urlscan.io logo urlscan.io
SecurityTrails logo

threatpost.com Open in urlscan Pro
35.173.160.135  Public Scan

Go To Rescan Add Verdict Report
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Submission: On November 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 118 IPs in 13 countries across 109 domains to perform 546 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.
This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 35.173.160.135 14618 (AMAZON-AES)
9 143.204.98.20 16509 (AMAZON-02)
4 142.250.186.130 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
19 2600:9000:215... 16509 (AMAZON-02)
11 2600:9000:215... 16509 (AMAZON-02)
4 142.250.185.164 15169 (GOOGLE)
7 143.204.95.188 16509 (AMAZON-02)
1 21 151.101.194.137 54113 (FASTLY)
1 142.250.186.136 15169 (GOOGLE)
15 3.130.74.217 16509 (AMAZON-02)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 64.140.160.2 18450 (WEBNX)
14 142.250.185.98 15169 (GOOGLE)
2 51.89.21.21 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
4 7 2620:116:800d... 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 18.197.116.184 16509 (AMAZON-02)
3 35.157.246.167 16509 (AMAZON-02)
10 52.211.212.107 16509 (AMAZON-02)
1 24 34.98.64.218 15169 (GOOGLE)
5 185.64.189.112 62713 (AS-PUBMATIC)
3 15 185.33.223.38 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 213.19.147.42 3356 (LEVEL3)
1 52.28.103.21 16509 (AMAZON-02)
1 3 72.251.249.14 29791 (VOXEL-DOT...)
1 4 147.75.61.140 54825 (PACKET)
2 8 134.209.129.254 14061 (DIGITALOC...)
5 23.37.38.181 16625 (AKAMAI-AS)
4 2602:803:c003... 26667 (RUBICONPR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 142.250.181.226 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 52.29.183.32 16509 (AMAZON-02)
7 142.250.184.226 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
37 2606:4700:20:... 13335 (CLOUDFLAR...)
10 142.250.185.97 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 142.250.186.70 15169 (GOOGLE)
2 3 104.111.239.217 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
6 46.236.13.147 12703 (PULSANT-AS)
1 1 18.196.159.27 16509 (AMAZON-02)
16 41 142.250.186.98 15169 (GOOGLE)
4 5 35.227.252.103 15169 (GOOGLE)
4 5 185.64.190.78 62713 (AS-PUBMATIC)
3 7 69.173.144.138 26667 (RUBICONPR...)
2 2 79.137.69.91 16276 (OVH)
3 143.204.98.61 16509 (AMAZON-02)
2 35.187.117.15 15169 (GOOGLE)
2 2a02:cb40:200... 20546 (SOPRADO-ANY)
2 2 63.32.201.39 16509 (AMAZON-02)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 54.77.236.168 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 54.218.247.33 16509 (AMAZON-02)
6 2.18.233.180 16625 (AKAMAI-AS)
3 27 2.18.234.21 16625 (AKAMAI-AS)
3 2.18.232.130 16625 (AKAMAI-AS)
5 5 18.156.147.57 16509 (AMAZON-02)
3 9 3.126.56.137 16509 (AMAZON-02)
7 7 151.101.66.49 54113 (FASTLY)
5 11 35.71.131.137 16509 (AMAZON-02)
6 6 185.29.134.248 30419 (MEDIAMATH...)
5 6 37.157.5.142 198622 (ADFORM)
4 8 52.46.130.91 16509 (AMAZON-02)
3 3 35.156.135.60 16509 (AMAZON-02)
2 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.4.101.239 14618 (AMAZON-AES)
1 1 44.195.123.19 14618 (AMAZON-AES)
1 1 52.214.156.237 16509 (AMAZON-02)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 4 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 198.47.127.20 62713 (AS-PUBMATIC)
5 5 146.59.148.16 16276 (OVH)
3 4 52.30.140.199 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 169.50.137.182 36351 (SOFTLAYER)
1 185.64.190.80 62713 (AS-PUBMATIC)
2 7 76.223.111.18 16509 (AMAZON-02)
1 2620:1ec:bdf::44 8068 (MICROSOFT...)
1 1 206.189.254.17 14061 (DIGITALOC...)
1 205.185.216.42 20446 (HIGHWINDS3)
6 23.79.143.124 16625 (AKAMAI-AS)
2 5 2a05:d018:d29... 16509 (AMAZON-02)
9 10 18.196.162.123 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
5 5 52.215.68.151 16509 (AMAZON-02)
4 185.86.138.143 201081 (SMARTADSE...)
1 2620:119:50e1... 14413 (LINKEDIN)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 3 64.74.236.127 19024 (INTERNAP-...)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 2 185.33.221.53 29990 (ASN-APPNEX)
1 34.247.192.108 16509 (AMAZON-02)
2 2 66.155.71.149 13768 (COGECO-PEER1)
2 3 104.111.242.53 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 35.244.174.68 15169 (GOOGLE)
1 17 52.208.210.171 16509 (AMAZON-02)
2 67.202.105.21 32748 (STEADFAST)
1 51.89.9.254 16276 (OVH)
2 199.187.193.181 47043 (SMARTADSE...)
1 1 72.251.249.13 29791 (VOXEL-DOT...)
6 6 213.19.147.44 26120 (RHYTHMONE)
1 50.19.13.13 14618 (AMAZON-AES)
2 2 193.0.160.129 54312 (ROCKETFUEL)
3 178.162.133.149 60781 (LEASEWEB-...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 35.241.40.233 15169 (GOOGLE)
2 18.195.155.181 16509 (AMAZON-02)
2 2 23.37.42.132 16625 (AKAMAI-AS)
1 178.162.133.148 60781 (LEASEWEB-...)
2 2 54.225.68.204 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
2 2 35.210.53.219 15169 (GOOGLE)
1 1 34.194.7.56 14618 (AMAZON-AES)
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 4 70.42.32.191 22075 (AS-OUTBRAIN)
3 3 185.184.8.65 204995 (RTB-HOUSE...)
1 1 52.21.104.248 14618 (AMAZON-AES)
1 193.122.128.135 31898 (ORACLE-BM...)
1 38.91.45.7 398989 (DEEPINTENT)
2 2 52.211.218.251 16509 (AMAZON-02)
1 1 202.241.208.55 4694 (IDCF IDC ...)
1 3.64.78.138 16509 (AMAZON-02)
2 2 94.23.171.206 16276 (OVH)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
1 69.173.151.100 26667 (RUBICONPR...)
1 216.58.212.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
546 118
17    35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com
threatpost.com
kasperskycontenthub.com
9    143.204.98.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-20.fra50.r.cloudfront.net
tagan.adlightning.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googletagservices.com
7    2606:4700:3030::ac43:cf70 (United States)

