ms
23ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHVhVEYZ6Kli0jMabepbfK4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae634b38-1f01-47c5-56f6-83aa9c350d5d&reqId=e9cc43a7-f01f-4fd0-49f2-a5adac3a0ccd&zcluid=6e48010d7690195d&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 12:25:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 632eebdeced74e97-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08f131bf4000004e9701397000000001

Redirect headers

pragma: no-cache
date: Sat, 20 Mar 2021 12:25:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHVhVEYZ6Kli0jMabepbfK4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae634b38-1f01-47c5-56f6-83aa9c350d5d&reqId=e9cc43a7-f01f-4fd0-49f2-a5adac3a0ccd&zcluid=6e48010d7690195d&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame BD6F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=36076055-e99f-4e00-8fa4-6929312e7278

0
587 B

31ms
31ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=36076055-e99f-4e00-8fa4-6929312e7278
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sat, 20 Mar 2021 12:25:05 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Sat, 20 Mar 2021 12:25:52 GMT
Server: MT3 3611 f10363c master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=36076055-e99f-4e00-8fa4-6929312e7278
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 20 Mar 2021 12:25:51 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame BD6F
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e805a05-8977-11eb-9088-ed40862cf966&gdpr=0&gdpr_consent=

1 B
793 B

31ms
31ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e805a05-8977-11eb-9088-ed40862cf966&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:06 GMT
X-lat: amspug012:0:902
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e805a05-8977-11eb-9088-ed40862cf966&gdpr=0&gdpr_consent=
Date: Sat, 20 Mar 2021 12:25:07 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 4e805a06-8977-11eb-9088-ed40862cf966

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame BD6F 0
418 B 35ms
34ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:07 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 119ms
118ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4IgLgDghiBcDaiCMAaADAXSykBLAbnABw4DOYUYArqXPACwBMKSAnBjgF4yyogQBzOCEI4ApgDtCsfiBwCAFsKQA2VY3oBmJGiQBWIgHZNTVqz2GieueFoykpomkP0VjPQZv47IFQDo0P00iRhsoABs4TRwAMwBjOABaPjEwXDhVdS0dPnIhWDQyAGtlNTds3QB9RgcnRiJ6c01rcVwIZSs-fX8kQz0u5xsxKh4+KnSC8XxIhFAJKABbMWEAI1wAE3WxACdKjZt1yh5QNc2dvfW4CSpw8Jx8XAvSrO00NFZDBxcTFRAAXz+KDmi2WMlOW12+xwhwocBOGwhT1g11u90e+3sZQ0rzQmhcnwM9EM-0BwKWqwR5yhIBhxxA4Kpl2RNzuInRTJAmXKOIaFh09TQJKBIHm5LBlMhl2hRzh9IlSJRrIeSM5WIquMaJgMKnoJI4IFI4XIz25OQMgpw4RiGTRKq52J0GtYWqIOpscRoYBVRAAwgBVPQAIQAIioAKIAdRsAgSvDVr1YamiIAAjqC+DEJmg-kA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:09 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3610 37 KB
14 KB 34ms
32ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=D7067CB1-018B-410F-AE64-6F5674474CC7; PUBMDCID=3; KRTBCOOKIE_1101=23040-6941711274078828692; KRTBCOOKIE_107=1471-uid:T19kHHyp1LnAFa5; KRTBCOOKIE_27=16735-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&16736-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23019-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23114-uid:36076055-e99f-4e00-8fa4-6929312e7278; KRTBCOOKIE_22=14911-7767812612999482272; KRTBCOOKIE_409=22966-yW63AOVWEDjpj6SbpiHBWgLp&KRTB&23212-yW63AOVWEDjpj6SbpiHBWgLp; KRTBCOOKIE_391=22924-7700559954002210718&KRTB&23263-7700559954002210718; KRTBCOOKIE_377=6810-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&22918-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&23031-112494b5-c340-489e-9048-54e69d69e7ef; KRTBCOOKIE_336=5844-8422580588876264401; KRTBCOOKIE_153=1923--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&19420--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&22979--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z; KRTBCOOKIE_80=16514-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&22987-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&23025-CAESEAcoZyptOfyQkhjiVqsDgsQ; KRTBCOOKIE_57=22776-4563328050804415368; KRTBCOOKIE_188=3189-d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348; KRTBCOOKIE_218=22978-YFXpoQAAAGa3dzoG&KRTB&23194-YFXpoQAAAGa3dzoG&KRTB&23209-YFXpoQAAAGa3dzoG&KRTB&23244-YFXpoQAAAGa3dzoG; KRTBCOOKIE_1074=22956-e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6; chkChromeAb67Sec=2; DPSync3=1616284800%3A174%7C1617408000%3A201_227_226_221_219_197; SyncRTB3=1621382400%3A69%7C1617494400%3A35%7C1617408000%3A78_8_56_13_165_5_3_57_88_222_71_176_104_99_166_230_21_189_204_161_220_7_55_81_22_54%7C1616803200%3A2_223_15_67%7C1618790400%3A203%7C1617062400%3A63; KRTBCOOKIE_594=17105-RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003&KRTB&17107-RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003; KRTBCOOKIE_279=22890-4e805a05-8977-11eb-9088-ed40862cf966&KRTB&23011-4e805a05-8977-11eb-9088-ed40862cf966; PugT=1616243106; KRTBCOOKIE_466=16530-4e0e5e0f-67f3-4594-894f-d247f6e5cdf0; SPugT=1616243107; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=140163
Expires: Mon, 22 Mar 2021 03:21:13 GMT
Date: Sat, 20 Mar 2021 12:25:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3610 47 B
524 B 39ms
38ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21077250&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 12:25:08 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 47
Content-Type: text/html; charset=UTF-8

