urlscan.io logo urlscan.io
SecurityTrails logo

securityaffairs.com Open in urlscan Pro
2606:4700:3031::6815:90b  Public Scan

Go To Rescan Add Verdict Report
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Submission: On December 01 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 9 countries across 54 domains to perform 203 HTTP transactions. The main IP is 2606:4700:3031::6815:90b, located in United States and belongs to CLOUDFLARENET, US. The main domain is securityaffairs.com. The Cisco Umbrella rank of the primary domain is 674240.
TLS certificate: Issued by GTS CA 1P5 on October 18th 2023. Valid for: 3 months.
This is the only time securityaffairs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
49 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.239.94.121 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:25e... 16509 (AMAZON-02)
1 3.69.206.167 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:20a... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.239.83.131 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.238.243.129 16509 (AMAZON-02)
5 18.239.81.30 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
1 3.127.99.172 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 145.40.97.67 54825 (PACKET)
2 6 185.184.8.90 204995 (RTB-HOUSE...)
4 51.89.9.253 16276 (OVH)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 185.86.138.16 201081 (SMARTADSE...)
1 69.166.1.32 27630 (AS-XFERNET)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
2 2.19.244.232 16625 (AKAMAI-AS)
5 6 185.89.210.122 29990 (ASN-APPNEX)
5 69.166.1.34 27630 (AS-XFERNET)
1 1 54.172.57.125 14618 (AMAZON-AES)
3 5 18.158.157.189 16509 (AMAZON-02)
7 8 142.250.186.130 15169 (GOOGLE)
1 2 18.203.77.106 16509 (AMAZON-02)
2 67.220.226.233 16509 (AMAZON-02)
3 3.33.220.150 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 46.228.164.13 56396 (AMOBEE)
1 2 208.93.169.131 46244 (WEBMD-IDC...)
2 2 188.42.34.65 7979 (SERVERS-COM)
1 18.195.110.104 16509 (AMAZON-02)
1 1 3.227.140.6 14618 (AMAZON-AES)
1 162.19.138.120 16276 (OVH)
1 216.52.2.6 32475 (SINGLEHOP...)
1 2600:9000:219... 16509 (AMAZON-02)
2 6 104.18.36.155 13335 (CLOUDFLAR...)
1 1 46.228.174.117 56396 (AMOBEE)
3 7 76.223.111.18 16509 (AMAZON-02)
4 77.245.57.72 36057 (WEBAIR-IN...)
1 54.147.45.225 14618 (AMAZON-AES)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 2620:1ec:21::14 ()
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 18.66.112.125 ()
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.48.186.244 ()
1 173.231.180.197 32475 (SINGLEHOP...)
203 64
49    2606:4700:3031::6815:90b (United States)

ASN13335 (CLOUDFLARENET, US)
securityaffairs.com
1    18.239.94.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-121.ams1.r.cloudfront.net
platform-api.sharethis.com
4    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
2    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:25e8:a600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.69.206.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-206-167.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2600:9000:20a0:a600:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    18.239.83.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-131.ams58.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    18.238.243.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-129.ams58.r.cloudfront.net
config.aps.amazon-adsystem.com
5    18.239.81.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-81-30.ams58.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
14    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
1    3.127.99.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-99-172.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
5    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
4    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
4    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
10    2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
1    69.166.1.32 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2.19.244.232 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-232.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    54.172.57.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-57-125.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    18.158.157.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
x.bidswitch.net
8    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    18.203.77.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-77-106.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    67.220.226.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    18.195.110.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    3.227.140.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-140-6.compute-1.amazonaws.com
ssp.disqus.com
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2600:9000:2190:8800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
6    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    54.147.45.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-45-225.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    2a05:d018:d29:3605:e656:41e3:3e80:bff1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    18.66.112.125 (None, )

ASN- ()
cm.smadex.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    52.48.186.244 (None, )

ASN- ()
match.prod.bidr.io
1    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
Apex Domain
Subdomains		 Transfer
49 securityaffairs.com
securityaffairs.com — Cisco Umbrella Rank: 674240
1 MB
14 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 35885
4 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
172 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
72 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
224 KB
10 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 19494
sync.quantumdex.io — Cisco Umbrella Rank: 4292
2 KB
7 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
4 KB
7 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 3926
api.cmp.inmobi.com — Cisco Umbrella Rank: 12882
211 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
4 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
5 KB
6 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2225
sync.go.sonobi.com — Cisco Umbrella Rank: 951
4 KB
6 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367
creativecdn.com — Cisco Umbrella Rank: 564
2 KB
6 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 40308
assets.vlitag.com — Cisco Umbrella Rank: 49048
358 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
1 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
1 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
1009 B
4 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1750
536 B
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
12 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
831 B
4 wp.com
i0.wp.com — Cisco Umbrella Rank: 3858
stats.wp.com — Cisco Umbrella Rank: 2814
pixel.wp.com — Cisco Umbrella Rank: 2796
87 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
317 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
445 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
25 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4380
buttons-config.sharethis.com — Cisco Umbrella Rank: 4860
l.sharethis.com — Cisco Umbrella Rank: 4541
47 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10220
1 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
127 KB
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
282 B
1 bidr.io
match.prod.bidr.io
433 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
507 B
1 smadex.com
cm.smadex.com
615 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
426 B
1 linkedin.com
px.ads.linkedin.com
650 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453
368 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
194 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
242 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
277 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
921 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1557
285 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
35 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
736 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
31 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 gstatic.com
fonts.gstatic.com
48 KB
0 rezync.com Failed
live.rezync.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
203 54
Domain Requested by
49 securityaffairs.com securityaffairs.com
14 px.vliplatform.com
8 cm.g.doubleclick.net 7 redirects eb2.3lift.com
8 pagead2.googlesyndication.com securityaffairs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
7 eb2.3lift.com 3 redirects sync.quantumdex.io
eb2.3lift.com
6 ib.adnxs.com 5 redirects eb2.3lift.com
6 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
6 cmp.inmobi.com services.vlitag.com
cmp.inmobi.com
5 x.bidswitch.net 3 redirects eb2.3lift.com
5 sync.go.sonobi.com
5 prebid.a-mo.net assets.vlitag.com
5 aax.amazon-adsystem.com c.amazon-adsystem.com
4 sync.adkernel.com sync.quantumdex.io
4 useast.quantumdex.io assets.vlitag.com
4 bidder.criteo.com assets.vlitag.com
4 onetag-sys.com assets.vlitag.com
sync.quantumdex.io
4 prebid-eu.creativecdn.com assets.vlitag.com
4 services.vlitag.com securityaffairs.com
services.vlitag.com
4 www.googletagmanager.com securityaffairs.com
www.googletagmanager.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 match.adsrvr.org eb2.3lift.com
ssum-sec.casalemedia.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
2 ads.betweendigital.com 2 redirects
2 bh.contextweb.com 1 redirects
2 creativecdn.com 2 redirects
2 aax-eu.amazon-adsystem.com
2 dpm.demdex.net 1 redirects
2 ads.pubmatic.com assets.vlitag.com
sync.quantumdex.io
2 prg-apac.smartadserver.com assets.vlitag.com
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 securepubads.g.doubleclick.net services.vlitag.com
securepubads.g.doubleclick.net
2 assets.vlitag.com services.vlitag.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 i0.wp.com securityaffairs.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com eb2.3lift.com
1 cm.smadex.com 1 redirects
1 pr-bh.ybp.yahoo.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 image6.pubmatic.com ads.pubmatic.com
1 cs-server-s2s.yellowblue.io sync.quantumdex.io
1 sync.1rx.io 1 redirects
1 s.ad.smaato.net sync.quantumdex.io
1 ap.lijit.com sync.quantumdex.io
1 id5-sync.com sync.quantumdex.io
1 ssp.disqus.com 1 redirects
1 match.sharethrough.com sync.quantumdex.io
1 d.turn.com
1 p.rfihub.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 static.criteo.net assets.vlitag.com
1 apex.go.sonobi.com assets.vlitag.com
1 mp.4dex.io assets.vlitag.com
1 hbopenbid.pubmatic.com assets.vlitag.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 cdn.jsdelivr.net assets.vlitag.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.google.com tpc.googlesyndication.com
1 imasdk.googleapis.com services.vlitag.com
1 region1.google-analytics.com www.googletagmanager.com
1 pixel.wp.com securityaffairs.com
1 www.google.de securityaffairs.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 fonts.googleapis.com securityaffairs.com
1 stats.wp.com securityaffairs.com
1 platform-api.sharethis.com securityaffairs.com
0 live.rezync.com Failed ssum-sec.casalemedia.com
0 cs.admanmedia.com Failed sync.quantumdex.io
203 78
Subject Issuer Validity Valid
securityaffairs.com
GTS CA 1P5		 2023-10-18 -
2024-01-16		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
vlitag.com
GTS CA 1P5		 2023-11-26 -
2024-02-24		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh

This page contains 19 frames:

Primary Page: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Frame ID: 6A0C9CDF761ED49F42AE862EE8F57443
Requests: 154 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 8FCE16443B3092DB1FB24CC738DA0F93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1701444055&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701444054873&bpp=3&bdt=1221&idt=374&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3113210913209&frm=20&pv=2&ga_vid=1450617827.1701444055&ga_sid=1701444055&ga_hid=1577500085&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809004%2C31078301%2C44807406%2C44806141%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1231308203232713&tmod=2114860877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=388
Frame ID: 43361E624E9C822EEA2D8BFAE0CB25E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12DD300EF4A210E9898F685163B1F81C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3081A1206263E1616149E386E8ACE33F
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701444056467&us_privacy=1---
Frame ID: 5706689608EC9655E24F5CACF3850B60
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 353F0D8F9EB2ADCC309A163F6A826A68
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Frame ID: 1AF008CE2394A5897C40DA0C9C844085
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&us_privacy=1---
Frame ID: 626B3A9355E630A41DFE4394B818AB02
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 3FC2D30AE8B4A1D981C453851816954E
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 1E681C0121078FBA8CAE86422B79A0CD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: EA3B7E330583CEEB11048C989575193F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: CB62E83F68CE42D30FE50935785CD4C8
Requests: 11 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: BF347CFC4BB1903003D4417C8A1694D3
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: EAFDD71748A5580F80803C78EB8A2346
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 9DD69A56E526847DB468FBFA31490E21
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Frame ID: 95DCE8A62E59675C9AE47E03959E6844
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: AA16A3B7A2718CA12B0B4C1E487737F7
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 1105F0D053BD613EB8E108FDB878DC62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

203
Requests

89 %
HTTPS

41 %
IPv6

54
Domains

78
Subdomains

64
IPs

9
Countries

3184 kB
Transfer

8068 kB
Size

58
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dappnex%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=460747949242986076
Request Chain 153
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o
Request Chain 154
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654&google_hm=M2E5MDEwOWYtYjkyYS00YjFhLTlhNGQtN2U4MGI1MjVlNjU0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEL5c7f_E4bLIWxm44izomu4&google_cver=1&ssp=sonobi&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
Request Chain 155
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=a67ba03c-617d-476d-88db-4bebbf72287c HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=a67ba03c-617d-476d-88db-4bebbf72287c
Request Chain 158
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433831325024601
Request Chain 161
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=NgN4c1-GAaKB6HHSyqr00BkNvBuxe6Z34JC6aLCwSRc&pi=sonobi&tc=1
Request Chain 162
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=a67ba03c-617d-476d-88db-4bebbf72287c&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QlVlSno0ZzlQWHdyaWE3VU52Vmh3QQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAeauOwoNIt5nWN3J1CwNEE&google_cver=1
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YTY3YmEwM2MtNjE3ZC00NzZkLTg4ZGItNGJlYmJmNzIyODdj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIIezllT3W2NY8GrcVypOek&google_cver=1
Request Chain 165
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=7923360302074992619 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=11c8e683-1115-524f-8598-bd1de0f144c1
Request Chain 167
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a18813dc-d937-3599-a764-e567eeb7dd58
Request Chain 169
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8128597431222216387
Request Chain 172
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 173
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 175
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 184
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUzODAzMjM4NDAwNTc1MDUwNzkwMg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGOZ6W62oN9byv2eRIM_qFY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 186
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUzODAzMjM4NDAwNTc1MDUwNzkwMg%3D%3D
Request Chain 189
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3538032384005750507902&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=1da976f9-a048-4d93-96ca-88eb61de1045&expires=10&ssp=triplelift&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
Request Chain 191
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8128597431222216387&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 194
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWn520t.CR2occVOiCeRVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIG0JAdOnMVyCBSY3QIVEBY&google_cver=1&google_hm=2
Request Chain 195
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWn520t.CR2occVOiCeRVgAA%261139&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWn520t.CR2occVOiCeRVgAA%261139&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=bb3a8d717711469185f7f6e68ee62e30 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bb3a8d71-7711-4691-85f7-f6e68ee62e30
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWn520t-CR2occVOiCeRVgAABHMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL-nDPCZ_HhHUHxWMnCCajQ&google_cver=1
Request Chain 197
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=IxKkoXMe9vs4FKKoIUS_r3NDpKk4E_ChLBakFW7M