ASN13335 (CLOUDFLARENET, US)
qd.admetricspro.com
19    2600:9000:2156:da00:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.threatpost.com
11    2600:9000:2156:2200:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.threatpost.com
4    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
7    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
21    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
ins.connatix.com
lit.connatix.com
vid.connatix.com
img.connatix.com
1    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
15    3.130.74.217 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
capi.connatix.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    64.140.160.2 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com
geo.ipify.org
14    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com
id5-sync.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2600:9000:2156:5a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    18.197.116.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
10    52.211.212.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
ads.servenobid.com
24    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
teachingaids-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
gift-connect-d.openx.net
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
15    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
9    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    52.28.103.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-103-21.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
5    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
adservice.google.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3a0bde367e12cd1e26d08f9c9acc1b55.safeframe.googlesyndication.com
22    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    52.29.183.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
7    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads.g.doubleclick.net
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
37    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
10    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
tpc.googlesyndication.com
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
6    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
6    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    18.196.159.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com
d.agkn.com
41    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    79.137.69.91 (France)

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl
googlecm.hit.gemius.pl
3    143.204.98.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-61.fra50.r.cloudfront.net
analytics.webgains.io
2    35.187.117.15 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 15.117.187.35.bc.googleusercontent.com
neso.r.niwepa.com
2    2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)
t.adcell.com
2    63.32.201.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    2a05:d01c:1d8:8100:f976:bfd0:751d:6023 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    54.77.236.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
api.webgains.io
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    54.218.247.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-247-33.us-west-2.compute.amazonaws.com
id.sharedid.org
6    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
27    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
3    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    18.156.147.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com
pixel.advertising.com
9    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
11    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    35.156.135.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
openx2-match.dotomi.com
1    52.4.101.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-101-239.compute-1.amazonaws.com
rtb.adentifi.com
1    44.195.123.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-123-19.compute-1.amazonaws.com
nep.advangelists.com
1    52.214.156.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-156-237.eu-west-1.compute.amazonaws.com
d.adroll.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
5    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
4    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
1    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    2a05:d018:d29:3605:dc78:e42b:b41a:32a0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
10    18.196.162.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-162-123.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
5    52.215.68.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-68-151.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2620:119:50e1:101::6cae:b25 (San Francisco, United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    64.74.236.127 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    34.247.192.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-192-108.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
17    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
pixel.33across.com
ssc-cms.33across.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
6    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    50.19.13.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-13-13.compute-1.amazonaws.com
jadserve.postrelease.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    178.162.133.148 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com
go.sonobi.com
2    54.225.68.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-68-204.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4680:6bbe:49e:bc45:59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    34.194.7.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-7-56.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    52.21.104.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-104-248.compute-1.amazonaws.com
sync.ipredictive.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    52.211.218.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    3.64.78.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
match.justpremium.com
2    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net
s0.2mdn.net
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
62 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
213 KB
45 threatpost.com
threatpost.com
assets.threatpost.com
media.threatpost.com
810 KB
43 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
694 KB
41 googlesyndication.com
3a0bde367e12cd1e26d08f9c9acc1b55.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
611 KB
36 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