POST
H2 200 ptmdP
dt.clnmde.com/ 7 B
328 B 118ms
118ms Other
text/html 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU5BD6EW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Mar 2021 12:25:11 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

GET
H2 200 ptmd
dt.clnmde.com/ 70 B
330 B 118ms
117ms Image
image/gif 52.201.98.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=1616243101587342995785_N4IgLgDghiBcDaiBMAaADAXSykBLAbnEmjgM5hRgCupc8ALKgIwCcGOAXjLEzhAOZwQhHAFMAdoVggIIHPwAWQpgDZVSegGYmaJgFYAHAHZNjFiz1GDeueFrSmZg2iP0VSPYdv57IFQDo0f00DJFsoABs4TRwAMwBjOABaXhBRMFw4VXUtHVTyQVgSEFIAa2U1d1zdAH0kR2ckA3oLTRsxXFkHa399AKYjPV6XW1EqblSqTKKxfCiEUHEoAFtRIQAjXAATLdEAJxrt2y3KblBNnf3DrbhxKgiInHxca4qc7TQ0FiNHV1MVEAAX0BKEWKzW0guuwORxwJwocHO22hr1gdweTxeRwclQ0HzQmlcP0M9CMQJBYNWG2RV1hIHhZxAUNpNzR90ewixrJA2Sq+Oalh0TTQ5NBICWVMhNJhNzhp0RTOlqPRHOeqJ5uOqBJapkMKno5PYJQi5DefLyhhFOAisSymPVvLxOm1LF1Bn1tniNDA6oMAGEAKp6ABCABEVABRADqtn4iR4mu09TUqBAAEcIalYtM0ICgA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.98.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://securityaffairs.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Mar 2021 12:25:21 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400italic%2C700italic%2C400%2C700&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Ccyrillic%2Clatin-ext%2Cvietnamese&ver=90d17f278c33fd3fb9b35ecab5d843f1

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic&ver=90d17f278c33fd3fb9b35ecab5d843f1

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=90d17f278c33fd3fb9b35ecab5d843f1

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic&subset=latin%2Ccyrillic-ext%2Cgreek-ext%2Ccyrillic&ver=90d17f278c33fd3fb9b35ecab5d843f1

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAK0z8CGfIEn_CLbl5BVtjJjNinfPHUJbeLFkuBJ6P0KdmJl9bkPXgSZmg9qjz-EwIPV-cgcrZYQLE186KktkPHyqdbC57H3vmaoHBlLMpiAPi&sai=AMfl-YSsM8QupMwfJAccZPv5eMyugrf--rsd9IsnoHWamTJpA8b74WIqHBkerf70TAYixDBVVtYDMOO96d3NHzgMOhzccohsla0jJz4&sig=Cg0ArKJSzPvJaijMc-1iEAE&cid=CAASF-RohSUuOKJicBZ-iZU-D7sUYxsNweaX&id=osdim&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210317&bin=7&avms=ns&bs=0,0&mc=0&if=1&app=0&itpl=22&adk=1390855164&rs=2&la=0&cr=0&osd=1&vs=2&r=u&uup=0