203 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request black-basta-ransomware-activities.html
securityaffairs.com/155054/cyber-crime/ 		169 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4368f99d0cee44d05f18e6336ff6e5aa8d75f04f69d9b9123f4f8eda6955bd6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
82ec5113ad02b70c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 15:20:53 GMT
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/" <https://securityaffairs.com/wp-json/wp/v2/posts/155054>; rel="alternate"; type="application/json" <https://securityaffairs.com/?p=155054>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF9PPjZWKw8Ozwcu9VZTVXwKkreRGgg43%2FA9AYtZ4uS2WSmD1G2JL4B7%2FJt8CeWR8YcXJD8BbLc1QHkHCuC9uzmvI6lziZke%2FZ9BRucnInyuZaDlg7SlochLyHww3NCXw7G%2Ft2gSgTthic1182c3F%2FeU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-pingback
https://securityaffairs.com/xmlrpc.php
style.css
securityaffairs.com/wp-includes/css/dist/block-library/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/css/dist/block-library/style.css?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36324ad58ad455cb3b2ed61e5e7326afb3de6988fe5c592ded25598f13405a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
211072
cf-polished
origSize=118143
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 22:53:12 GMT
server
cloudflare
etag
W/"654c1158-1cd7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3DEJz5DEAFnn6YKaBjs1ztlPW2LEv1aCuAjKw4X7M9XdWHfSwNRRgtOS7kavf9as1IEPdAARaSaGoE6GbEwaQY01Vkc7AHf0UY3PwszLc4mvuBtQgFL3iQK4u5IQIp%2BrM1SmYDTj9QOtnaa6TkCMYnU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f68b70c-AMS
expires
Wed, 06 Dec 2023 04:43:01 GMT
mediaelementplayer-legacy.min.css
securityaffairs.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Dec 2020 23:31:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
301211
etag
W/"5fd15e34-2bf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vrHk6MABKRWD2fXrLEffOVcbeGVkqhQaoXLNvmEI0wIM%2Bk0mcW8OH6NzKfA7HUsaMNlULhvfeJ%2FSa7ypuVvK95bzNzUEZ%2FNH1yMk2k9q%2FXye07R%2FPXB5elmh%2BtZQ132Q%2BzOTf9d422oRTJvPkRbrT9T"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f6ab70c-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Dec 2023 03:40:42 GMT
wp-mediaelement.css
securityaffairs.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/mediaelement/wp-mediaelement.css?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193016
cf-polished
origSize=4960
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 13 Nov 2019 23:52:08 GMT
server
cloudflare
etag
W/"5dcc9728-1360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sizl%2FCr4ck5d5iUIaVR5MErEnEkyjkxKAKl41Uz8InsssrU5kOzbbU7hKfE4viVQW%2BIQ7I9GgV14e12HuoyRyvIfmD9ZVV6KsoDQrGyFpExXdHHJ1qzNShQtFZhmQTtRJd7vtHWcwslx%2B9nuyO2vQ3P9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f6eb70c-AMS
expires
Wed, 06 Dec 2023 09:43:57 GMT
styles.css
securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301211
cf-polished
origSize=2894
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:29 GMT
server
cloudflare
etag
W/"6557b4c9-b4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwRLfqUgS9x4hi61kfha%2B66WMt729c%2FQt60RA%2B5wiG%2FjVxb%2BaEGzrjjA2y8sZHWZi7IMp5J%2B4KIa1cTkZKdUNSkfQyc27w%2F5Xr1O90NDWwL8FIYp0E%2FbyoNgnQLsC2PK7RXyfoKbKj1gkZ2%2Fx3LVT%2F2%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f71b70c-AMS
expires
Tue, 05 Dec 2023 03:40:42 GMT
cookie-law-info-public.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.1.7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
112155
cf-polished
origSize=3106
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:31 GMT
server
cloudflare
etag
W/"6557b4cb-c22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV6l6iNcaIZ0PnHJM7qjinxjU4rfZk7DUtFhObHPnp2Iovl76Cn%2BUU1XY1rdwonOV%2BGlmszFUeI0jmM0%2FVC43UWpx3gxjKpkGK2t5wrn3qpfiWe%2F1eHdJJwkRLVDKuCQDz2%2BhVJ%2BaNIfHB5OO0L2r1B1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f72b70c-AMS
expires
Thu, 07 Dec 2023 08:11:38 GMT
cookie-law-info-gdpr.css
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.1.7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129019
cf-polished
origSize=27249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:31 GMT
server
cloudflare
etag
W/"6557b4cb-6a71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXSTjZkg2ebumUH39jmehogVLEjF7VqFOxilwyck95RRCcORomPWORd0xdEW%2FMc6Q3X4gktV%2BHxEPWKpVYhP7%2Bn82%2FuOEUr5jaEWETJOuWmZ5WuCaoYGAI3KAT0LxYj36BnVU%2FHG%2BIDVRN8QA5SByPR2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f75b70c-AMS
expires
Thu, 07 Dec 2023 03:30:34 GMT
form-basic.css
securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 		2 KB
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.9.10
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129019
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 23:32:40 GMT
server
cloudflare
etag
W/"655bec98-654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMZI05A392nOSmShlWY7FFC00jX7l7aRjG44GBHkwU63RHkEyXNnjyIlWPCkn7kaoB1Vw2QMjnrX50XXb1Puw0Q8ahsj890gb64giEAvQKa%2FuJiaS55YV8VFKQ3fXI7PG8D6gkZRFOsgExKXqHM3AbaG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f77b70c-AMS
expires
Thu, 07 Dec 2023 03:30:34 GMT
bootstrap.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
112671
etag
W/"63ec8df4-260c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AdN9WKkFWUH86WrQqbKsICNQZnzeTA4FYu3MjN5W2YzGAISiIxdNF4775%2BsyLcTajEiLPKcEO8BlfNPMiQN5BYE9Pw%2BPrTj%2BhdTVnOpn4NWXTKA4rbJqBb%2BE8X8x1Vnni2Wb4fF%2B%2Bh5y4CZnGgPCTmW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f7ab70c-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Dec 2023 08:03:02 GMT
plugins.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301211
cf-polished
origSize=31000
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
server
cloudflare
etag
W/"63ec8df5-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OM9nhmeqZ0M%2Fm%2FqpZWXO%2FFALrV%2BIEJ4Z63JHoxrvVOvYbf5b6pqHSF6OJvfBs0HCYG4VFTJ93uGLR5aXw%2BC%2FscZnL8g3FBNT2VREwUbsHvzGT4cd2i55FW03BytY864Y1hItIs4%2Fy6WVu90I1aeJNzyR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f7cb70c-AMS
expires
Tue, 05 Dec 2023 03:40:42 GMT
animation.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		44 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/animation.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204394
cf-polished
origSize=45516
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:47:00 GMT
server
cloudflare
etag
W/"63ec8df4-b1cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVWsID%2Bm64ucK09Zin7OTvIWaqzB44%2F0baU2liw3VMSZRlZCNliTYKRN59cgFoVXI%2B8OSzbrTQX7yL0JLqpnjnR%2BBzz1SvicykEmSnqfl7El8C%2BWArdyGzkm1macHwXKWRSyQGgDxIrNgluuegM%2FTej9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec51179f7db70c-AMS
expires
Wed, 06 Dec 2023 06:34:19 GMT
select2.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/select2.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
127364
etag
W/"63ec8df5-3f88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQ%2FDLZBhWEnMUYX8z9pVJkgwSKNTpjYKDIRLNnShlzJINDoH5T1%2BJ7vsI8nL7Dd%2BsljW8GZHBa0CZemOLQbhenbMLKGaxrp2g1li3ph0C2RyuMAmcAsGh6nZdazXFOxiWleVanWNnz2o82kZSmlB2F4i"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec5117df9fb70c-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Dec 2023 03:58:09 GMT
bootstrap-datetimepicker.min.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/bootstrap-datetimepicker.min.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
297469
etag
W/"63ec8df5-13c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGuDW3VeXX5w8oU5woz9IVcVmNe%2FqWoyOy%2B20CtQGbtXQwGLvwvML4AgcXrxFoIRZH%2BDWbNEd09EVQq4sfEhrBOLRV2e4%2BQaVPfxp6rMSaf8wEAytEbHVSX2A%2F21TgcQ9Rz27iL1o%2FuVxSt5Lyfqz%2F%2Fl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec5117dfa0b70c-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Dec 2023 04:43:04 GMT
style.css
securityaffairs.com/wp-content/themes/security_affairs/css/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132812
cf-polished
origSize=63687
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Aug 2023 19:58:52 GMT
server
cloudflare
etag
W/"64dd2a7c-f8c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3ykE45lxEyAtIdzzmjPG4slzLKYbKkI0AvhUDbMBZvhEMtpIbSePRxi0dm4071cO4kTnA5uZtskuNj5CadsB0jg7X%2Bt5Lxlxyu%2BirPDFrbSS1MLD1qBlu5IX0QevXNcx0sXoAz95af7%2FlNhThtrqv70"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec5117dfa1b70c-AMS
expires
Thu, 07 Dec 2023 02:27:21 GMT
slick.css
securityaffairs.com/wp-content/themes/security_affairs/slick/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.css?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35785
cf-polished
origSize=4922
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
server
cloudflare
etag
W/"63ec8db3-133a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11Ve%2FytlCapGbtCMj3NxEtCpLKD6uX%2BJzGot999YcGW1oMnQz72npDB6zOcfggyTsxV%2Frpsz0K9Nz3lvTr2bOAG7TWRltQYANBeBoIpX6omw9jsZ4Dtd6%2FMC60Hc6cfR1LKOQzhKUHrYTj0wRWBwO5QI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82ec5117dfa2b70c-AMS
expires
Fri, 08 Dec 2023 05:24:28 GMT
jquery.js
securityaffairs.com/wp-includes/js/jquery/ 		138 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
112671
cf-polished
origSize=285334
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 22:53:12 GMT
server
cloudflare
etag
W/"654c1158-45a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84Dho7QaGUgHy2cb0l5Z6ZcnNIx47gTEWXdQZs6VeQauc2O%2FhmTyVyKWjGpMkfuBj8EpfOW9wWxap%2FmlXIuL1xDqGnDqpEn4VX2YFuTXbUEdpEUhR9ks5ffsJzAofzD0EWr21IY3OPIh0FLbfrxGeCKW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec5117dfa4b70c-AMS
expires
Thu, 07 Dec 2023 08:03:02 GMT
jquery-migrate.js
securityaffairs.com/wp-includes/js/jquery/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
294432
cf-polished
origSize=31978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 22:36:33 GMT
server
cloudflare
etag
W/"64d2c371-7cea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ongetku8Gw6sLj%2Bt7e9NOURmCsbnBgbLRRsq1JVFcjSfo3d4p8fL0m3hApQUj0IDzsUvU1GfcdiuYyqqeCF4aNg69YqTsUpm1o1eIy67OAT9h0djJIo9YJYzogru7nAQf%2B%2FFbvFcsw4PawATTvzHX08D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec5117dfa5b70c-AMS
expires
Tue, 05 Dec 2023 05:33:41 GMT
cookie-law-info-public.js
securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.1.7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129019
cf-polished
origSize=34179
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:31 GMT
server
cloudflare
etag
W/"6557b4cb-8583"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9dwjciFLnCbQzqVzsifhI0QnqVWj9ygQx%2BNM0jHZjqBKJi1UIMZoc2FIFcOql8LzgWf9qY8qtnPKpU6pK3q9TCnk7rxQ%2FBz3XINpGxWEMNY9XrV%2FlKG4f0SkS16UKPniQtMnFHYOoUNXCOpuWEFIFag"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec5117dfa6b70c-AMS
expires
Thu, 07 Dec 2023 03:30:34 GMT
sharethis.js
platform-api.sharethis.com/js/ 		205 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-121.ams1.r.cloudfront.net
Software
/
Resource Hash
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:18:22 GMT
content-encoding
gzip
via
1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P3
age
151
etag
W/"332a8-TLw9AuvfjXyryvfCUMBAgFW/bLw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
0AcSyhOFcwV-FZaYkpIra3j-m4ZTK5MrHoDaLcw4BV9Bo8YC771O_g==
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db984b0b0383ae3b1b7ceb9569f9c3fb6e99174a89a92c992fed6e2427ef027d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64889
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 15:20:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7ccf4d646a1b0a5954dfccc725c7cba62ea0442434dbe3656f1df25e457b1de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52617
x-xss-protection
0
server
cafe
etag
15567141899343043387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 15:20:54 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b8d70ba024451869d7387f12574502384e00f86842c18a772d3d6c64a59cd07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91679
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 15:20:54 GMT
/
services.vlitag.com/adv1/ 		577 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
616601cc90fd7fc8f7c377372b1bc3dc26aa2b87784010d1cd3bbbe1227300b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
97
cf-polished
origSize=590927
etag
W/"221a5a398da89ace8729d1cd3c481ec7 2023-11-30T22:56:08 v1 default"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec511f68462bc3-FRA
alt-svc
h3=":443"; ma=86400
menu-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		467 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/menu-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
294431
etag
W/"63ec8dd3-1d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp6kT4SAW%2BnSJsGRBz4ns4d17ug8Nuecvkn3BvTEtL13%2F1pZg3NrNoYmSpH6fmQ4%2Bji98EDjsb7x76yilPVSZgBf13%2Bt8j6tKJRtnT8dzRGJSQz8IroBoQiNyhvEaPnbsFpO0FY0wqjwyfNMlxfDVRut"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
82ec5117dfa7b70c-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
securityaffairs.com/wp-content/uploads/2023/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40891
alt-svc
h3=":443"; ma=86400
content-length
4751
last-modified
Sun, 27 Aug 2023 14:33:01 GMT
server
cloudflare
etag
"64eb5e9d-128f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOSLsGFOiQGlyomyR8AQ4nW4BaUwco01ERPB%2BBZN6D4MU%2BDj%2B6m2Z7wVY%2FHPsH0Khudo1bWNSxVgJwz%2BakYG4qcAto%2BgJENn333C8fnOD%2FmKvl%2BTz8Mw%2FKf0sf8eSQwFPAwchBcjy0WifCfswpeVFI0s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82ec5117dfa8b70c-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
e2b81110-51f1-4473-8cf9-2283db4a6da0
https://securityaffairs.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://securityaffairs.com/e2b81110-51f1-4473-8cf9-2283db4a6da0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
5047
Content-Type
text/javascript
user-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		987 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/user-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
120460
etag
W/"63ec8dd5-3db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwnIFlROxeV6Mag%2BMiU2JmScaw%2F1O6%2F5yQkImGO5wYdQaLSKVeRIxuvT4%2FG6GmqXuGDNmAcmUjR4YQ806zovGLGe%2BR8nDmsBRigNuGYHAyEvzxJDMRhlOctvOcVbT268k4C9R5HzQxTbWNlimrUeaNje"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
82ec51183fe1b70c-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
clock-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/clock-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
41242
etag
W/"63ec8dd5-3b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJBioCb2IelTuPi6VclvD3mJO56SjuLFMEKOl3b7KlHgn8V6mrMU5g9%2Fu9wahlZzPIVPmTHlvcEsGdtbBKOZ4lJI0g8t5WXHi08VT3kmh3oRIBa3VBKpbKC2%2BIe463XDWI2E0EBeQf61JJi9f%2B8BpRrU"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
82ec5118480f0eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
image.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/12/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/12/image.png?fit=2500%2C3639&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
7efcbeb7183157646257bbe5f3da5cb1bb4a368419638bcad34ac0f67a49b37e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
51018
x-nc
HIT hhn 4
last-modified
Fri, 01 Dec 2023 12:34:57 GMT
server
nginx
etag
"4bce95f40dd15dfa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/12/image.png>; rel="canonical"
expires
Mon, 01 Dec 2025 00:34:57 GMT
image.png
i0.wp.com/securityaffairs.com/wp-content/uploads/2023/12/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/securityaffairs.com/wp-content/uploads/2023/12/image.png?resize=703%2C1024&ssl=1
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
92c6adcb11c71980a023ed138aa801d17998e88ec08fcce1fafb8491beb80294
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
34286
x-nc
HIT hhn 4
last-modified
Fri, 01 Dec 2023 12:55:08 GMT
server
nginx
etag
"2e1c69bee0e6514e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://securityaffairs.com/wp-content/uploads/2023/12/image.png>; rel="canonical"
expires
Mon, 01 Dec 2025 00:55:08 GMT
CISA.jpeg
securityaffairs.com/wp-content/uploads/2020/07/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2020/07/CISA.jpeg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1536d07b6af9e6b855c692e59c9464e7f17dc211a4b17380f5a8b50ab13fe8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
220113
alt-svc
h3=":443"; ma=86400
content-length
42534
last-modified
Sat, 25 Jul 2020 11:32:42 GMT
server
cloudflare
etag
"5f1c185a-a626"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFQMji0dxTyTr7MOj7xkTFiQP1TZc2Q4DE8HyYL4tIqoji6wyKPz2PTeMTpgKN41c%2FCEix6ubRsnW5Cdv%2F5Smi%2Fnsd3SfRzhvbjr%2BjQzeYG1nd9ljtnn6Tah8%2BEvv7lU6sMWUZXKeWRKyX%2F1EefsRR8o"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82ec511f08250eb4-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
apple.jpg
securityaffairs.com/wp-content/uploads/2021/03/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2021/03/apple.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c1b56d72a2f838340b55bd9d710f9a051807d641bf97e111ac9e3ade664911