ins.connatix.com
lit.connatix.com
vid.connatix.com
img.connatix.com
1 MB
29 openx.net
teachingaids-d.openx.net
rtb.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
gift-connect-d.openx.net
7 KB
26 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
28 KB
24 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com
42 KB
23 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
48 KB
20 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
71 KB
18 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
7 KB
17 gumgum.com
g2.gumgum.com
rtb.gumgum.com
5 KB
15 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
47 KB
13 1rx.io
tag.1rx.io
sync.1rx.io
4 KB
13 google.com
www.google.com
adservice.google.com
4 KB
11 adsrvr.org
match.adsrvr.org
4 KB
11 servenobid.com
ads.servenobid.com
public.servenobid.com
7 KB
10 bidswitch.net
x.bidswitch.net
4 KB
9 everesttech.net
pixel.everesttech.net
sync-tm.everesttech.net
2 KB
9 webgains.io
analytics.webgains.io
api.webgains.io
154 KB
9 serverbid.com
e.serverbid.com
sync.serverbid.com
2 KB
9 adlightning.com
tagan.adlightning.com
216 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
7 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
7 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
12 KB
7 admetricspro.com
qd.admetricspro.com
324 KB
7 googletagservices.com
www.googletagservices.com
249 KB
6 smartadserver.com
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
2 KB
6 adform.net
c1.adform.net
3 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 webgains.com
track.webgains.com
202 KB
6 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
12 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 onaudience.com
pixel.onaudience.com
2 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
5 google.de
adservice.google.de
www.google.de
2 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 sonobi.com
sync.go.sonobi.com
go.sonobi.com
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
2 KB
4 a-mo.net
prebid.a-mo.net
917 B
4 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
4 googleapis.com
imasdk.googleapis.com
123 KB
3 creativecdn.com
creativecdn.com
966 B
3 liadm.com
i.liadm.com
i6.liadm.com
2 KB
3 owneriq.net
px.owneriq.net
1 KB
3 turn.com
ad.turn.com
1 KB
3 zemanta.com
b1sync.zemanta.com
2 KB
3 simpli.fi
um.simpli.fi
1 KB
3 dotomi.com
casale-match.dotomi.com
openx2-match.dotomi.com
476 B
3 w55c.net
pm.w55c.net
2 KB
3 googleadservices.com
partner.googleadservices.com
353 B
3 sharethrough.com
btlr.sharethrough.com
337 B
3 4dex.io
script.4dex.io
mp.4dex.io
24 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 id5-sync.com
cdn.id5-sync.com
id5-sync.com
11 KB
2 erne.co
green.erne.co
569 B
2 360yield.com
ad.360yield.com
618 B
2 admedo.com
pool.admedo.com
720 B
2 emxdgt.com
cs.emxdgt.com
2 rfihub.com
p.rfihub.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
942 B
2 33across.com
pixel.33across.com
ssc-cms.33across.com
2 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
2 sitescout.com
pixel-sync.sitescout.com
579 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
896 B
2 de17a.com
d5p.de17a.com
637 B
2 adcell.com
t.adcell.com
961 B
2 niwepa.com
neso.r.niwepa.com
926 B
2 gemius.pl
googlecm.hit.gemius.pl
500 B
2 awin1.com
www.awin1.com
1 KB
2 gstatic.com
www.gstatic.com
2 kasperskycontenthub.com
kasperskycontenthub.com
1 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 clientgear.com
event.clientgear.com
266 B
1 adition.com
dsp.adfarm1.adition.com
487 B
1 justpremium.com
match.justpremium.com
324 B
1 socdm.com
tg.socdm.com
694 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 contextweb.com
bh.contextweb.com
383 B
1 bluekai.com
stags.bluekai.com
1 KB
1 stackadapt.com
sync.srv.stackadapt.com
618 B
1 brand-display.com
dmp.brand-display.com
1 opera.com
t.adx.opera.com
508 B
1 postrelease.com
jadserve.postrelease.com
428 B
1 onetag-sys.com
onetag-sys.com
823 B
1 demdex.net
dpm.demdex.net
1 bing.com
c.bing.com
593 B
1 linkedin.com
px.ads.linkedin.com
596 B
1 nrich.ai
dsp.nrich.ai
486 B
1 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 KB
1 adroll.com
d.adroll.com
112 B
1 advangelists.com
nep.advangelists.com
232 B
1 adentifi.com
rtb.adentifi.com
88 B
1 sharedid.org
id.sharedid.org
213 B
1 innovid.com
ag.innovid.com
297 B
1 agkn.com
d.agkn.com
759 B
1 zenaps.com
www.zenaps.com
706 B
1 congstar.de
banner.congstar.de
517 B
1 t.co
t.co
471 B
1 twitter.com
analytics.twitter.com
675 B
1 quantcount.com
rules.quantcount.com
354 B
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 ipify.org
geo.ipify.org
586 B
1 fastclick.net
secure.cdn.fastclick.net
17 KB
1 googletagmanager.com
www.googletagmanager.com
59 KB
0 loopme.me Failed
csync.loopme.me Failed
546 109
Domain Requested by
41 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
u.openx.net
eb2.3lift.com
threatpost.com
g2.gumgum.com
28 pagead2.googlesyndication.com tagan.adlightning.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
www.google.com
threatpost.com
srcdoc
19 assets.threatpost.com threatpost.com
assets.threatpost.com
18 assets.ad4m.at as.ad4m.at
16 rtb.gumgum.com 1 redirects g2.gumgum.com
15 ib.adnxs.com 3 redirects qd.admetricspro.com
cds.connatix.com
acdn.adnxs.com
15 capi.connatix.com cd.connatix.com
15 threatpost.com threatpost.com
13 ad4m.at as.ad4m.at
ad4m.at
ssum-sec.casalemedia.com
13 vid.connatix.com cd.connatix.com
12 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
tagan.adlightning.com
12 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
11 match.adsrvr.org 5 redirects u.openx.net
ssum-sec.casalemedia.com
eb2.3lift.com
threatpost.com
11 securepubads.g.doubleclick.net tagan.adlightning.com
www.googletagservices.com
securepubads.g.doubleclick.net
threatpost.com
11 media.threatpost.com threatpost.com
10 x.bidswitch.net 9 redirects eb2.3lift.com
10 us-u.openx.net 1 redirects u.openx.net
eu-u.openx.net
gift-connect-d.openx.net
10 ads.servenobid.com qd.admetricspro.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
9 ups.analytics.yahoo.com 3 redirects threatpost.com
ssum-sec.casalemedia.com
9 tag.1rx.io qd.admetricspro.com
cds.connatix.com
9 tagan.adlightning.com threatpost.com
tagan.adlightning.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
eb2.3lift.com
8 e.serverbid.com 2 redirects qd.admetricspro.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
gift-connect-d.openx.net
8 www.google.com threatpost.com
googleads.g.doubleclick.net
tagan.adlightning.com
7 eb2.3lift.com 2 redirects qd.admetricspro.com
eb2.3lift.com
7 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
7 eu-u.openx.net u.openx.net
qd.admetricspro.com
eu-u.openx.net
7 sync-tm.everesttech.net 7 redirects