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-19 18:23:47	Name: uid Value: 7700559954002210718
.adform.net/	1970-01-19 17:42:01	Name: C Value: 1
.tapad.com/	1970-01-19 18:23:47	Name: TapAd_TS Value: 1616243105647
.tribalfusion.com/	1970-01-19 19:06:59	Name: ANON_ID Value: aTnseFNj6WkCyhURALhDvMpqMvZaYWZdZagyrCRZbvYsUGWNv110DhSGuGpYAgLmRyKIve1oPO4qKQYLvaC0UPpL
.doubleclick.net/	1970-01-19 16:57:26	Name: DSID Value: NO_DATA
.openx.net/	1970-01-19 17:18:59	Name: pd Value: v2\|1616243103\|gekin0vNiygu
.adnxs.com/	1970-01-19 19:06:59	Name: uuid2 Value: 4563328050804415368
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_279 Value: 22890-4e805a05-8977-11eb-9088-ed40862cf966&KRTB&23011-4e805a05-8977-11eb-9088-ed40862cf966
.pubmatic.com/	1970-01-19 19:06:59	Name: KRTBCOOKIE_466 Value: 16530-4e0e5e0f-67f3-4594-894f-d247f6e5cdf0
.pubmatic.com/	1970-01-19 19:06:59	Name: KRTBCOOKIE_594 Value: 17105-RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003&KRTB&17107-RX-e3d13aa3-be14-4ad2-a744-ce948b5de67e-003
.pubmatic.com/	1970-01-19 19:06:59	Name: SyncRTB3 Value: 1621382400%3A69%7C1617494400%3A35%7C1617408000%3A78_8_56_13_165_5_3_57_88_222_71_176_104_99_166_230_21_189_204_161_220_7_55_81_22_54%7C1616803200%3A2_223_15_67%7C1618790400%3A203%7C1617062400%3A63
.doubleclick.net/	1970-01-20 02:18:59	Name: IDE Value: AHWqTUnQsxVftO0Gd3jj6xwTF1DEvJmMJsstNopclkM75lg0hNLqrEVUm7S0fHd3M3E
.pubmatic.com/	1970-01-19 19:06:59	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-19 17:40:35	Name: SPugT Value: 1616243105
.securityaffairs.co/	1970-01-19 16:57:24	Name: bfp_sn_pl Value: 1616243101\|1_214802849535
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_218 Value: 22978-YFXpoQAAAGa3dzoG&KRTB&23194-YFXpoQAAAGa3dzoG&KRTB&23209-YFXpoQAAAGa3dzoG&KRTB&23244-YFXpoQAAAGa3dzoG
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_80 Value: 16514-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&22987-CAESEAcoZyptOfyQkhjiVqsDgsQ&KRTB&23025-CAESEAcoZyptOfyQkhjiVqsDgsQ
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_153 Value: 1923--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&19420--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z&KRTB&22979--38IV6h2XFLgf1kArnkQVvorDAHgfFgB-y529F4z
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_107 Value: 1471-uid:T19kHHyp1LnAFa5
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_1074 Value: 22956-e_4a6d1d10-a56c-417f-98f9-3cf6d4ac09f6
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_391 Value: 22924-7700559954002210718&KRTB&23263-7700559954002210718
.pubmatic.com/	1970-01-19 16:58:49	Name: pi Value: 158127:4
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_22 Value: 14911-7767812612999482272
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_27 Value: 16735-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&16736-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23019-uid:36076055-e99f-4e00-8fa4-6929312e7278&KRTB&23114-uid:36076055-e99f-4e00-8fa4-6929312e7278
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_409 Value: 22966-yW63AOVWEDjpj6SbpiHBWgLp&KRTB&23212-yW63AOVWEDjpj6SbpiHBWgLp
.securityaffairs.co/	1970-01-19 21:16:35	Name: _pubcid Value: ed08ce2a-c4bd-4d9d-b15d-520e87434f80
.securityaffairs.co/	1970-01-23 06:41:45	Name: bfp_sn_rt_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1616243101589
.pubmatic.com/	1970-01-19 19:06:59	Name: PUBMDCID Value: 3
.openx.net/	1970-01-20 01:42:59	Name: i Value: ed08ce2a-c4bd-4d9d-b15d-520e87434f80\|1616243101
securityaffairs.co/	1970-01-19 16:57:26	Name: _lr_retry_request Value: true