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
122934
alt-svc
h3=":443"; ma=86400
content-length
32733
last-modified
Sat, 27 Mar 2021 10:24:06 GMT
server
cloudflare
etag
"605f07c6-7fdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCm6JcCS0ob8SDgrA2xoF8HC72rR9nZps6%2FFqRv7ApymfZqQUUnJ9uA5IRGc5bS0d2F1Vr01BwwDpiCBh71RlRRlSyyy48YBmrJTtrmWXBcPUC%2BDQ9JuXDFMuGJzL0oMX6mEeeibIWzQb8jrPOUdXMAF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82ec511f082b0eb4-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
image.png
securityaffairs.com/wp-content/uploads/2023/12/ 		304 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/12/image.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1860f1e863bb560a9fb9ce20c26a86d247bc0e344c1d699a64dbcb0e2ac8df12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9914
alt-svc
h3=":443"; ma=86400
content-length
311368
last-modified
Fri, 01 Dec 2023 12:08:01 GMT
server
cloudflare
etag
"6569cca1-4c048"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMTZtQoEEh5fTL4LMpJ0vEGbvIcz%2FrhFGC0ZeBJ6w%2FM5RyJgPX6J7IO580VYG3zYHUhTdskV%2B0pb7uxgDj1U9K2izgrMcuuWQ2wKeDkwRcDNC807BEP%2BJxlsR%2Bwb%2BYVSQHQOr1vCJMpcptjgM2rm%2FfZs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82ec511f082d0eb4-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
zoom-logo-999x666-1.jpg
securityaffairs.com/wp-content/uploads/2020/06/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2020/06/zoom-logo-999x666-1.jpg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8eea29a69a5f1252bfb0b35b699c8cb9ac950d15c2151649be28be9d4df64c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72945
alt-svc
h3=":443"; ma=86400
content-length
26165
last-modified
Wed, 03 Jun 2020 23:09:33 GMT
server
cloudflare
etag
"5ed82dad-6635"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ2gwvEU3BQRo9d%2BLht4lQs2pn9QLHWue1EArnq6BzS0E9NOqOebx6hMYAiPZvIFkytcv6I6O0j%2Bt%2FcorDi16pd37veY2PLY3x%2Fwg0azZJe2JYBBn20Vp%2B7Rs%2FUOTIVCO7cbOP5huTCCqsVbv9ss7yeM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82ec511f08300eb4-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-44.png
securityaffairs.com/wp-content/uploads/2023/11/ 		609 KB
609 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/11/image-44.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
352713dc5ed16b11540cb8f293837e5f9dbdbec0fd8d5d60410bb0a5723fc682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120163
alt-svc
h3=":443"; ma=86400
content-length
623456
last-modified
Wed, 29 Nov 2023 23:24:59 GMT
server
cloudflare
etag
"6567c84b-98360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuIP9Os6s6rCVTYSQCL7fVEt5oNttEcbpxSfrnhxtSe5Hws%2F3Ovmx%2FDYXh2LNVIloNT6S8X%2F6lZfOPADUzAM9MtpyZO2bBf%2FvWLyvc%2F4VC1e0FWDNDboJuuUFh0xjP6MDc9%2BAsQoXOdDBSRlMK9uvTcw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82ec511f08320eb4-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer-logo.png
securityaffairs.com/wp-content/uploads/2023/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/uploads/2023/08/footer-logo.png
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47537
alt-svc
h3=":443"; ma=86400
content-length
3916
last-modified
Sun, 27 Aug 2023 14:33:08 GMT
server
cloudflare
etag
"64eb5ea4-f4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saZ4UwvUyD1el8OElfQJ%2F2Hi0LrL98GdiAjhiyFKx0QmGhQzb%2BPErH16KgsnAJk2%2F54cRSasj%2Bxap5%2FdkxXV2OrFvEnxLUIPrbPpcON%2BNE3m%2FkA43ipY6QaBHD5nAUAy07ZvwC%2F2WN%2F1YUt6K2S%2FR11u"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
82ec511f08340eb4-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 16:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65660ffd-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXfb9vqBnxsICKvvPaiIb0weC5J0lq%2FRVVTw54ghL3j1Ae4gS3LW2gre27fLe65c6mR5DKEDs%2BKHsIUH1rwO26p2GBcjs%2FdP4a11wnoL9PgiYjEjn0JNty4%2BV9wrKBpWdYaSQqVRyhLgoztpO5%2FC4Viu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82ec5118986a0eb4-AMS
expires
Sun, 03 Dec 2023 15:20:53 GMT
image-cdn.js
securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 		701 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
296177
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:37 GMT
server
cloudflare
etag
W/"6557b4d1-2bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjiXoiMV68gXbo1Z81sUM13i9mnHJpuJwrSrcA3bMWX0GMwfqYd2h7VFlqf49Is2l1MM8FOk9kVEgwSbBV0AVSsXP5K7hvRFjnwQxwR5A%2FmK2wVnoqVRPDcXzMRrJcZnuCLaeI%2Fgrkjs0DiiAu4JHcTK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511898780eb4-AMS
expires
Tue, 05 Dec 2023 05:04:36 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590667
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:29 GMT
server
cloudflare
etag
W/"6557b4c9-2b6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFBJAagsW2%2B5CbTVccQBrWKA6Nig5%2F12pVnZ%2BfUJ7mhIKkNEz83bagJRnZHh3V9op1ci1M4sAtcyVfiwaljc%2FT5ewY0%2Fn21vxCxCgcuiL8QentqDdpdGJ1OJbg%2BZJXzmQbRbnsMfAaGSJWuQgaJgS0d5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec5118d90e0eb4-AMS
expires
Fri, 01 Dec 2023 19:16:26 GMT
index.js
securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
124775
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 Nov 2023 18:45:29 GMT
server
cloudflare
etag
W/"6557b4c9-337e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wq9b6omHFjFQ3BeF6lkcfBeqshtNNWcHKsH5DUyHxCUGb8j2fH0SuW%2B4dzcD0J9w%2BJ3kMfvQzatGJW6%2BmPyf%2F%2Fl41GGe%2FTPUdWsCFG0tJE2BSU2fHIhafWawVhHuB9F6oJ%2BCypcS0GDDw8Ae8f1u11YA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec5118f9270eb4-AMS
expires
Thu, 07 Dec 2023 04:41:18 GMT
ssba.js
securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1686486772
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
220050
cf-polished
origSize=3110
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Jun 2023 12:32:52 GMT
server
cloudflare
etag
W/"6485bef4-c26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q0eOWvkBsTDkRjOsTN7XnSpJHf7gkgIY5yzT5raNFXGI4UUxvc21uhMYc4Ep2Qo70xWoD%2FDhTGz0BuYhRFgW1D7Jdcb80UlCqNrORaYM9FyNvJRIXDmjoFhZehTib4VkF6tEetc5X4dchhQxx3cJLIJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec5119396e0eb4-AMS
expires
Wed, 06 Dec 2023 02:13:23 GMT
jquery-3.5.1.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/jquery-3.5.1.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
47971
etag
W/"63ec8dba-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vma9HRgAhL6TxIFyWw7gL8VTTXwcNHHZtnwbHwgQJDYrvvZMwK73rO48ZybTy2kp0fS05pRiiuFUUow7j47WJl%2B0eoGPct6qFsGqSm68AGjpdu0jyCYHbGRw%2BjC0y%2FhGJH6wTpsGOzeyK%2FwKpwlnzUsT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec5119498e0eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Dec 2023 02:01:22 GMT
bootstrap.bundle.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap.bundle.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
122774
etag
W/"63ec8db9-13397"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JptMEUR0zHg0ot1n8mF18uav7INyrit%2FRxAHo2iGMHKKLxwEZHs70xDQfoEkqOkgH4uYCZ4DuAo9Q4Rp%2F8dVVZtljerfdXgs6pt%2FQjFlAL54dHB5p%2F7CpwKdWOke5f3KH062CGqVzJcQiHF6zJcJFzMV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511999e40eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Dec 2023 05:14:40 GMT
animation.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/animation.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41239
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcCXu2rcaHdYQpOIUdaftkxA811Ue1IFazR4Ze%2F16m0AkWZfSXjz0VUKW8KFYesejUmGSUGtp5iB5yLLUpXCpOZJfq%2FAPumW6aHe%2Fr2Ff4XG0MBhUtIqOZlGNtOGC0cgR8%2FIMwZzXRyWwivxWEWVRhAB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511a2a880eb4-AMS
expires
Fri, 08 Dec 2023 03:53:35 GMT
slick.min.js
securityaffairs.com/wp-content/themes/security_affairs/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/slick/slick.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
289438
etag
W/"63ec8db3-a76f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcA8Z6owWlI32sYC6Yp2lwP3Df76dPCChHrK3e7aN2BKtoXGrJUb1xLp5Az6%2BuoAgI2WNoImN%2FXHp7rNbYolGS%2FLrQDEPApYpGQNnoz2r%2FijFUzWrsuNwHBfsaa%2BtqeB26mB9hY6bnC6M9TlQTFzSStp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511a5ab60eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Dec 2023 06:56:56 GMT
select2.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/select2.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
33196
etag
W/"63ec8db9-11dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdVMI9U5lp%2FrBuwfHDnXrV14CJNDTtvhpcavrFtX0K2hX74rMn1oj1R8oYO1KMTE2JfDLB4yz6YVpDmQUeH2VYlDBT%2F3drrquzrFPmgtmsYac0pNCDVGCS6nonAPQV7Zs05pM2g%2BlotAka%2BdHKnT%2FYV0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511a8ada0eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Dec 2023 06:07:38 GMT
moment.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/moment.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115940
etag
W/"63ec8dba-857b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxzEPzX0dcJRcFDBdwsRuZZif92FtnlsvMtXFwefmbnyjsxp1x8rV9A4Bnnf6DB9vD9lK8OY0w7be6aBguUGrXoIMf7rJQmkiWwuscL%2BhtwhmE64wY27iOassf34oy2gpeqDVkUXUJrN%2Bny4LI%2Fx9dYr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511acb110eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Dec 2023 07:08:34 GMT
bootstrap-datetimepicker.min.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/bootstrap-datetimepicker.min.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
209215
etag
W/"63ec8dba-5a28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5%2BLGZ41K57kqVSmFsKqtdwi1mR%2FK2trdYbjnF9uH%2BlCe6WQjopKL2HfuRg9BJrAE2vFRQPu9hGeGrjDCGMzXrhY8BZHg8AhhGbRQ0Eq2bxITQrq1IFV%2FB%2FGpAR99Ija6K2sLMzQAv29L77i1EwI%2FlIK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511aeb360eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 05:13:59 GMT
script-datepicker.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		236 B
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script-datepicker.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
124775
cf-polished
origSize=552
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:02 GMT
server
cloudflare
etag
W/"63ec8dba-228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3BZYKMcGXhMa4JZdHsT6KkKaeeOTDnyOBIMmfBOZNt%2BzGsygOTuk6WmZrIl37PwInfuCegIsW6%2Flc7sHeUFx9SRddXFOxUUpHcumhHU%2BTsQpUSSfXu4SoVkyp1QNW%2FdVeIyVVnOSAuprdg%2Fa6dxS8HF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511b2b680eb4-AMS
expires
Thu, 07 Dec 2023 04:41:19 GMT
script.js
securityaffairs.com/wp-content/themes/security_affairs/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/js/script.js?ver=1.0.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
295279
cf-polished
origSize=6278
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 15 Feb 2023 07:46:01 GMT
server
cloudflare
etag
W/"63ec8db9-1886"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dYeJEodFXi3%2BXNTHF6DlIh22FZFDvs6lPAg8aQaoALiksTtdSBjdOBW9DKJnEJU7aSvGrFRZlz%2F3lzWt%2FnjCcijF2%2Fg%2BnYvE8tJ1RC6IsFURD9nhalQ01z7mJGSFf5LLtlcl75XidIID9EDGtROWT0R"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec511b4b7f0eb4-AMS
expires
Tue, 05 Dec 2023 05:19:35 GMT
e-202348.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202348.js
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684464982353.1523
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 25 Nov 2024 07:07:17 GMT
css2
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 13:30:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 15:20:54 GMT
63aa5463b92caa0012f81022.js
buttons-config.sharethis.com/js/ 		438 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/63aa5463b92caa0012f81022.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:a600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfc6883863d1d8dc27b491556f0f91df31da6a3f86fa1d9d8dc8686e067bd8a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
via
1.1 69b7884048ebe8b1ecf8d8ec9d39c85c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 08 Aug 2023 14:14:32 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P3
x-amz-server-side-encryption
AES256
etag
"0a1ccce781e1a89f4075d4f596f8a0f2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
438
x-amz-cf-id
_HAjTXKy2rZZmF0s_1Tj6CbugHqXbDm5E0-WtjgaFatWr2-KBzL-hA==
pview
l.sharethis.com/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=securityaffairs.com&location=%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html&product=gdpr-compliance-tool-v2&url=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Black%20Basta%20Ransomware%20gang%20accumulated%20at%20least%20%24107%20million%20in%20Bitcoin%20ransom%20payments%20since%20early%202022&cms=unknown&publisher=63aa5463b92caa0012f81022&sop=true&version=st_sop.js&lang=en&description=The%20Black%20Basta%20ransomware%20gang%20infected%20over%20300%20victims%20accumulating%20ransom%20payments%20exceeding%20%24100%20million.&ua=&ua_mobile=false&ua_full_version_list=&uuid=b1b5498e-ae7b-4ebb-8f4c-395d80a2081e
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.206.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-206-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 15:20:55 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://securityaffairs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1977899f722e69cb4aad9ecf2a5a1535eb55111ea3bbff0e7d30a5fb2e48bb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137282
x-xss-protection
0
server
cafe
etag
17870211127980477974
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 15:20:54 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 8FCE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918072057181794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f09a6853ba2b41f3d45fc84697570f54e91d23d862c6e51bc64bee90b7f83e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4113
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 18:23:55 GMT
etag
3212660519051894895
expires
Thu, 14 Dec 2023 18:23:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 13:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5477
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 01 Dec 2023 15:49:38 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56ab51d0350fc1d76c1a1e1a4437b33ce5a1ac17d5363d1bbfb137385444d031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75513
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 15:20:54 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59069958-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
917713a1f617f6afb7a5f47261fc08b33696500aad878a0817a0da06e83bab49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91632
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 15:20:54 GMT
search-icon.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		940 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/search-icon.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
121229
etag
W/"63ec8dd0-3ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mizrr3ypRRx0z%2BML5%2BGadOquMBuyLz4bzi4KKcUf0jmMf%2B54gX46XeXFohDMVeaQZqCvcF2vNZWwtRf%2F7llZWUfWE8Pgxail2ZQHjusHMaFvvoQkEJvjBsncpnaH7FJsSijU%2BOkocUp9w2orUohdke%2BI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
82ec511f48bb0eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
b-arrow.svg
securityaffairs.com/wp-content/themes/security_affairs/images/ 		903 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/images/b-arrow.svg
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
41232
etag
W/"63ec8dd8-387"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaZm8ST8I4ayJ9sFA%2B3zHVImKBJpPUIx63q3cyeJhZM8mtiDS7dswl2Eayd9crJlAQdBEbQaRVyK675S8kzBL%2FaPsffUbplo5HRogX8GBgD8PgpnnFQHomCVcV9MUX4jUr9j1NSC%2BzZYTj%2F7EB3hHXQm"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
82ec511f58c70eb4-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:29:28 GMT
x-content-type-options
nosniff
age
3087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 14:29:28 GMT
fontawesome-webfont.woff2
securityaffairs.com/wp-content/themes/security_affairs/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-content/themes/security_affairs/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://securityaffairs.com/wp-content/themes/security_affairs/css/plugins.css?ver=1.0.0
Origin
https://securityaffairs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 07:46:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
508
etag
"63ec8de8-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fxz%2FZVr4P56%2B3P1Byk9Zsho1wAIKWAT9qmqYI6AXgH0FEIHcZmn%2FNlLhJGPVT1%2FaOAP0imSoRQkt2lWvkQQkJwCYKa%2FmwZt6VZyTTxAmjUJvnzj0zWtLYpoLQwCHWZ3WQa8nRXj9i0yKbkpV5gBIgrKT"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82ec511f58d40eb4-AMS
alt-svc
h3=":443"; ma=86400
content-length
77160
collect
region1.analytics.google.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NPN4VEKBTY&gtm=45je3bt0v9100359598&_p=1701444054855&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1450617827.1701444055&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701444055&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&dt=Black%20Basta%20Ransomware%20gang%20accumulated%20at%20least%20%24107%20million%20in%20Bitcoin%20ransom%20payments%20since%20early%202022&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2082
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NPN4VEKBTY&cid=1450617827.1701444055&gtm=45je3bt0v9100359598&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NPN4VEKBTY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NPN4VEKBTY&cid=1450617827.1701444055&gtm=45je3bt0v9100359598&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1564928536
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=29506073&post=155054&tz=0&srv=securityaffairs.com&j=1%3A12.8.1&host=securityaffairs.com&ref=&fcp=0&rand=0.33036497372498563
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 15:20:55 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
twemoji.js
securityaffairs.com/wp-includes/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/twemoji.js?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292583
cf-polished
origSize=33089
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-8141"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LnwHG3hcBVrhW5ceDjBVahA2tx8IjlXSCiIbw%2BK3AoI69MqqkG8q9933dXEmT00qky1Pne3UrCvGpk3C8JR12v5Q%2FjJCYVihl9cMtotQteUFMuiIFraNGfeRA%2Bp1g1HhMn5yY7oFN1JG0vLiE7%2BtaI7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec51209a830eb4-AMS
expires
Tue, 05 Dec 2023 06:04:32 GMT
wp-emoji.js
securityaffairs.com/wp-includes/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-includes/js/wp-emoji.js?ver=f377ab93ed2e4fa4382c47f25484effb
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
305473
cf-polished
origSize=8969
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 22:54:43 GMT
server
cloudflare
etag
W/"6424c1b3-2309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDR6qNXGFlFTsFDwonmjiAIGLV9qwMxizD24jzYwMlkLXOHAnUFvHN49abDJ6LSyk%2BzGYFx7Y6raLBe7pJB0FDpzWQlL5WRMfqwCuKXNrD21m6V1YVuqcQy8VsHerQ4aM70B5deOYpNvsHAOp58wx99N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82ec51209a850eb4-AMS
expires
Tue, 05 Dec 2023 02:29:42 GMT
schema
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/ 		232 B
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/feedback/schema
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYlNb%2FGR7j1zDD6BZtGxEcUsswHYyBmuPPCaqCVud50qxGbG2WkROmm1I6bjWKmqERu%2FTHbveSw4NQ9s0BGj2vaWsYTdTPs77AWUqVZsOQ9QQbvYzAxr9L9MuxpU0DlpgavhvIBC%2F5h6f9UWvByponxt"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
82ec51209a8a0eb4-AMS
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZWTX5HC4Z&gtm=45je3bt0v893534898&_p=1701444054855&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1450617827.1701444055&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701444055&sct=1&seg=0&dl=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&dt=Black%20Basta%20Ransomware%20gang%20accumulated%20at%20least%20%24107%20million%20in%20Bitcoin%20ransom%20payments%20since%20early%202022&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2234
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZWTX5HC4Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/cli/ 		42 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/221a5a398da89ace8729d1cd3c481ec7.json?hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1167dd67ebefd8738056c6fa7d7745670e0a51d400e3900c3f1a704ca8a4e768