7 pixel.rubiconproject.com 3 redirects threatpost.com
g2.gumgum.com
7 googleads.g.doubleclick.net tagan.adlightning.com
threatpost.com
googleads.g.doubleclick.net
7 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
7 qd.admetricspro.com threatpost.com
qd.admetricspro.com
7 www.googletagservices.com threatpost.com
tagan.adlightning.com
googleads.g.doubleclick.net
6 eus.rubiconproject.com qd.admetricspro.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
g2.gumgum.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 sync.mathtag.com 6 redirects
6 js-sec.indexww.com cds.connatix.com
ssum-sec.casalemedia.com
qd.admetricspro.com
6 ads.pubmatic.com cds.connatix.com
ads.pubmatic.com
qd.admetricspro.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
g2.gumgum.com
6 api.webgains.io analytics.webgains.io
6 track.webgains.com as.ad4m.at
5 match.prod.bidr.io 5 redirects
5 pr-bh.ybp.yahoo.com 2 redirects eu-u.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
5 pixel.onaudience.com 5 redirects
5 pixel.advertising.com 5 redirects
5 image6.pubmatic.com 4 redirects ads.pubmatic.com
5 rtb.openx.net 4 redirects eu-u.openx.net
5 adservice.google.com tagan.adlightning.com
imasdk.googleapis.com
5 htlb.casalemedia.com qd.admetricspro.com
cds.connatix.com
5 hbopenbid.pubmatic.com qd.admetricspro.com
cds.connatix.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 sync.1rx.io 4 redirects
4 token.rubiconproject.com 4 redirects
4 rtb-csync.smartadserver.com eu-u.openx.net
ssbsync.smartadserver.com
4 image2.pubmatic.com 1 redirects ads.pubmatic.com
4 adservice.google.de tagan.adlightning.com
4 fastlane.rubiconproject.com qd.admetricspro.com
4 prebid.a-mo.net 1 redirects qd.admetricspro.com
cds.connatix.com
4 teachingaids-d.openx.net qd.admetricspro.com
cds.connatix.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
3 creativecdn.com 3 redirects
3 sync.go.sonobi.com public.servenobid.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 ad.turn.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 um.simpli.fi 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 sync.crwdcntrl.net 3 redirects
3 pm.w55c.net 3 redirects
3 acdn.adnxs.com cds.connatix.com
qd.admetricspro.com
3 analytics.webgains.io track.webgains.com
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 static-de.ad4mat.net as.ad4m.at
3 prod-rtb.ad4mat.net threatpost.com
googleads.g.doubleclick.net
3 partner.googleadservices.com tagan.adlightning.com
3 ap.lijit.com 1 redirects qd.admetricspro.com
3 c2shb.ssp.yahoo.com qd.admetricspro.com
3 btlr.sharethrough.com qd.admetricspro.com
3 pixel.quantserve.com 2 redirects threatpost.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
threatpost.com
3 cds.connatix.com threatpost.com
cd.connatix.com
2 green.erne.co 2 redirects
2 ad.360yield.com 2 redirects
2 pool.admedo.com 2 redirects
2 i.liadm.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 cs.emxdgt.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
g2.gumgum.com
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
2 pixel-sync.sitescout.com 2 redirects
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 d5p.de17a.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 u.openx.net cds.connatix.com
2 pixel.everesttech.net 2 redirects
2 t.adcell.com as.ad4m.at
2 neso.r.niwepa.com as.ad4m.at
2 googlecm.hit.gemius.pl 2 redirects
2 www.awin1.com 2 redirects
2 ad.doubleclick.net 2 redirects
2 ads.adaptv.advertising.com cds.connatix.com
2 mug.criteo.com threatpost.com
2 gum.criteo.com 1 redirects
2 script.4dex.io qd.admetricspro.com
script.4dex.io
2 img.connatix.com threatpost.com
2 id5-sync.com cdn.id5-sync.com
qd.admetricspro.com
2 www.gstatic.com www.google.com
2 kasperskycontenthub.com threatpost.com
1 www.google.de threatpost.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s0.2mdn.net imasdk.googleapis.com
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 event.clientgear.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 match.justpremium.com gift-connect-d.openx.net
1 openx2-match.dotomi.com gift-connect-d.openx.net
1 tg.socdm.com 1 redirects
1 ssc-cms.33across.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 i6.liadm.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 gift-connect-d.openx.net serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1 bcp.crwdcntrl.net ssum-sec.casalemedia.com
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 t.adx.opera.com 1 redirects
1 jadserve.postrelease.com public.servenobid.com
1 ce.lijit.com 1 redirects
1 onetag-sys.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 id.rlcdn.com threatpost.com
1 ads.yahoo.com threatpost.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 dsp.nrich.ai 1 redirects
1 serverbid-sync.nyc3.cdn.digitaloceanspaces.com qd.admetricspro.com
1 sync.serverbid.com 1 redirects
1 public.servenobid.com qd.admetricspro.com
1 simage2.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 d.adroll.com 1 redirects
1 nep.advangelists.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 id.sharedid.org cds.connatix.com
1 ag.innovid.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 www.zenaps.com as.ad4m.at
1 banner.congstar.de as.ad4m.at
1 3a0bde367e12cd1e26d08f9c9acc1b55.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tlx.3lift.com qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 t.co threatpost.com
1 analytics.twitter.com tagan.adlightning.com
1 rules.quantcount.com secure.quantserve.com
1 lit.connatix.com cd.connatix.com
1 ins.connatix.com cd.connatix.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 geo.ipify.org qd.admetricspro.com
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 www.googletagmanager.com threatpost.com
1 cd.connatix.com 1 redirects
0 csync.loopme.me Failed ssbsync.smartadserver.com
546 176
Subject Issuer Validity Valid
threatpost.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
assets.threatpost.com
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
media.threatpost.com
Amazon		 2021-02-04 -
2022-03-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
kasperskycontenthub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
cdn.id5-sync.com
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.a-mo.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
e.serverbid.com
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-10-22 -
2022-01-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.r.niwepa.com
AlphaSSL CA - SHA256 - G2		 2021-03-15 -
2022-04-16		 a year crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2021-09-20 -
2022-09-20		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
id.sharedid.org
Amazon		 2021-01-08 -
2022-02-06		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 81 frames:

Primary Page: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Frame ID: 3E393052DF1D6B0FF91088DE524392B9
Requests: 121 HTTP requests in this frame

Frame: https://cds.connatix.com/p/137217/connatix.player.dc.js
Frame ID: 319A93A9A753361672B02566EBE4F237
Requests: 30 HTTP requests in this frame

Frame: https://3a0bde367e12cd1e26d08f9c9acc1b55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D7BAAA6BC54E723241A9B4491CD41D87
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-f821a95-45fe27db.js
Frame ID: B614080DDF783237338CFEE37BF3AAA1
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-f821a95-45fe27db.js
Frame ID: 1915439A4B454424BF23D1EFF1DC4750
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-f821a95-45fe27db.js
Frame ID: B0DBA698438F80C33B1399B5A0CF87C6
Requests: 14 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Frame ID: 1230E4575BFF999A56FE38252E55C167
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: 49AC8FF97B593E9FF64A8F20841E6F11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Frame ID: B60DFDB553487AFE5EFF76602674BAAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Frame ID: 840CEB6781639B7C2C6C628856B31C59
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Frame ID: 16FE99B16C2C35BBA436AC268DE745A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjDKO1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOcBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW1w6NYnCN0IbRTnuUK-NpJJrkNuJZifZeeNzAJIMBcpgWWyJwTlbpgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzUwMDU5MzIzNjcwNzMyNRgA&sigh=E2YGpG22NY4&uach_m=[UACH]&cid=CAQSOwCNIrLM4RBzIrICv8Srq4sRK6c7jKMV8x2tutnRJ7jExmUmUdkWBbkpSLYoCPGSys1s6XJDuHan6wDqGAE
Frame ID: 3BC4DAA9AC7738716610024E59E13D5E
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hmmkwgtdy7347g0pm7x3t7z6a5e0njkkzntq6h1bqc08gn2keg2z1z54xg1kgyas8xzeb1tjsz9pphpb05mtwkd844yzahanz25j74fqvspd4emwdz0bcjz0nd3rav7bgx1wrrmmfrva7r91h1tts7h5yzxpn3pdf8bf74qd4rhy3xx7td7d5dhf0hpnz26qbg3tgwcdr784b6w0jca67jk4w6622tw4rgke8ep8vjk6419136a2pz1t5j0a534zbpjxpgksgnn19gep2c4z6g6j5wxr5z4mk3qsechx4jcnpzckbsbxs7dsbe417fe4147xznxhys07dgvk8n1fwhhnd2qw4rp6qcn5e19hvw2mrn9ega501rmnkwg52hyk595qbpz02b16z3nb0kdkcyb2mn3dh0162466kjz323j5wqr0y90&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%26client%3Dca-pub-7500593236707325%26adurl%3D
Frame ID: CA3D4A385AE95F968E9525818AB59EB3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 98C855E2CCC158D12C81A04F554116F7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: ED9729E0DD00B7845A781E3EA454C5FA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Frame ID: 86B941007C1D702779D6EFD18CF0C1CC
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jr2nf9b03ngkytkw83rpbp8zrffyt98gmczp8zh63gdahkkbqbwja3rded00rdvmq36s2m5xz26jhrpeat3hpx0zwp3d7epjy1abp0ek9ce317z5p80p74ev03dtd7zs0dzhq02c6cgtasyg1x5w6nryd2p6bqkkgkmnc56j0n61zgdt1ch4ywxmdmh9m0kqrjc005hght9thyv7pk2ktcjnb2nhr807n4rjd8yqkxxm1e369jxa7yvf9xb0eywa6kqp1hk32b9ztrr2zv6220m85re6j9pr5y0kmzr6yce42bq3r311ekwnsfqjvxcyjw74bmwvbd26kfertvmq57ek8vkbssepy2rprjwfkty2mbnvprxgqs0v5cs9xx5bneaae83hrnhkhsmcgp32n2spwrxhgc46nvprr2bn7ranfvx1d18c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%26client%3Dca-pub-7500593236707325%26adurl%3D
Frame ID: 6869C56FE7FBABC1C317FB3D057BDBF3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Frame ID: A8B8453B560D8BB95FF1A88158A91212
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5147BE5A5EE3FB92ADAFBA2B6B7E3441
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g8mdz8hmc582r4ws5qzw36grtb5wsn8g559scgxf8ccf9vn4p6enrrf3ag5nj39de76m7rajbk21cejy1jsds3jmngn6vfn2z13zatnevw6c9tbb16a6yzzgtrfkgpvyhd72nw713e60yyftfz9n1wajqjzar7wjdhk50m8gwr7ag7cwgrvg70bmj9750mja6x17wvjjj9ew81jvjndxmb3hg3g94kttdhgjz2p3jbvkmfj9ggg7d192e17kv7w0qh8mssa2nxcfhhcnm9f06tayte1vx7ywhrsyzwkjnw91fhndfa6far385vynmwgh7wz1a77krn8wq1rz86158z25y0e4ywnye0xgcs6ryg14neejpswf3jyrbz4xtg92cjsa09fjnayap9hfejsxk6g8f7094wb7vnwps414y27hss9chpf6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%26client%3Dca-pub-7500593236707325%26adurl%3D