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_336 Value: 5844-8422580588876264401
.pubmatic.com/	1970-01-19 19:06:59	Name: KADUSERCOOKIE Value: D7067CB1-018B-410F-AE64-6F5674474CC7
.securityaffairs.co/	1970-01-20 02:18:59	Name: __gads Value: ID=24e9f4d1cfa01591-229bfed1d6ba00bb:T=1616243103:RT=1616243103:S=ALNI_Mak_Ny3_TtWdNCiCcpjB5KzHpIDcg
.pubmatic.com/	1970-01-19 19:06:59	Name: KTPCACOOKIE Value: YES
.pxlclnmdecom-a.akamaihd.net/	1970-01-19 16:57:24	Name: bfp_sn_td_2a17fb019fa8803fcc76a437c68e2235 Value: 1616243101_214802849535_2a17fb019fa8803fcc76a437c68e2235
.pxlclnmdecom-a.akamaihd.net/	1970-01-19 16:57:24	Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1616243101_214802849535_8b2087b102c9e3e5ffed1c1478ed8b78
.pxlclnmdecom-a.akamaihd.net/	1970-01-19 16:57:24	Name: bfp_sn Value: 1616243101_214802849535
.pxlclnmdecom-a.akamaihd.net/	1970-01-23 06:41:45	Name: bafp_t Value: 4b1c9510-8977-11eb-b600-7bcecafd1455
.securityaffairs.co/	1970-01-23 06:41:45	Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78 Value: Direct
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_188 Value: 3189-d0bfccfd-c804-47ca-90bd-96f5077f286a-6055e9a0-4348
securityaffairs.co/	1970-01-20 02:19:06	Name: cto_bundle Value: 1bABr18lMkJiaVdPV3ZaZG5IUW5iZ0o4c3BJMkJoVXFUeFFjQ0lYalJzZUY1eE54S2FxaTlTSVhWOVYzODBJUjdjZVdOTGNFUUN0SXdnTXZVZUFWRiUyRjJIWEtjQXVUNldsNGtiWk40anFYSk1lelpFcTRrbVoxbFRBNExBWEFTR2lIV1o1V2o
securityaffairs.co/	1970-01-19 18:23:47	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22112494b5-c340-489e-9048-54e69d69e7ef%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-20T12%3A25%3A01%22%7D
.taboola.com/	1970-01-20 01:42:59	Name: t_gid Value: bd3c16b6-38a6-4332-a7a7-1ce50ef06ff9-tuct74f6f20
.securityaffairs.co/	1970-01-19 16:58:49	Name: _gid Value: GA1.2.2014133072.1616243101
.pubmatic.com/	1970-01-19 19:06:59	Name: DPSync3 Value: 1616284800%3A174%7C1617408000%3A201_227_226_221_219_197
.securityaffairs.co/	1970-01-23 06:41:45	Name: bafp Value: 4b1d5860-8977-11eb-9f3b-7df259aa64c5
.tapad.com/	1970-01-19 18:23:47	Name: TapAd_DID Value: 4d551ff1-8977-11eb-a494-b6f1718f2367
securityaffairs.co/	1970-01-19 17:40:35	Name: _lr_env_src_ats Value: false
.securityaffairs.co/	1970-01-19 16:57:23	Name: _gat Value: 1
securityaffairs.co/	1970-01-19 17:40:35	Name: _pbjs_userid_consent_data Value: 3524755945110770
securityaffairs.co/	1970-01-20 01:42:59	Name: cookielawinfo-checkbox-non-necessary Value: yes
.pubmatic.com/	1970-01-19 17:40:35	Name: PugT Value: 1616243106
.securityaffairs.co/	1970-01-19 16:57:23	Name: _gat_gtag_UA_59069958_1 Value: 1
securityaffairs.co/	1970-01-20 01:42:59	Name: cookielawinfo-checkbox-necessary Value: yes
securityaffairs.co/	1970-01-19 16:57:24	Name: session_depth Value: securityaffairs.co%3D1%7C816788371%3D2%7C184323154%3D1%7C647633027%3D1
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_377 Value: 6810-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&22918-112494b5-c340-489e-9048-54e69d69e7ef&KRTB&23031-112494b5-c340-489e-9048-54e69d69e7ef
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_1101 Value: 23040-6941711274078828692
securityaffairs.co/	1970-01-20 02:19:06	Name: cto_bidid Value: WSGr7l9DVDZFaVNJdVpQWEVsYXVQcDZDTm40R3klMkZ2b1JVZ0ZyaGd4RVJGTFUybGVhZFdwSmF5NiUyQjRyYTRTQm1CJTJGYSUyRkxtdDhDcTl5Njd4THdKeTdLdkdxcXJ3JTNEJTNE
.ads.pubmatic.com/	1970-01-19 16:58:49	Name: KCCH Value: YES
.pubmatic.com/	1970-01-19 17:40:35	Name: KRTBCOOKIE_57 Value: 22776-4563328050804415368
.securityaffairs.co/	1970-01-20 10:28:35	Name: _ga Value: GA1.2.641753397.1616243101
securityaffairs.co/	1970-01-20 01:42:59	Name: _pubcid Value: ed08ce2a-c4bd-4d9d-b15d-520e87434f80