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51219defbbb6-FRA
content-length
42
alt-svc
h3=":443"; ma=86400
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1577500085&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&ul=en-us&de=UTF-8&dt=Black%20Basta%20Ransomware%20gang%20accumulated%20at%20least%20%24107%20million%20in%20Bitcoin%20ransom%20payments%20since%20early%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=356302799&gjid=1978740605&cid=1450617827.1701444055&tid=UA-59069958-1&_gid=573567184.1701444055&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=364718291
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4336 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1701444055&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701444054873&bpp=3&bdt=1221&idt=374&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3113210913209&frm=20&pv=2&ga_vid=1450617827.1701444055&ga_sid=1701444055&ga_hid=1577500085&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809004%2C31078301%2C44807406%2C44806141%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1231308203232713&tmod=2114860877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 15:20:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vl.json
services.vlitag.com/vld/1701432268/ 		13 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1701432268/vl.json?page_url=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Dec 2023 15:18:56 GMT
server
cloudflare
age
96
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec5122b843bbb6-FRA
content-length
13
alt-svc
h3=":443"; ma=86400
221a5a398da89ace8729d1cd3c481ec7.json
services.vlitag.com/obj/1701432268/ 		44 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1701432268/221a5a398da89ace8729d1cd3c481ec7.json?cc=DE&hn=https://securityaffairs.com
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603ceb9f9ea34b13fc3bf72099f8262ed4e86d3aa2c1a515e9e81192f7b2d142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Dec 2023 12:55:12 GMT
server
cloudflare
age
96
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
public, immutable, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec5122b847bbb6-FRA
alt-svc
h3=":443"; ma=86400
refill
securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/ 		2 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securityaffairs.com/wp-json/contact-form-7/v1/contact-forms/149934/refill
Requested by
Host: securityaffairs.com
URL: https://securityaffairs.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:90b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, */*;q=0.1
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
allow
GET
vary
Origin
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBGrfv%2BmX0%2FVH8M%2B4hauFh%2Boi6qJGObt5y7V3mb4b1st5QLBVyXgsm%2FE9iFdbsq0b18V3X0I9u0YdSFtRdZ0XGd2SgAQGbXoqv32wSxhGcmfh%2F3T%2ByAs9qKz50Nw6hkkb%2FqLJPw9Ldb1d7tMk3NYTFzC"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://securityaffairs.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
82ec5122ce340eb4-AMS
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d416f80ed9468eaeaec1aadbb33145f69565e86430cb30f8f787e5496342ee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12014
x-xss-protection
0
choice.js
cmp.inmobi.com/choice/pCNAReJk6bG2R/soamaps.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V3
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c696e0b058138e41157ab0a7fdea44a11fddfa5235c6ac81a84aaf4ed931b1d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:54 GMT
content-encoding
br
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 20:16:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
2
x-amz-server-side-encryption
AES256
etag
W/"d4ae11d37c865a7c5762948a6025968c"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
6LdRQ5TrEw26Wu73tc6w4ob2PKcEvKYBSXme5eooFveb5GhMFHAsrQ==
prebid-8.21.0.js
assets.vlitag.com/prebid/default/ 		615 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 03 Nov 2023 08:25:02 GMT
server
cloudflare
age
300108
cf-polished
origSize=630565
etag
W/"6544ae5e-99f25"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
82ec51232db32bc3-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 11 Nov 2023 09:19:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a9fed1c494cb46f7da6d06bf0647df65fce52b0cd64ad846cef6a13e649aaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30021
x-xss-protection
0
server
cafe
etag
443 / 19692 / m202311150101 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 15:20:55 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Fri, 01 Dec 2023 15:20:55 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
age
124398
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
82ec51232daf2bc3-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 16:40:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=221a5a398da89ace8729d1cd3c481ec7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:44:01 GMT
content-encoding
gzip
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS58-P5
age
2215
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
UFcCZ217lbTnwJo2rL6LDSEFIAcHyMt4YCcXnNEBpEVaUcslaTvq6g==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4918072057181794&plah=securityaffairs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 15:20:55 GMT
cmp2.js
cmp.inmobi.com/tcfv2/ 		158 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/pCNAReJk6bG2R/soamaps.com/choice.js?tag_version=V3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e215c459f6b636decefe1e4bb3999a3ba5798248e6868ade99ec4e30c9acfc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:43:24 GMT
content-encoding
gzip
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
2252
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Fri, 24 Nov 2023 14:53:40 GMT
server
AmazonS3
etag
W/"9a59be07c42e77f2bba7a0e654fc46f0"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
-oQEDjonT-4CFpO4WYOrhs1L2C1nNi7PMf-SIjUtba0-1gSq9BCz0A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 7d758b616f5473c7b4bee1c49ecfa98a.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 08:58:40 GMT
x-amz-cf-pop
AMS58-P5
age
22936
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
8jXyK-JcfS8p4F03SZyn0NvjXcGMbLupuyp2xVUiAYjCkO-Eyrge7g==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 10:34:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
17180
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Nov 2024 10:34:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
61466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 22:16:29 GMT
expires
Fri, 29 Nov 2024 22:16:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3081 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2961493894938b42780a3d6415e97eb3795824ec19f44c274416131e404c8033
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TysWsRqtGZabUZGHpVLJ_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TysWsRqtGZabUZGHpVLJ_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 15:20:55 GMT
expires
Fri, 01 Dec 2023 15:20:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9cf0c4f1-7630-476b-9141-f4472e005192
config.aps.amazon-adsystem.com/configs/ 		537 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-129.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 14:49:51 GMT
via
1.1 6cbc993371a5407a8b834ea22f7fcbd2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P1
age
1864
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
0jCde22mXX74tdBK8tnNr-81rJqgUgENK0OSohgPTbiz-1q2zUY5TA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Ftc...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%229cf0c4f1-7630-476b-9141-f4472e005192%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22consent%252Ftcfapi%252FattemptSync%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fsecurityaffairs.com%252F155054%252Fcyber-crime%252Fblack-basta-ransomware-activities.html%253F_gl%253D1%22%2C%22lv%22%3A%2223.1108.2350%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/155054/cyber-crime/black-basta-ransomware-activities.html?_gl=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8bb90d44758ce70476efdf577c8bd268.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
1AQXJ545A221NKZ2HXC4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
Pd8chO3ag5SoquOfymLNarCswgY1jEvOKmkiIyYKFK8VhKvFPVAmAQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsecurityaffairs.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-131.ams58.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 09:56:22 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
age
19473
x-cache
Hit from cloudfront
access-control-allow-origin
https://securityaffairs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
NADCCcI6nDkMhuasDeI81PbyVkcL4mQzfNzhftnHHlxWLN9tOLi9sw==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231201
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36446
x-jsd-version
1.0.1890
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230127-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-TNgfTrEmgU0kvSD/fpfRT6TRJJo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wm6ACeE4FESRPipJ%2Bw4dCmgdtYfIbyAYM9Ve8hVi5ob8LaT3LxMEPzETwtkCxbHsxCyhaoGwDBUjGxcqeWaBTvcT%2B5bQXu6e454zh5riCEgKVdnqT%2F0Ga8ilBfpiFhpQ2a9gXis8VHJyBGkPYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82ec512578ff1959-FRA
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwZqKqqeP-UwBa-PPTK-MBrA-eAAPTPPeYUwURdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaA,KYMbaA,PUMbUARrdzNqdqmgfRwkjNARmNTTTBTARleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvDVkH3Ga1keEBcQzyFyzl%2BM%2FhWR09bqyYQBOZ25z2W1g8jaWrs1OHxk1qpV5NAvvYkaKIeObhe6O%2BfoqM6NIUN9mUHLjkzcBRh2564RS7JPIMMrnc3m5DQwfd78vznkvVzUaeds1LgLrP%2BaW0onWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51259b7f37e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMYAyUrPM-qtet-PAte-wtaY-BPqMUUKtBPPTRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZA,YZAbYZARrdzNqdqmgfRwkjNARmNTAKUUKRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Qy5wAsrLXornoG4NO5jM1%2BjZORMc2dohByQVtWTk3liHEF9Fqg1YF6ZTU6q6dtcWhuCtgXx0JGz6Ymu3kmtid2R50f2n1cG4zwrsP5%2BD%2ByDRvK3K6rpEE9QP%2FEpfMhAtCa3kNlmEHXKMDXU8Nc3LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51259b8237e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNytKYtTKB-rtqZ-PYtq-wKKP-UwrYqtUMaBqKRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNARmNTAaPYTRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXHpp0acUm2MKJbh%2BPu7K0HtY%2BWwUv3ahch6kHiE5rMSbEucAhURv1R4VjklhTDvzTBkiMhhUAelLUyYtQ0gCn6%2FfBj5D4jjlEkHAeVaTw8%2F1yy19AwQgW%2BRUKiMj%2FbV5BO57XYRUPUN%2FFVOl827WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51259b8937e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTwYyBMYa-PUaq-PeYK-wtqY-ATBqYAAUtMZaRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNARmNTAaPYTRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOFwJ33AOuCjRzQ3eVEZmCwcKc9ECYlMepTfFJsyagzXsFuNcXcN8yh7Ks17ue43uZ8zgYLnH3mufgNfB2bEVd4Kvo%2FmDk7LnT%2FBNw60WmzTSNVbvJlZTPFxBDyBriMWEBBI51%2FjGEKc2VQtRLNd4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51259b8637e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNawZyTKwa-rUTK-PtwT-wATa-TPZTKtMtyePPRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNTAMBMBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Rx0yJ1IgkF0dUF6ZiW%2Fmf1teFph77QFImo73VDmlZdgciU%2BHc5jXqNV9wfR1N7rrHOWWnl4YUqp0HiXkqlIgP0ipM3Xb2o8YgvplPUGn7t1nsocURHmzGWeqIVoWY6TcRHlWMGf2Ms%2FH47miYXG7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51259b8337e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaBaaewTq-aawe-PUTA-aMAP-wYMrTYMAtAKYRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNTAMBMBRleNplR_yszuNyqslt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rXiWCNJ0nzcsn2xYlfTwm%2BT1xcwVpKTrvwH3FOhsFO%2FeeEmNSeDqvoGTniaQ%2F1UxtiOgZVOTEQ7UXTbuvOe%2B0adEfiUrLthrUlJKAJYEqqvuuR%2FcjgVDsd6lsQXbScSh5%2Flm97Jttl25XWKib%2FtKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51259b8437e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e84df5c3072a47db21020cfdd0daa84c31e314ca97cb9782e5ecca1011144c4