Frame ID: A3C8ABD48CBC3ECFABB856CC482BB5D9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B702FAA05CEFA64DA728CD726BA3115
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 06D3FDDC7B43CE73C8C0E0761DA3E277
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 356444F5B513D4024A590118C162F657
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Frame ID: 357F7BAE304876EFA793D587012CB887
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Frame ID: 6658988B40E8025A193D2F4BF3351D79
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 38CA6ACFC067608534A19950CD487649
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 70913310E06708A507FF2796121584D7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1C470C18F09FFF569AEBA5B615EA703E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 287B76EC8528DF8524B6AF4844321E66
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 5C28EC67BC4059F838960D992E7DDBC5
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1936E4FF16B2FB09FFC890FB3838243E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4067D1277557ED95A30DC12C91E26F90
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8B9C54AD7016DB70A046ED9A6947137A
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 851861B85BBBE0E704274064CAFEA773
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 59C4537E3B3CA76D1ADA66E54C0C1C3B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: 408E72BE552059569731F402C96B7786
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 1185FCC6614E8CE5FD267F03FF7FFBBA
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D439814482B2464185D66F14581EE88E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4C42432F0C9A1F57E0BC47413531C657
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=502FA0C1-CAC5-4BEE-A99D-DBA3F6E1253D
Frame ID: 09C937AE72D56D03FD61D0BD44E6898F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1853969869881666058
Frame ID: 102755429C0A8A2E88DC79C8AB702E44
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CB234D1AB241705A793472F2939BFC0E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D68594C713B97EE914E0EE4597FB2A6F
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 7B731B49D60AE627467C5184CC83D9D9
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: AF7EA5A08EF9AE19E75754ECC22A17DA
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: 17EEE7FBA5A30E7E5D44EBF562EF0E17
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A7A1E6568705E6075AF071FC9E4111CF
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A0CD8D806D61A39D22AA1C06436C2FEF
Requests: 9 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Frame ID: EE141ED95998ABE9CA3C22B96594DF79
Requests: 8 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: 81F4C5492F0E3EF13ED6449C4FF9629F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 67E3D6FE55B04ED110F53E11EF5A985F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 40DE76F863CBA29E6518F9DE38620137
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: C2F611C9FEBCD83FE2EADED0410D77F0
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 27A765E4C0D35600A50ADF7665C61DD3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 25AA3029653FE5F4A5D399F36D3C2D75
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: C5A76C82FD370D5C18C745CF3EB3C285
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: CDEC770326A2AB87312BFABD3792E69A
Requests: 10 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: 27E8A6C1B79C02E35A927405C048E63E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: C0638C9C49C02C899B8B156AC847880E
Requests: 3 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: BBC6B2794F5716E53F7C5D909086B142
Requests: 1 HTTP requests in this frame