37 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 69) Message: JQMIGRATE: Migrate is installed with logging active, version 3.3.2
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.blur() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.focus() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.load() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.hover() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.isArray is deprecated; use Array.isArray
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.submit() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.unload() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.trim is deprecated; use String.prototype.trim
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: 'jQuery.easing.swing' should use only one argument
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://cdn.pixfuture.com/hb_v2.js(Line 62) Message: CMP IS NOT FOUND!!!
console-api	warning	URL: https://cdn.pixfuture.com/hb_v2.js(Line 62) Message: CMP IS NOT FOUND!!!
console-api	warning	URL: https://cdn.pixfuture.com/hb_v2.js(Line 62) Message: CMP IS NOT FOUND!!!
console-api	warning	URL: https://cdn.pixfuture.com/hb_v2.js(Line 62) Message: CMP IS NOT FOUND!!!
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.isFunction() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.isWindow() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.bind() is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.offset() requires a valid DOM element
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace
console-api	warning	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 100) Message: JQMIGRATE: jQuery.fn.change() event shorthand is deprecated
console-api	log	URL: https://securityaffairs.co/wordpress/wp-includes/js/jquery/jquery-migrate.js?ver=3.3.2(Line 102) Message: console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
abs-0.twimg.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservetx.media.net
adservice.google.com
adservice.google.de
apex.go.sonobi.com
api.rlcdn.com
aud.pubmatic.com
bh.contextweb.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
c1.adform.net
c2shb.ssp.yahoo.com
cdn.pixfuture.com
cdn.syndication.twimg.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dt.clnmde.com
dt6.clnmde.com
eu-u.openx.net
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
l.sharethis.com
lg3.media.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
match.taboola.com
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
navvy.media.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pixel.wp.com
pixfuture2-d.openx.net
platform-api.sharethis.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.gumgum.com
s.tribalfusion.com
s.w.org
secure.adnxs.com
secure.gravatar.com
securityaffairs.co
served-by.pixfuture.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
104.244.42.72
104.244.43.131
142.250.186.162
142.250.74.194
146.59.148.16
151.101.114.49
151.101.13.44
159.253.128.188
159.65.197.210
173.231.181.122
178.162.133.149
178.162.133.150
178.250.0.157
178.250.0.163
18.156.0.31
18.156.195.47
18.157.138.23
184.30.20.198
185.29.135.227
185.33.220.145
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.86.139.114
188.165.4.142
192.0.76.3
192.0.77.2
192.0.77.48
192.229.233.50
193.0.160.128
198.148.27.139
2.16.186.66
2001:678:cb4:bbbb::11
2001:8d8:100f:f000::289
208.100.17.171
213.155.156.167
213.19.147.151
23.210.250.97
23.218.208.187
23.32.238.131
23.62.140.165
2600:1f18:42df:3a00:13f0:d148:35f2:a1d9
2600:9000:211e:c000:3:c04e:c780:93a1
2600:9000:2182:6e00:c:a9b7:ddc0:93a1
2600:9000:2182:7200:1c:8a07:5e80:93a1