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 03:00:45 GMT
content-encoding
br
via
1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
44411
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 01 Dec 2023 03:00:43 GMT
server
AmazonS3
etag
W/"c9e2a174394f72cf493706a018656fc5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
8UWUEMk5cOsrur6rXff9kWHSin1QNcfR1OpOBXTrHN_1JtvXmUspTw==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 12DD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
14032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:27:03 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&pid=gboB34iBHXruL&cb=0&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493111310_1%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A111310%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c42cd753c9927a74eed5ac8cd899bf30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
4KTJQFBF07AVNN57GFP7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Mko6QYhPtRD91sAfK_iQazbsjZNjE5bCgSL1vjnTpmRMGLjqYSFBsw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&pid=gboB34iBHXruL&cb=1&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493107667_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%5D%2C%22sn%22%3A107667%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c42cd753c9927a74eed5ac8cd899bf30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
WD332BTCMJ4AWTRP2FAM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Acb5we3WCdEiLu4xYZgjTeNbS3y3Vbu5Wq-rRXKM4hS0-7fdPheKCA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&pid=gboB34iBHXruL&cb=2&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_24493109421_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A109421%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c42cd753c9927a74eed5ac8cd899bf30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
12WAVN1F10CN79193SCC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
33WfDc77u6QX-Qa_NsH3_XELqeJHKjnKiN4xykiomtgHga9nVFcjlQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&pid=gboB34iBHXruL&cb=3&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_24493108383_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_24493108383_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A108383%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!pubpower.io%2C2108%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.81.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-81-30.ams58.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c42cd753c9927a74eed5ac8cd899bf30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P5
x-amz-rid
52QQCJH6GEH1T3CMCHQ4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
EuzmLcT9doVyOy6eL5o_PcfDLYrEtmDzECrMykgL2GJXHs-fymqHGw==
sodar
pagead2.googlesyndication.com/pagead/ Frame 3081 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1231308203232713&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 12DD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?482Xmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cmp2ui-en.js
cmp.inmobi.com/tcfv2/50/ 		279 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 14:54:09 GMT
content-encoding
br
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
88008
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 24 Nov 2023 14:53:34 GMT
server
AmazonS3
etag
W/"1140e593a3bca4a411e76bddf0dcac5d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
DSOqlzwKoyMne5yy3toRqJ5vmFUAezrsuDurWitnCu5NMVcmpw084g==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		549 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f02f250ed8982087165160ca06daabbf999b6260a40e84e9ccbeadfc542fe272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:59:25 GMT
content-encoding
br
via
1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
55292
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 30 Nov 2023 23:59:20 GMT
server
AmazonS3
etag
W/"b47b2f2ac3a1071d8fe85e7dc0dae6a8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
FtFF3KvCMlPiIdKErkMIuh5wrqmxpg87re5xmHPW5kjvGbYRIDP0Yw==
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=soamaps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ebea5f7ebaab8e2f493947e143b6c9a6734d230aa111ecf8ae83fa21afe09a1