Frame: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Frame ID: F31DEE902F46729680206F5707A793B2
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 6C0FA57D7073AEADADD90154EF45BCBE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 6B9F8C2966BB7ED5160569FA6D7E2B8A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&t=1639064794
Frame ID: 41B31D2842C78771C09389358F017240
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 7D721B2C4B0D582B01F481C6A6083B79
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
Frame ID: 1E5A0DCBC4E8A460B018ABF98A4CF452
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YYqX2QADSdA1_wAz&gdpr=0&gdpr_consent=
Frame ID: FD9F877E087EF5E50592C2D197DBE8D9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83MWRmNTliNi0xNTQxLTQ5NmYtYTk1MC01ZjE3OTMxMWFjY2U=&gdpr=0&gdpr_consent=
Frame ID: 39D3AB4882BBE84D80BEA09C669303DF
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 0973374A410D3DBCDA2F6D8E67A70205
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 8284BAD24974F3BFD55F396632827708
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YYqX2sCo5tAAANZXUlEAAAAA
Frame ID: 959417F0214EBC5C88D0109C1CA0CA0D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5107433821652090395
Frame ID: EA598E0830A224940297094C9FE313D9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=t9ueJBgzABUhX6pDgDtF&pi=gumgum&tc=1
Frame ID: D7B9788B85146E6EF40BF3B7BBC9A8F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 736495E133FFE8A77E983C54D45D50E6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CFB7F6130C39D04C79290A9AD02D60F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 46DB2C98F974F7B910AD0122B8DD15CC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 51614496C7FFDCA964B836C5ACF2C1EC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Frame ID: 95B06316EFC67FE0459B91913CF9CB0B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 83F744AF50169AC8D0DFFFC005C9AC37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D12B6B22AF5DA84EB09DC3BF6D8757BF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E41416486B431927EB4939BFE348D082
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Robinhood Trading Platform Data Breach Hits 7M Customers | Threatpost