2600:9000:2182:8400:c:abe:f440:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700:20::ac43:4671
2606:4700:3039::6815:c01e
2606:4700::6812:acf
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a02:2638:1::13
2a02:fa8:8806:12::1370
2a03:2880:f00a:e:face:b00c:0:3
2a04:fa87:fffe::c000:4902
34.120.133.55
34.200.78.134
34.246.149.44
34.253.109.165
34.98.107.212
34.98.64.218
35.158.172.137
35.201.96.126
35.212.210.170
35.227.248.159
37.157.2.234
38.27.122.158
47.252.78.131
52.201.98.35
52.202.125.251
52.29.155.194
54.194.13.58
63.32.138.105
66.155.71.150
68.183.31.14
77.243.60.138
85.114.159.93
00d534b6d1d7adf2faa7861ce9557403c3c08304e2791fd4301029b0e142c286
00f28fdb987ce0f9edc935ffe381123a2e1f79fcc0f55759a7bb4a83b4a88584
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
08f2866249551fe28c73ac1814600b55a251a91d3dc457de2ec5d30a9d960bdd
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdd4b9afc5c83f1493a6198ae75901938b26c321c19bfb5d4d8bc88594951e0
0bf3f6e79af33723b0c1a822f59a484a35583303ab76fa9227b694b1e719364f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c27a9c1aee9eacb73655f930a6bbf9ec721006695e5c38405296081cdbcb878
0c4aba60bfafdf8ac977f9f5fbcef0460b5d529dd2ec33ff66c45b80e9231aa4
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0cdc6e956294d2e2352f1c0a62b2ba989108b6e04338e0d24a14b452335697a6
0e53466218d7ff174e0a083ecce89b1c090c67ccbe55775eddca03e930ff9e35
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
13b61826fde5b78966364a0bfe1f2309da1f0ccd75923528a5014978b7276742
169a73d528484d2ad9cb216950e9cb1a61863aef125ebba50edd98ab95eddc88
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1832a6ee34745b08b1fcae42c24468086358b43071d7679a738951aa7dc243ea
185c9e2bc69d60f16dd75642555ec30aca7ed11607d624abff383b8c3ccbdbb1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d61b5ee68a57bd7a4733f776f9f8aa5c353e7f35a420881523b6edbf7c6b19
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
19c88c7b7a418e432cce3b5a3a921e34441e6debf665a1a1b0117872ddfbf735
1aaab3c3d6f974416ae34893cebe3a544aea17931439b2449ec392061d11ec82
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d2965888a45dd38717d08a67747691ac45e42e3117df05bf5cb953613fc7b91
1feca2279a6e78133bf577b99e4f3e82896622c255d29017cec5f5cfa93e4d16
2199990352edbb7ec586e01d26e2f6a7010a2fce1517711019b614dcec353ba3
2333802e4a0c86b4cc4c71b376fc0aedc3b03039bfc777d96105f82231215732
2746aab75381b8fb2ea34f3384ea14c70ca992b5462e6bf21c518d26a2d273c1
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2cf71ac2cab9eab07cd7e1aa81ee2a673fc043d0f4b9e69d5cd7e8ce812330c2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e17cb80f62865b1c23d9e1fd24b008de3977aa47cab246300caffeece2be1ee
2e3fd7db50785b0a534eb5ce59ee7352914fb185636655864de6741d61296299
2ff9065ca87844f4ea41c061dc59e479ef70ba7a59518bc7e69b1743dfec6419
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3690ae72198d9aea5d559897492229c6bd875a0dc69039d7b942a4e2e9728273
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3c5feff96c2489d2f544705b1a07cceb9e9f66cebb1c2f79ac9c8873997b80dd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db7f59baa4b60eef8247c10fa35b17bef862c8bd17cc2173d9f6bbaa63904e4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40bc46248d8f8d5fbea7678bd0c0031327e206daaf99f3bf6723b9a70f665f7f
43221c6a8e6f26d42661a8b1434c0c9358a3acede2c2ab1a0a566cf20846126e
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
47a85e05b7d0d202666d8d51507c51caa6ca26be0058135f190e5fb86bce323f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a4c4669e79e1284ea4229ef37a04423aa13df76c659fb865741720c4fb2dc99
4beb87b9f88cc7ab1cbe1b0bf70521de9c4d95b783fab2c8d604269b8c32826b