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 03:00:26 GMT
content-encoding
br
via
1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
44431
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 01 Dec 2023 03:00:24 GMT
server
AmazonS3
etag
W/"5ed4f2817e992e9932392a84a1b82ee8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
717yhXPWK16gnn5vxIdmukJAG-jb8mVNj29ZAtx7XuNNPwG3Slkerg==
/
api.cmp.inmobi.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22pCNAReJk6bG2R%22%2C%22domain%22%3A%22securityaffairs.com%22%2C%22publisher%22%3A%22Privacy%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22DP8daxmOht%2FITpweldSUng%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1701444056078%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-01x19jk2dr9fceo2dydy%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.99.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-99-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 15:20:56 GMT
content-length
2
content-type
text/plain; charset=utf-8
localstore.js
script.4dex.io/ 		483 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 15:20:56 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
374768
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7UgJuId9jPdR4jnlMSTmLkJRWO1%2Bt66M21kxc4vW8ghxjIPQLq2VDRWFIqiOvAAM2BdNvplr%2FeXi7pMj%2FtmhKqOTxOmKHShmgC1Lu1gmPkdsYYCsHS25tTO6z952i6EAazyu2Shbe79%2BCc5"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
82ec5128aee265d9-FRA
c
prebid.a-mo.net/a/ 		0
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cdb
bidder.criteo.com/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=88550795258&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
useast.quantumdex.io/auction/ 		0
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec5128b9540476-FRA
access-control-allow-methods
POST, GET
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTTTBTARzdNTtATeZeq-YAMP-PPMK-qMPy-ZKyPTyPeYUMeRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTTTBTA_TRwkjNTR_yszuNyqsltRkjmNaKAbaA,KYMbaA,PUMbUARwlNqdb,kzwigxlt,gftzqu,ekoztg,ekoztg,ekoztg,jxqfzxdrtbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYQwuolT7P6boewVpF3chib9jC0mCRuzDgVEZemBIhP3yVylcUOF2t5kYhgpiHQYVih%2BO2wDL5%2FT15FDqQveDGGgC4%2FVkM0N0O4J9bAC2elrJAIxONCZ6Fbr87%2BXNI2ZSYmIgkkWYBFYkZhGE1KNLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51283f7c37e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cdb
bidder.criteo.com/ 		0
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=56540245241&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		0
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
pbjs
useast.quantumdex.io/auction/ 		0
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:57 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec5128b9580476-FRA
access-control-allow-methods
POST, GET
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAKUUKRzdNaerBUyrB-UPeB-PTYU-Mera-KPBrPqYryaTeRlmNBAAbYZARdzNwqfftkRqxeNco_YPPaBTAKUUK_TRwkjNTR_yszuNyqsltRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNekoztg,qdb,jxqfzxdrtb,kzwigxltRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXX4URZ337gLOxOl4OBj5wEw6Xt174wY4Tu6aHQWis5Wrr4vBC6YYT9IMdLUpGtDjG%2FcdHPr8jci7T2RHcTStEwVOhwRwVF4Jgz1plpHqQsxlO1IYCdAFaujHQv2XBURMw4ETMmOQeEHvfZchBPmVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51283f8a37e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAKUUKRzdNwwwPaZPK-rrAT-PrKy-wtyq-TqTBPPPMtKaBRlmNBAAbTUMRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAKUUK_T_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNBAAbTUMRwlNqdb,jxqfzxdrtbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNDaby8AVG5pxbRJ6mMF%2Fq7bStza7E4cPmZDALNmvh0Cz0RWY69LggTe5QUjIKQrYtlFF09SyMq0DcF3BVW8UHQ7qD0LPDrHYoyrNsKc4PDVp7Xm2GKvT6QQwoODQunYWcm3sZFRZXy2L8cRbVmyIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51283f8c37e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
pbjs
useast.quantumdex.io/auction/ 		0
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec5128b9560476-FRA
access-control-allow-methods
POST, GET
translator
hbopenbid.pubmatic.com/ 		0
115 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:56 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82ec5128d952bbef-FRA
expires
0
v1
prg-apac.smartadserver.com/prebid/ 		171 B
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:56 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:55 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://securityaffairs.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=32474618459&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
trinity.json
apex.go.sonobi.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2243907d8b4b28962%22%3A%22ab125220a3333b88e772%7C410x231%7Cf%3D0.01%2Cc%3Dv%2Cpm%3D6%2Cp%3D5%2Cpl%3D4%2C%22%2C%22442170f16ce96bc%22%3A%22f92c2d3e59016342889a%7C640x480%7Cf%3D0.01%2Cc%3Dv%2Cpm%3D6%2Cp%3D1%2C%22%2C%2245ab91a83539153%22%3A%22dc3fb521da1590cd931c%7C320x480%2C336x280%2C300x250%7Cf%3D0.01%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&s=6f28ce3a-983b-44e7-83b1-10680af8e52f&pv=0155298a-348e-4b1c-954d-61fe572073ba&vp=desktop&lib_name=prebid&lib_v=8.21.0&us=0&iqid=%7B%22pcid%22%3A%22a4d71ad0-221a-4c2f-908e-13318c184e66%22%2C%22pcidDate%22%3A1701444056354%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22c478dcb3-0641-40f4-80f2-ebe7102e1ef3%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22securityaffairs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1%22%2C%22name%22%3A%22securityaffairs.com%22%2C%22ref%22%3A%22%22%2C%22privacypolicy%22%3A0%2C%22mobile%22%3A0%7D%2C%22user%22%3A%7B%22gender%22%3A%22O%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubpower.io%22%2C%22sid%22%3A%222108%22%2C%22hp%22%3A1%7D%5D%7D&us_privacy=1---&coppa=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
99f5e36b0dab7672ec2fe4ea1edd30c6ef56c353d942443f092869733a9b8548
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:56 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-149
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://securityaffairs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
761
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNeYUTAqAt-TUAA-PMaT-MMYq-wtqwaTaqUPyBRlmNBBUbPMARdzNwqfftkRqxeNco_YPPaBTAaPYT_wqfftkRwkjNTR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNjxqfzxdrtb,hxwdqzoe,hxwdqzoe,qrquog,ekoztg,gftzqu,lgfgwo,kzwigxlt,qdbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKadXZfHEn8G0EZ0UUSDUs5%2BecSNVyoBIeBWhY4Bn9eIrCyi45HIOc7zgnOV0bldHXabxIxirjvF4bhWb1WH2mU1Qc8WqhAf62FVMK5bvfuoTPXYxGsgftSUH%2Fq%2Bea9M2Rqxh2rjBxQeIU3TNflCjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51285fa037e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNwAZATAMy-UMaU-PUMA-MqZB-eZePZaPPraKZRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_YPPaBTAaPYT_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNhxwdqzoe,ldqkzqrltkctk,ekoztg,gftzqu,lgfgwo,qdbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE6IGOj9Nl5QP4fzeGriVvL8s8DulUGDEy6nYaS%2BU4sGdTvh54Dbh3IMK2DohsEBn3ePMh12Qd%2B88gGxn1ujxYyhidOUWOKbsGu3oMK2VY6lrsV4iVDGv52vCDri8Xlii9TREW9zmDrbkRrqRXdulg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51285fa337e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAaPYTRzdNByPYrqyP-PAaP-PraK-awwK-eqaaAZAZqTtYRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_YPPaBTAaPYT_oflzktqdRwkjNTR_yszuNyqsltRkjmNUPAbPMARwlNhxwdqzoe,ldqkzqrltkctk,ekoztg,lgfgwo,qdbRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1ThIWIN65lhOPFuicLdIiXbT2zWdNs7CgjLj5Vb54cgrXT0JwoFOpUpJiz%2FRxasnTCw0pa3phwmW3%2Bjv%2FMOCXBXLxH24ki1RsPiR0h%2FzWymKDMGqbwBTcUYZNnva4a5EDNQUZi02%2B%2BENlfsq64niQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51285fa437e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
c
prebid.a-mo.net/a/ 		0
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		0
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=80091575283&lsavail=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
useast.quantumdex.io/auction/ 		0
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec5128b9570476-FRA
access-control-allow-methods
POST, GET
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://securityaffairs.com
date
Fri, 01 Dec 2023 15:20:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAMBMBRzdNeTyyPwAU-yaAZ-PBBq-aaUK-TqZBYByttrrtRlmNaKAbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_KRwkjNTR_yszuNyqsltRkjmNaKAbaARwlNqdb,jxqfzxdrtb,kzwigxltRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMnsC4LnPtqR0tKiiUB%2FYOzVPAY9ijmpet1hVJDnIGAk01EO8rgyWnOOaaJKQPrdMyDWWYVySatCycnH3W94z9QQhN6dvRpk2mpQoZmGaMrdDGAHdz6a0v2%2FRXxh9%2Fsq58qNgNino3c96YTuy4LyBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51286faa37e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNYPPaBRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNTAMBMBRzdNwZPeAKMM-PTeZ-PBeT-qAta-YBUMPTwUPAZeRlmNKYMbaARdzNwqfftkRqxeNco_YPPaBTAMBMB_MRwkjNTR_yszuNyqsltRkjmNKYMbaARwlNqdb,ekoztg,jxqfzxdrtb,kzwigxltRleNplRedhNgfRedh_ygkdqzNtdhznRedh_lgxketNcsoRedh_znhtNurhkRxltk_qeethzNfgRzey_ctkNcP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 15:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vieNdkhDBIwcTgSKjaktlBcTMFV6KaNpmT984kq73LVknQ7m1%2FKqTE6HG0i9IDehSUHH%2BcwpaJTWE4PMQWxWcg61yw8HuwGEKOJXDLr1DwpLW%2BTKbuWs7zvbw00IKwTLqx4ARAJqA00P64klkXKQuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-ray
82ec51286fab37e8-FRA
content-length
0
alt-svc
h3=":443"; ma=86400
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 15:20:56 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
209637
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kI5iXXlWYPVAkvUwS74L3v%2FAbiTfWL0ypmQ5DSJzAog4wv0stFtqV1e1FD6ct0UdB3bguYtxEGi8BLJ3Q5H55x%2BAgvyee%2BFmnejpn6Qup22QPKTpKHnvT4hL7B5MyqCb%2B6%2BaGNXSHMtGVN9i"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
82ec51297d228fe3-FRA
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1231308203232713&bg=!FhWlFVrNAAY3kmNgF5I7ADQBe5WfOKgKh3p1a11NhoqLPjXs67aiRu91id18uGBFXaQmyDNM2HGq1RAi0vTMsX_BFEkWAgAAADxSAAAAAmgBBwoAq2mHTqJGR7vLjIAKx3TjQctVZ0_ZTbLC3lrd0WPiFbVuItMErYJj90w2ZGLwGbU-i9r6t1CxBxsmftJqHbcfVYSTtgaU7g8aCJiAIzRpm3sNid77-uTwSzH84R-sBt9BNksYqm_-_j2foUKIfRf7Eo7o9ycbTpwm13WuIaiWlF6xa1HMSkOoXz9zu9mCgpnJZe3QWrACdiBJc-zUai7XxbYwAWu4AoJY6VOsipkCumluASLEJM8KRgH7XE5A5ENeTo6bOd1r7ADzkbCSBHI_VEoqDJa_-kw7jFrjGGu-gnH0YtjCzRBfg5tsT-C9VSkLw7po3jBo_p3cj0pUD-vUhEiSucybj-RsPHqA2whDCB87BvDb-hNSJN7gsq3vURzwm8qsfCq4_IrUjbBtZUo42oTnt91n8dpfV5MEnE3Y9pxrjHkMitNx55LGzLgLwV4o7DhpsP_hx7awxB4y3ymF54JAe3wnwLhAVZMAycM9YRn7aY1-4TcyNvAkhBlbEtnMj8xErdZVAZWrug0pFgZLLFQU1oDF3IdD9RceWnL_0kSE3I6RwS1HI_69Db77yIYMnxkAX5SiIQAmHze87nSSZxBZTSbI9htCd_ijqBGEnQsNzCTna2DTpLJm9-ScZIlICpk0LdcLkYMhW4ETlnOpVp4L0jZnt_Lhv-PnTGOp781tEkkV9TfoJSPoq86ejVLMPTqyd01cYiTjjRp0Mi5NWTlRyCFEm_qpolvRum84F8ed-0fLrfY9nYebXJQkNzHDKZDM0oRU4KOZcsIZyCxY9NJqfb9PmNBs_-N_nierAkMycBXcRjd2Rsjc3IJXxJBYw80KisV5pM9t3D3J62QIZLCpotg3vo_jth9uv6ZB0XN3jpby5y1gsY4bBcvWPvXGIQwJSvMsYyDkn685KtESDzZzKXNGqbPBtaqSwK_v5f_xBAJwqp9o0Smn6mi3m02Vuijb7slUTMI22nm2RqqSWwkseP570BlapdJ_VDsZbp942HXi0yf9dwpL0VCu9pKNCe4W8p6tBd5nx3gFZ04-_72PzcSxGTT1ICcHCtF2PGTXNRtegLcVlXSX2cdlO8jqSM_6mQWlZndc7mzJ_8ZcwwtDLN2J3LOz--xrd1uWbtLaZxAr3ERKLa05q7vbd89PXDAAA-r9iCPL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Dec 2023 15:20:57 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://securityaffairs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
onetag-sys.com/usync/ Frame 5706 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1701444056467&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 353F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 01 Dec 2023 15:20:58 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pbjs
sync.quantumdex.io/usersync/ Frame 1AF0 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034ce5c1afce7b029a47a71e6caf37b3ab864964d0964a6f9629d5306e5b8d91

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82ec513ccda30476-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 01 Dec 2023 15:20:59 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 626B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://securityaffairs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31660
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 01 Dec 2023 15:20:59 GMT
expires
Sat, 02 Dec 2023 00:08:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dappnex%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=460747949242986076
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=460747949242986076
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-149
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
an-x-request-uuid
2c8950c8-d6e9-41ce-9ec1-770945231ca9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=460747949242986076
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-149
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ixDaez5AVdZF4DNCFeqHeFD_B2o
Date
Fri, 01 Dec 2023 15:21:00 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654&google_hm=M2E5MDEwOWYtYjkyYS00YjFhLTlhNGQtN2U4MGI1MjVlNjU0
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEL5c7f_E4bLIWxm44izomu4&google_cver=1&ssp=sonobi&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEL5c7f_E4bLIWxm44izomu4&google_cver=1&ssp=sonobi&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
Protocol
H2
Server
18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEL5c7f_E4bLIWxm44izomu4&google_cver=1&ssp=sonobi&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=a67ba03c-617d-476d-88db-4bebbf72287c
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=a67ba03c-617d-476d-88db-4bebbf72287c
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=a67ba03c-617d-476d-88db-4bebbf72287c
Protocol
H2
Server
18.203.77.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-77-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-051157d8a.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
DkNqMLAkSfc=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0be72ca59.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Ioy9GiMSSko=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=a67ba03c-617d-476d-88db-4bebbf72287c
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ 		47 B
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 15:20:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SWJ441X5WC7RBAF6PMJ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
generic
match.adsrvr.org/track/cmf/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433831325024601
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433831325024601
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-149
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433831325024601
Date
Fri, 01 Dec 2023 15:20:59 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ID1=a67ba03c-617d-476d-88db-4bebbf72287c
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=a67ba03c-617d-476d-88db-4bebbf72287c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.228.164.13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ecm3
aax-eu.amazon-adsystem.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=a67ba03c-617d-476d-88db-4bebbf72287c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=NgN4c1-GAaKB6HHSyqr00BkNvBuxe6Z34JC6aLCwSRc&pi=sonobi&tc=1
49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=NgN4c1-GAaKB6HHSyqr00BkNvBuxe6Z34JC6aLCwSRc&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-149
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=NgN4c1-GAaKB6HHSyqr00BkNvBuxe6Z34JC6aLCwSRc&pi=sonobi&tc=1
pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT, Fri, 01 Dec 2023 15:20:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=a67ba03c-617d-476d-88db-4bebbf72287c&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QlVlSno0ZzlQWHdyaWE3VU52Vmh3QQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAeauOwoNIt5nWN3J1CwNEE&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAeauOwoNIt5nWN3J1CwNEE&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-rvnf5
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAeauOwoNIt5nWN3J1CwNEE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YTY3YmEwM2MtNjE3ZC00NzZkLTg4ZGItNGJlYmJmNzIyODdj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIIezllT3W2NY8GrcVypOek&google_cver=1
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIIezllT3W2NY8GrcVypOek&google_cver=1
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://securityaffairs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-149
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEIIezllT3W2NY8GrcVypOek&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b6931342ce0a4afaad148709b51fe102.gif
cs.admanmedia.com/ Frame 1AF0 		0
0
setuid
sync.quantumdex.io/ Frame 1AF0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=7923360302074992619
  • https://sync.quantumdex.io/setuid?bidder=between&uid=11c8e683-1115-524f-8598-bd1de0f144c1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=11c8e683-1115-524f-8598-bd1de0f144c1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec5140ac4e0476-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=11c8e683-1115-524f-8598-bd1de0f144c1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
v1
match.sharethrough.com/FGMrCMMc/ Frame 1AF0 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.110.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-110-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:59 GMT
setuid
sync.quantumdex.io/ Frame 1AF0
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a18813dc-d937-3599-a764-e567eeb7dd58
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a18813dc-d937-3599-a764-e567eeb7dd58
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec51405bae0476-FRA
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a18813dc-d937-3599-a764-e567eeb7dd58
pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
cache-control
no-store
content-length
0
expires
0
0.gif
id5-sync.com/i/495/ Frame 1AF0 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 15:20:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 1AF0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8128597431222216387
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8128597431222216387
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec513e38060476-FRA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
an-x-request-uuid
08f5356b-2e67-408d-844f-fcf20c83324d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8128597431222216387
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame 1AF0 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Dec 2023 15:20:59 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
s.ad.smaato.net/c/ Frame 1AF0 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:23 GMT
via
1.1 25d46f0dbca17b9a78cca036e17d8ad2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
age
36
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
Hvwb3K6L3wDFtJ0Ecie1swuHr4SwjQ_boohP3rFf7T9BcWtynQmNuw==
usermatch
ssum-sec.casalemedia.com/ Frame 3FC2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
803 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8a55d3a4e293d156715621476cf80c52abdb44426fdc0460288acdc961118a

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82ec513e89a22681-TXL
content-encoding
br
content-type
text/html
date
Fri, 01 Dec 2023 15:20:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00AWTms6IHlLxRjykatHefdweCN8%2FnzHmnLbYw6zgaK8FSHREwqyE7K8QUkk%2FjinfDdP%2B1XcFQTF3yw1WfggxzwzSoGAw%2BblI6y9UdanJ9cLDv14Tui5T6LkQ%2BAynkp8DlMPD8MQ0j%2Fj8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82ec513e087b2681-TXL
content-length
0
date
Fri, 01 Dec 2023 15:20:59 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7tqWL9AaiagnMJ16G4PUKStgIX1Dgyapf3qgQtYsUjijE2A3rgFK9hl4vY%2FHglyRQxhCUJld%2FPAneTHI3ReQ2qTPyELD7NLcFVMsIIACwh2KhHZN89FT15NLTBSEU1iKUuHRjUIBaFmGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame 1E68
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82ec51400b150476-FRA
content-length
43
content-type
image/gif
date
Fri, 01 Dec 2023 15:21:00 GMT
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 01 Dec 2023 15:21:00 GMT
etag
OPTOUT
expires
0
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA3B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31660
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 01 Dec 2023 15:20:59 GMT
expires
Sat, 02 Dec 2023 00:08:39 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame CB62
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
51b9b709646893684718b09b32bf886362532b2ea54c5f473cbca6c7e65aa896

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1347
content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 15:20:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 01 Dec 2023 15:20:59 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-sync
sync.adkernel.com/ Frame BF34 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 01 Dec 2023 15:20:59 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame EAFD 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 01 Dec 2023 15:20:59 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame 9DD6 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 01 Dec 2023 15:20:59 GMT
Server
nginx
user-sync
sync.adkernel.com/ Frame 95DC 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 01 Dec 2023 15:20:59 GMT
Server
nginx
/
onetag-sys.com/usync/ Frame AA16 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1105 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-45-225.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
0
content-type
text/html
date
Fri, 01 Dec 2023 15:21:00 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
PugMaster
image6.pubmatic.com/AdServer/ Frame 626B 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22949890&p=157940&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:58 GMT
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame CB62 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
ebda
eb2.3lift.com/ Frame CB62
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUzODAzMjM4NDAwNTc1MDUwNzkwMg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CB62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGOZ6W62oN9byv2eRIM_qFY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGOZ6W62oN9byv2eRIM_qFY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 01 Dec 2023 15:21:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGOZ6W62oN9byv2eRIM_qFY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CB62
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUzODAzMjM4NDAwNTc1MDUwNzkwMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUzODAzMjM4NDAwNTc1MDUwNzkwMg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzUzODAzMjM4NDAwNTc1MDUwNzkwMg%3D%3D
date
Fri, 01 Dec 2023 15:20:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame CB62 		0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3538032384005750507902&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:20:59 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BBF74DA115C34E6FA04A0B45AD65C833 Ref B: FRAEDGE1419 Ref C: 2023-12-01T15:21:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLdFDQY0yFXx2WMCbOMQ==
3538032384005750507902
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame CB62 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/3538032384005750507902?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:e656:41e3:3e80:bff1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame CB62
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3538032384005750507902&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=1da976f9-a048-4d93-96ca-88eb61de1045&expires=10&ssp=triplelift&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=340&user_id=1da976f9-a048-4d93-96ca-88eb61de1045&expires=10&ssp=triplelift&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
18.158.157.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-157-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
cache-control
no-cache, no-store, must-revalidate

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=340&user_id=1da976f9-a048-4d93-96ca-88eb61de1045&expires=10&ssp=triplelift&bsw_param=3a90109f-b92a-4b1a-9a4d-7e80b525e654
date
Fri, 01 Dec 2023 15:21:00 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
2ud2PwItjdRZ_NR7lt9goGMII-dBWomq_aPKNpDOX__0mCNwM4UZZw==
x-cache
Miss from cloudfront
usersync.aspx
dis.criteo.com/dis/ Frame CB62 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
166273
expires
Fri, 01 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CB62
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8128597431222216387&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8128597431222216387&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 01 Dec 2023 15:21:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
an-x-request-uuid
a39ae5f3-019c-4dc8-9cd0-cd03d953469f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=8128597431222216387&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame CB62 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3538032384005750507902
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:20:59 GMT
an-x-request-uuid
701f8fa9-7c64-46d6-b2bc-328b2cc1e4d3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.106; 80.255.7.106; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3FC2 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 3FC2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWn520t.CR2occVOiCeRVgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIG0JAdOnMVyCBSY3QIVEBY&google_cver=1&google_hm=2
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIG0JAdOnMVyCBSY3QIVEBY&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYUSY9a0gRbJINJq1UqqrW0GyKYRViYPdpl4JIlP2BjkCIhhmCi29yD3rPSDwVcVprR3d%2BSuzQFYjvcottFGBXFVsXht18MAS%2Bkuv57W1rRUUEAegz3fcIWQnEST7BeYj4IhAabzBD8Pmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ec51404f9f4528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIG0JAdOnMVyCBSY3QIVEBY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
live.rezync.com/ Frame 3FC2
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWn520t.CR2occVOiCeRVgAA%261139&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZWn520t.CR2occVOiCeRVgAA%261139&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=bb3a8d717711469185f7f6e68ee62e30
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bb3a8d71-7711-4691-85f7-f6e68ee62e30
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 3FC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWn520t-CR2occVOiCeRVgAABHMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL-nDPCZ_HhHUHxWMnCCajQ&google_cver=1
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL-nDPCZ_HhHUHxWMnCCajQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb%2Fm%2F%2B9ujlV0V%2BbzmBgrEqKEAzlcKeHnSmOqCL%2Bs4VrietSe4phNXSJtEo1qbJ%2Fr6ah4qmPZ4x%2F6qCZN79Qlquug3XLs2p6KuJO7DVGX9jugJ%2B1WcEQ2SH5UIxm2EdGSQ2aq4NBH7CxwKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ec513fee974528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL-nDPCZ_HhHUHxWMnCCajQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3FC2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=IxKkoXMe9vs4FKKoIUS_r3NDpKk4E_ChLBakFW7M
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=IxKkoXMe9vs4FKKoIUS_r3NDpKk4E_ChLBakFW7M
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D0P%2BIuY1XhMFCHH1zmRlMijQdjFT4%2FFj%2Fv4UirEvj3xDmN4JS%2B9Z9nwhlZqSgjhyIX%2FCCylBDtXtr3RFoxLYX4XBLWv%2FCEAUYPpHnMqQaUpusM8FJSwO5dsULgA7EhhbXJkAHRKtsMrHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82ec51407fe14528-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=IxKkoXMe9vs4FKKoIUS_r3NDpKk4E_ChLBakFW7M
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 3FC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame 3FC2 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.186.244 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 01 Dec 2023 15:21:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 3FC2 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 15:21:00 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-1
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
setuid
sync.quantumdex.io/ Frame 3FC2 		43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZWn520t-CR2occVOiCeRVgAABHMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 15:21:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82ec513faac30476-FRA
content-length
43
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/b6931342ce0a4afaad148709b51fe102.gif?gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dillumin%26uid%3D%5BUID%5D
Domain
live.rezync.com
URL
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bb3a8d71-7711-4691-85f7-f6e68ee62e30

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| gtag object| dataLayer object| vitag object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| swv object| wpcf7 object| Main number| uidEvent object| bootstrap function| WOW function| moment string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| local_data function| IsEmail function| commentliked function| commentdisliked object| _stq function| onYouTubeIframeAPIReady object| gaGlobal function| st_go function| linktracker_init object| wpcom string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag object| gaplugins object| gaData object| wp object| twemoji function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| getEidsByVLI function| __tcfapi function| __uspapi boolean| __VLICMP object| GoogleGcLKhOms object| $sf object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _aps boolean| apstagLOADED object| apstag object| googletag object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| observeElementInViewport object| apscustom function| __tcfapiui string| cnsntv2 object| Criteo object| sas object| apntag object| _ADAGIO object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139