4c6b4ef22f4c5dd8fd6e17ab6706d8c55d236824c20b3d8dcd310f7de744def6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f4d8338a308921d0148b2a613a9272058f49f1486b2cbbea9aa88a10fffb05d
508a8b73dfefe6e9998cca8a66aef5f7b9b5a8b24b35ae0e6e8a02f37d4a2c93
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5478a58e273007bb37b0f168fdbaf319580f1bd42af6219320ef76e82e5b7808
5525d57ced576560de8777ea78e4bc0c9d55396c0b668a7563b354de9c165aee
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5cbf31f01d7d1ce4853bcd6cc64dbfd103d412ec14d8bcc4ebca3b35dc3f3b74
5cd2c136f7e961bf9af4b1efc5a3b341deef61d1aa0720f9c513a9b64297da07
5d6ca46fc2d50ebc40db4f46f6170d8df8597c5311af0d552a660934114b7c37
5d823e7656fb7105e384386176b6584ebcee34e5648062b0dd09389665963791
6251b4b4525b9007511a48a6cda9a168f07ff77ccc4dd75759486af624a13301
62b338caf89fbe98a2df5026edefa2ed6c1bb4a46bb26f7cbcf2a3d95a51dc75
6348cbfbc920dc36067a7f95cb93a53e2f29c6773331cc99a16ea48b867e230f
650868ebc4c00b2ea4ea72747f655f8a0552ba53c9b5b55defd9457be75f1aa9
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
6b0116cc24564b4e68e1bf19bf7bbdcc8ec1102044c85a34816a35ea9dd00546
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70e26fb1e5920d7a58651c4fa2c9d25fb0299273285d39658d0a49f4d63c5fa9
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
735cd4086358617ea5baf19a8f17b3ec715ee8adaef37b7162b6b4b01de41b22
73cadf4725483d9a9290b8ea3ad87fe2afc746de5f70e89f088a3df9996bd8dd
73d8389f373600b3eee9b27dcbac02e135adbab8a01c04cfac1361e7dabd6100
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
7478123ab457a28ecf9df78f2832fbdbefc205eaef0930b4f6666903e756be46
759949fb0ffaa47eb3755d704adfee7be3ab4fd3d3fa2f37381ca6ea8b9506b1
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
76d35c700a1d819d2ab5bdeeaa17c7e4a2291f5ca1bdfafa6398e8bd49ad943a
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
77b31e9111db27fb6486db07425870a00a4276340181475db9a0d4d150163a1e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
80e4d64d2f1f08a4235c43fc87734dc5053d56ff18d045803810f392a363aab7
8210c6027afdd0094fadf708860d0876230e675e3057e2640860555b2f106b9a
82f93cb2aebbbc501af87a0a6e7b47566c3faf39519bb1a1ed0d0a8c2b33077a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
87cdbd22f3ec5377e8813d62e501e0d1c20774ab03221b44e5629fc3be11f466
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c8c2e3e0af8248c66e02fd3901558e969a7b0f35cf1fe0da4872e01f77e2ebd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d732b3483eb44546a848a82cc9d6a584c81860aae7255f7ac589dcb3f130535
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
940c4f37bac6c0c33f65b9f6a2e8d931a42da31d7badf5e242a72dfaaa91ef2b
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
98759cee8255031a5bbde0227864997630122d5574b3a740dcfc37a87f392757
997c4a90a63a21dabc5660f6ce037c209792f2dcbc5f02a381a8e301639f1cf4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a47abcc220084cd32dd51bd76f84ff7839e2dbf1a132fb970e8a1437f03726b
9bbb4c0f1637ff04d08c36f7848ed1e65f32744592e5da1ea191707091742e56
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a1f301821cf01ba8b2339975d41f8479279a917a6c494a71116b40d07a2d42a1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698
a8cbb8ef1834a1ee98823ea1a764283acd1bcc69e82c1c24b974048a361d6e84
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
a92f2247613f0b6a7d3d9c6f36b88cdc35661ec8559c4c51c9c5267aaac464bb
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af101f9a2469ae25c7805ff8897510945598106ba0d2d186844f59c9f9a59132
af7abdbcee9fe7d9eed8ff21d4a2ef12c31d2c374b77c8c67b1bf7c8b752f925
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b00d8dd97e940c4e27ce594c66423c6a66d369faa40feb36827e59c848770607