58 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQiIbgr8IxCgoIkQIQiIbgr8IxCgoItAIQiIbgr8IxCgoI5gEQiIbgr8IxCgoIhwIQiIbgr8IxCgoItwIQiIbgr8IxCgkIOhCIhuCvwjEKCgiMAhCIhuCvwjEKCQhfEIiG4K_CMQoJCB8QiIbgr8Ix
.securityaffairs.com/ Name: _ga_NPN4VEKBTY
Value: GS1.1.1701444055.1.0.1701444055.60.0.0
securityaffairs.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
securityaffairs.com/ Name: cookielawinfo-checkbox-non-necessary
Value: yes
.securityaffairs.com/ Name: _ga_8ZWTX5HC4Z
Value: GS1.1.1701444055.1.0.1701444055.0.0.0
.securityaffairs.com/ Name: _ga
Value: GA1.2.1450617827.1701444055
.securityaffairs.com/ Name: _gid
Value: GA1.2.573567184.1701444055
.securityaffairs.com/ Name: _gat_gtag_UA_59069958_1
Value: 1
securityaffairs.com/ Name: __ppIdCC
Value: aexuritywddwira_xon2179144495551.
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.prebid.a-mo.net/ Name: __amc
Value: 1_1701444056_1701444056
.go.sonobi.com/ Name: __uis
Value: a67ba03c-617d-476d-88db-4bebbf72287c
.go.sonobi.com/ Name: _usd_securityaffairs.com
Value: 0155298a-348e-4b1c-954d-61fe572073ba
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 28909255
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 28909255
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 28909255
.quantumdex.io/ Name: uid
Value: 7baac160-fb5e-4093-b446-8fa2099c2cd9
.creativecdn.com/ Name: u
Value: 5WogT65Za2OV6apAndbC
.creativecdn.com/ Name: g
Value: 5WogT65Za2OV6apAndbC_1701444059659
.creativecdn.com/ Name: ts
Value: 1701444059
.bidswitch.net/ Name: tuuid
Value: 3a90109f-b92a-4b1a-9a4d-7e80b525e654
.bidswitch.net/ Name: c
Value: 1701444059
.bidswitch.net/ Name: tuuid_lu
Value: 1701444059
.ads.pubmatic.com/ Name: KCCH
Value: YES
.demdex.net/ Name: demdex
Value: 13883405366463874992476594912318673535
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ2MjUwMjEzMBTiM9Q1SC8r9nG3jMoyMvAHAI4RjDUlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ2MjUwMjEzMBTiM9Q1SC8r9nG3jMoyMvAHAI4RjDUlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtobmBoYmJiYGppbmEGAEtvP7EQAAAA
.adnxs.com/ Name: uuid2
Value: 8128597431222216387
.dpm.demdex.net/ Name: dpm
Value: 13883405366463874992476594912318673535
.3lift.com/ Name: tluid
Value: 3538032384005750507902
.casalemedia.com/ Name: CMID
Value: ZWn520t.CR2occVOiCeRVgAA
.casalemedia.com/ Name: CMPS
Value: 1139
.casalemedia.com/ Name: CMPRO
Value: 1139
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6746b1382751660a
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2GVTvB#jl!]tbP6j2F-.aDE7BAf@@gm4JydWJlJk^^WFcxv2mcxu3XidNI6uC4T@ki'Hq*g0D(RA0EJ
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIzNTM4MDMyMzg0MDA1NzUwNTA3OTAyIiwiZXhwaXJlcyI6IjIwMjQtMDItMjlUMTU6MjA6NTlaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTItMDFUMTU6MjA6NTlaIn0=
.doubleclick.net/ Name: IDE
Value: AHWqTUk4U4L17kXuDFbWXuDlReZmPuUe617aj64Wjg6Cun4x8nOOJ4T9APIEGY_KDUE
.go.sonobi.com/ Name: HAPLB8G
Value: s86149|ZWn53
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDc86erBjABOgSVjvJGQgRyH89_.COG%2BcGYa1vpKIpjNTF2FKBbOov9lQ2qa8Wp62ptRspM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGcZMhrjYYmEOCk2RSYKnfrz_PEwls0VDOa1ocI1WZd4EHwYBCDc86erBjABOgSVjvJGQgRyH89_.COG%2BcGYa1vpKIpjNTF2FKBbOov9lQ2qa8Wp62ptRspM
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-a18813dc-d937-3599-a764-e567eeb7dd58
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 11c8e683-1115-524f-8598-bd1de0f144c1
.betweendigital.com/ Name: ss
Value: 1
.quantserve.com/ Name: d
Value: EBYBDQHHKrjvsQA
.quantserve.com/ Name: mc
Value: 6569f9dc-3004c-7fd61-4b991
.betweendigital.com/ Name: ut
Value: ZWn53AADU5Bs7ILTFh-Fmzl8ZwNqYIfAlCug6w==
.turn.com/ Name: uid
Value: 3287801783795904929
.smadex.com/ Name: smxtrack
Value: 1da976f9-a048-4d93-96ca-88eb61de1045
.smadex.com/ Name: smxbds
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918072057181794&output=html&adk=1812271804&adf=3025194257&lmt=1701444055&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecurityaffairs.com%2F155054%2Fcyber-crime%2Fblack-basta-ransomware-activities.html%3F_gl%3D1&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701444054873&bpp=3&bdt=1221&idt=374&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3113210913209&frm=20&pv=2&ga_vid=1450617827.1701444055&ga_sid=1701444055&ga_hid=1577500085&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809004%2C31078301%2C44807406%2C44806141%2C44807764%2C44808148%2C44808284%2C44809071&oid=2&pvsid=1231308203232713&tmod=2114860877&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=388
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=a67ba03c-617d-476d-88db-4bebbf72287c
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=a67ba03c-617d-476d-88db-4bebbf72287c
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
ap.lijit.com
apex.go.sonobi.com
api.cmp.inmobi.com
assets.vlitag.com
bh.contextweb.com
bidder.criteo.com
buttons-config.sharethis.com
c.amazon-adsystem.com
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cmp.inmobi.com
cms.quantserve.com
config.aps.amazon-adsystem.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
d.turn.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
i0.wp.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
l.sharethis.com
live.rezync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.wp.com
platform-api.sharethis.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg-apac.smartadserver.com
px.ads.linkedin.com
px.vliplatform.com
region1.analytics.google.com
region1.google-analytics.com
s.ad.smaato.net
script.4dex.io
securepubads.g.doubleclick.net
securityaffairs.com
services.vlitag.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync.1rx.io
sync.adkernel.com
sync.go.sonobi.com
sync.quantumdex.io
sync.srv.stackadapt.com
tpc.googlesyndication.com
useast.quantumdex.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
cs.admanmedia.com
live.rezync.com
104.18.36.155
142.250.186.130
145.40.97.67
162.19.138.120
173.231.180.197
178.250.1.9
18.158.157.189
18.195.110.104
18.203.77.106
18.238.243.129
18.239.81.30
18.239.83.131
18.239.94.121
18.66.112.125
185.184.8.90
185.64.189.112
185.86.138.16
185.89.210.122
188.42.34.65
192.0.76.3
192.0.77.2
193.0.160.131
198.47.127.19
2.19.244.232
2001:4860:4802:32::36
208.93.169.131
216.52.2.6
2600:9000:20a0:a600:1b:cadc:ef40:93a1
2600:9000:2190:8800:1b:5138:8a40:93a1
2600:9000:25e8:a600:c:abe:f440:93a1
2606:4700:10::6816:2560
2606:4700:10::ac43:15e3
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:3031::6815:90b
2606:4700:3037::ac43:9e3b
2606:4700:4400::6812:22b2
2606:4700::6810:5514
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::7
2a05:d018:d29:3605:e656:41e3:3e80:bff1
3.127.99.172
3.227.140.6
3.33.220.150
3.69.206.167
46.228.164.13
46.228.174.117
51.89.9.253
52.48.186.244
54.147.45.225
54.172.57.125
67.220.226.233
69.166.1.32
69.166.1.34
76.223.111.18
77.245.57.72
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
034ce5c1afce7b029a47a71e6caf37b3ab864964d0964a6f9629d5306e5b8d91
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09587fd0b4c984573371a553f082e27c4e4ba98f65130e1b1eb7c0b7699509e5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1167dd67ebefd8738056c6fa7d7745670e0a51d400e3900c3f1a704ca8a4e768
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2
1536d07b6af9e6b855c692e59c9464e7f17dc211a4b17380f5a8b50ab13fe8df
165d6cf0440273d98a7ff9e3a3c996af430f251f139ce41bd21d2b995291a0ff
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
1860f1e863bb560a9fb9ce20c26a86d247bc0e344c1d699a64dbcb0e2ac8df12
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1977899f722e69cb4aad9ecf2a5a1535eb55111ea3bbff0e7d30a5fb2e48bb0d
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1df70b268a34a8036eca2f536d670f59e142b877bf09ad993aec61417c7a4870
1e0352c858984ddb68c11c0b8265ea2ae72ab8d29b4471f888d4cbd95fe881ef
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2961493894938b42780a3d6415e97eb3795824ec19f44c274416131e404c8033
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b8d70ba024451869d7387f12574502384e00f86842c18a772d3d6c64a59cd07
2c03404e75c3b5dd3190080d5b678433a88aed86b17fba7685f8a36950414fb8
2d0ee8b9f5976ae2dc3eefb7aace301d8540ad3d5f01c88f5049b3b7257a1d2f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
352713dc5ed16b11540cb8f293837e5f9dbdbec0fd8d5d60410bb0a5723fc682
4485dc3684588728bba3e5fbbe902c36ad1ec1b47480cc62c911a9403bafecc3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e84df5c3072a47db21020cfdd0daa84c31e314ca97cb9782e5ecca1011144c4
4f09a6853ba2b41f3d45fc84697570f54e91d23d862c6e51bc64bee90b7f83e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510
51b9b709646893684718b09b32bf886362532b2ea54c5f473cbca6c7e65aa896
51e18fa3a179268df5763ae93f237dfa9ab4733b4e2791fe3cfeecca702a8832
5220bfc9416c5b55c41b39baaf1744ed2ce2bec1b0e77382067dea40eec68ba2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ab51d0350fc1d76c1a1e1a4437b33ce5a1ac17d5363d1bbfb137385444d031
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
603ceb9f9ea34b13fc3bf72099f8262ed4e86d3aa2c1a515e9e81192f7b2d142
616601cc90fd7fc8f7c377372b1bc3dc26aa2b87784010d1cd3bbbe1227300b7
61b5d4f52ec96a0aef85f731e618cb627749775534ae86976446f42350757392
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d416f80ed9468eaeaec1aadbb33145f69565e86430cb30f8f787e5496342ee4
6ebea5f7ebaab8e2f493947e143b6c9a6734d230aa111ecf8ae83fa21afe09a1
732fe1ff87d948c44d6d26af7aa89d8e1eb9eb8e00c372dadbacb51c0ba5865d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
79ef2c493105913ae8a012433b49e73fec9f4e3dfaf70723bcf66c3e3e0e09e9
7a65e356551523b3a3222147ddb49ea4dad9b21d38a9b590effd45d55fc94d03
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7efcbeb7183157646257bbe5f3da5cb1bb4a368419638bcad34ac0f67a49b37e
804aa2016958413450a7751d3d63ea718f0ed5c5af48b65d765adf9ab2f1b139
82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501
84e1de7132433ebaa0845af00ce1812287ba004d8288bf78b455f1d9f494f2ab
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a8c0bd86eee0230682ed29c5e30936b6b14ab02e1586692840ef8ea4de9dda6
8a9fed1c494cb46f7da6d06bf0647df65fce52b0cd64ad846cef6a13e649aaa3
8cb19dd370d8a0dd9ee570e546a789c88840bd443082943f099e4c87cdfff2bf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90b1f6082b0cf09c59ad2a5b87d3e0ab87eadf37c9b0b791318adfaae1a4b0d4
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f
917713a1f617f6afb7a5f47261fc08b33696500aad878a0817a0da06e83bab49
92c6adcb11c71980a023ed138aa801d17998e88ec08fcce1fafb8491beb80294
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9701e3cc721b444361494b8586b90ce11a0a0fc7964c0220e2263dd836d0a254
99f5e36b0dab7672ec2fe4ea1edd30c6ef56c353d942443f092869733a9b8548
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a21e3d4b193d36cbfab4d9cb007c5f531c86b7c3d5fbadc0ea2a20296330d536
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a4368f99d0cee44d05f18e6336ff6e5aa8d75f04f69d9b9123f4f8eda6955bd6
a7ccf4d646a1b0a5954dfccc725c7cba62ea0442434dbe3656f1df25e457b1de
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac825c2e7eb874cfe862111097aa63158b575df11b0ea342814a5bc55f450b66
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b253964206a6ce075557f8735e7b57268338885e821f317bc63c6616e75c7b60
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
bfc6883863d1d8dc27b491556f0f91df31da6a3f86fa1d9d8dc8686e067bd8a0
c696e0b058138e41157ab0a7fdea44a11fddfa5235c6ac81a84aaf4ed931b1d8
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
db984b0b0383ae3b1b7ceb9569f9c3fb6e99174a89a92c992fed6e2427ef027d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943
e215c459f6b636decefe1e4bb3999a3ba5798248e6868ade99ec4e30c9acfc4a
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaade0e5f063f06ba9ec0303b6e2cf134e7e7ddedce6b51813880fe52bbb5de2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02f250ed8982087165160ca06daabbf999b6260a40e84e9ccbeadfc542fe272
f36324ad58ad455cb3b2ed61e5e7326afb3de6988fe5c592ded25598f13405a2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6c1b56d72a2f838340b55bd9d710f9a051807d641bf97e111ac9e3ade664911
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8eea29a69a5f1252bfb0b35b699c8cb9ac950d15c2151649be28be9d4df64c0
fd8a55d3a4e293d156715621476cf80c52abdb44426fdc0460288acdc961118a