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b388023a5a93d4a587c81c1b2b69f46585a8d84a7f1b58f18ce3c91a64ba5f8d
b5e556ff4a0b0661c9c52bafc4c79617955d3fb13b240628551db2d4f0581a33
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
b9494c6294517e0663f735befb1f40c0a729e5d08e2bdc42c88028c6332675e3
b97d80b9eedfeb29936f0d7f89afbdd425ef8d930d09fa1f98030ceb8b26cabd
ba716187f8cc8c54806f5b9de46d1d94bec574ddf31c82f68532cd181e242b7f
bec8e1bd6c6893b9da2fd753fafb83d31565f833aa86168f71f70eea6f085bd2
c01fc9c7aa4b03ea89120545b5079b4b6a938ad4dd08c5dbcbdd3118ef043d87
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c4479f482aa8ed0403e3f94b524b58350985ae55b8e9d055b71c9de47ce440ff
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8817bacfc84fd39e4daec4096011ed3d117c7fe8b3c55fdd22af47c299099bc
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cad57037bf81b6e4f6d2d8ea64ddc70998fbe20a53ce1520b54d9022210f1c38
cd5e4a61cc6b76679ce65b9eebad12fa99fff45bd519b8d243a78b5fb89a9ae0
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1e2c1dab170432cc819b4c52514b6d85101c617733920bea98b1cc36acafa9c
d265de22d357e5c330abc40b4174d03c476e2eccf0ec0b0a83cfc1f9113932c4
d332948bbf924b4ac96790446758649e02c90f08cf5f3714b5c20def224ef194
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e
d5059f32fbb319603fd421035ba8ae20f2a80c2978279efb10cba65961bdcfe9
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
d99ea9db1da8549489666d36c9e3fb717842550eed1554e96860af8d30c3b008
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbfbedeaa94fbff654f4edef88642359e75f767f7cf590cf073f5f4a1b8870bc
dc8b69af09fa8ede018d0b058e788a8a57f9260e662d36aee50f4c049a8d6543
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e1d439780cddc5ad08a7645b7b5b7508de75a8e38d01a8a84327194fb7eb6de9
e274423febb58596ae6d3754a54fb2c0dfb061c45001c7b8173186196bf45c33
e2dc35b0dbaa16b45d96eb3691927df48e091f4983ed2cc079568b789f9559da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bde64bf35f53b194812011afbed356ba646651528c0fcb8db1c1d9673cd202
e4c4c28d6e6e7e34bafea314177ae513eed531e3f297093d858a471bf1b3bf33
e4fb7fa98784ded47779ca5133650c15d5bc98eba619ea14c565e646d2e5f8ad
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e89bbc7723c5114f9cf138c6019bbca4e4f5e13f6b9febaa38c92c4c3584a964
e8caad51a19c5667e4fc7ae6a3b9bf8a23559bb64b09b0c6e90cad6d24083ea6
e98cd00e7be004c4360ad0c38471911312d74a117babcc29f239935afc80c8cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0af59e2ad792e9949cbd4988bb622f7e72d606cd536585fad95e51cce2ed871
f0c6d2d27de284102b03e30cd74be808801ec53ca49f30b4d15620ee84ea39f5
f23c005bfd2a0e63888b59024e3f24d81c796d3229325cc266746486d8633b15
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3f9851aacd203c1569a3e2094d6da83d0dbb6d2e8fb3b8e522358daaeae5b4b
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e
f5e16264db1edc4a05d3d615e24b9cded18c3bec066423c7abf78fbf46ed26a5
f6728b678a966b43da0db83cb0c0c4dbdf4e24d2bd10a3356bb64466779f936d
f8284365ba340253ee9c71cfb5efcc37f10a23e8b8b5dd134ec7bbab05073845
fa48ae9c830471703372294323a557521101066ad57508508b135f632e5e48d0

securityaffairs.co Open in urlscan Pro 2001:8d8:100f:f000::289 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

349 Requests

97 %HTTPS

36 %IPv6

68 Domains

109 Subdomains

76 IPs

8 Countries

11292 kBTransfer

15989 kBSize

62 Cookies

17 Outgoing links

Redirected requests

349 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securityaffairs.co Open in urlscan Pro
2001:8d8:100f:f000::289 Public Scan

Screenshot
Live screenshot

Full Image

349
Requests

97 %
HTTPS

36 %
IPv6

68
Domains

109
Subdomains

76
IPs

8
Countries

11292 kB
Transfer

15989 kB
Size

62
Cookies

349 HTTP transactions
12 data transactions