Page Statistics

546
Requests

80 %
HTTPS

23 %
IPv6

109
Domains

176
Subdomains

118
IPs

13
Countries

5201 kB
Transfer

12692 kB
Size

140
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/137217/connatix.player.dc.js
Request Chain 142
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=pLfkQnxJVlg5cWZoZ0I1RnM5ckJYa3ByUzBsdjlmdFZucWxDdzFzRWtIQ2FkYUY3SHpydTZ4SC9TRkVKOFd2MmQ5cXZGT2I0ZUR4K092NDV2dnRnaUxBV0tCWHQwWkk4NkRZckp0dkRyT2ZKdHV0WlFpMzhoa3hSamFucnAvUFJSZnQ5QnFRekU1eTFqc1VPOW5jM2hYaVh5c0NQd1lIZk5LUHRQRURndk9mSFpTWDZTT2ZuK0Q5OW5EanJrWjFWRnd2bzFkZHpqdHZEYW0raEtnYzBhdDdVa2ljcjhhWDhkSnEzRERpWGV5OTBaMVpJPXw&cppv=2
Request Chain 210
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNPunJvQi_QCFdly4AodHIQEzQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636472791_35a154e0-4174-11ec-9278-2234ffce0f80
Request Chain 213
  • https://www.awin1.com/cshow.php?s=2924494&v=24521&q=416965&r=412871&pv=1&pref3=oneidWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=357c8ed1-4174-11ec-9278-2234ffce0f80&v=24521&r=412871&q=416965&s=2924494&viewref3=oneidWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&pv=1&gdpr=0&gdpr_consent=
Request Chain 233
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEtblTENIUVB6MwArnfpwso&google_cver=1&google_push=AYg5qPJymNE5agK3QPoyjj-lem92iFgs8XPFNSEvimz17VoO_4Mi3YJjoveS8PHn9Zi_MSvusswW6KjICuQlOqWtes9QcWLOaXbt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJymNE5agK3QPoyjj-lem92iFgs8XPFNSEvimz17VoO_4Mi3YJjoveS8PHn9Zi_MSvusswW6KjICuQlOqWtes9QcWLOaXbt&google_hm=Q0FFU0VFdGJsVEVOSVVWQjZNd0FybmZwd3Nv
Request Chain 234
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIvkj-vS6HMKP-ZGe9YEgDo&google_cver=1&google_push=AYg5qPIJxHUy5tpG8xsp3lrAfAkVJJJNXjqzgKuYNkd6SPu9pKdkqvR3X4SGjQNUTxw7-VHhCTdisfvh0Kqke6aeb7bGtz9zt758 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJxHUy5tpG8xsp3lrAfAkVJJJNXjqzgKuYNkd6SPu9pKdkqvR3X4SGjQNUTxw7-VHhCTdisfvh0Kqke6aeb7bGtz9zt758&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
Request Chain 235
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENkBLQSo4C_OCoClgoyk8gE&google_cver=1&google_push=AYg5qPIOeNduM5Qh0qaW-wxcninABaENDCcfF8mlGMdz5EFRWIje22HYnBMyEk2KOyw-B9lBNk_g-6S_vlTcBN-1Gv6lWcIk54o HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENkBLQSo4C_OCoClgoyk8gE&google_cver=1&google_push=AYg5qPIOeNduM5Qh0qaW-wxcninABaENDCcfF8mlGMdz5EFRWIje22HYnBMyEk2KOyw-B9lBNk_g-6S_vlTcBN-1Gv6lWcIk54o&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIOeNduM5Qh0qaW-wxcninABaENDCcfF8mlGMdz5EFRWIje22HYnBMyEk2KOyw-B9lBNk_g-6S_vlTcBN-1Gv6lWcIk54o
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMkKNtNiMoEsDanrPD90M8U&google_cver=1&google_push=AYg5qPITpcdkmprSP-B4M47AcvsQ0GjMTxnHmmMJ_2sqBFalgiERmwCFJ5IHe_INJgghvUXjL1hFzJx6ADUyf6a5FSkZdMFtMw_0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPITpcdkmprSP-B4M47AcvsQ0GjMTxnHmmMJ_2sqBFalgiERmwCFJ5IHe_INJgghvUXjL1hFzJx6ADUyf6a5FSkZdMFtMw_0
Request Chain 237
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu
Request Chain 238
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAU2_VBwxT3TeQkGpjWNuTM&google_cver=1&google_push=AYg5qPLQ1HEsgw_Pk9evBFY3HAlDGMW8WqhQf2TgQk7wV2JdtV_MefbrPEbDBbzVH5vVQiv9hfdApx2ON4gTMewF1s20tVW0JAVeyw HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLQ1HEsgw_Pk9evBFY3HAlDGMW8WqhQf2TgQk7wV2JdtV_MefbrPEbDBbzVH5vVQiv9hfdApx2ON4gTMewF1s20tVW0JAVeyw&google_hm=
Request Chain 278
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAvRPHe2jwzY8a6kWBQCoCg&google_cver=1&google_push=AYg5qPKgD4ExtGMzo-Hgz5BBHbL3l0v5qaqcQSHcZvpPGgz330MuMGZ3URk7Bo2ClbWiFhlMNIDvJf2fA9lbSlENjfrDZkeXTfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKgD4ExtGMzo-Hgz5BBHbL3l0v5qaqcQSHcZvpPGgz330MuMGZ3URk7Bo2ClbWiFhlMNIDvJf2fA9lbSlENjfrDZkeXTfw&google_hm=f39utwQ8uhBInQsELIpnuw
Request Chain 279
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKgcUnXTi9x4DqcALFJUs_X081zgk0HM-vBklY-j8Sfo-9Halq62fs9GVIvNTGmzjRMaaEQ3i8uF1fdt3wxC9HrBh7GpnM&google_gid=CAESEK1sdPKxUeowV0ZrOsau3IM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCYk9VN25KUA&google_push=AYg5qPKgcUnXTi9x4DqcALFJUs_X081zgk0HM-vBklY-j8Sfo-9Halq62fs9GVIvNTGmzjRMaaEQ3i8uF1fdt3wxC9HrBh7GpnM
Request Chain 280
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIvkj-vS6HMKP-ZGe9YEgDo&google_cver=1&google_push=AYg5qPKyx5sFONGxa4Ad3idtG6vWW3Xa8bR8wwdRXWxIKFVeQayN7OWtI7iODbCVKBMvCy3l88JI60YJ2CjKpnyPav9x46AQ3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyx5sFONGxa4Ad3idtG6vWW3Xa8bR8wwdRXWxIKFVeQayN7OWtI7iODbCVKBMvCy3l88JI60YJ2CjKpnyPav9x46AQ3w&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
Request Chain 281
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENkBLQSo4C_OCoClgoyk8gE&google_cver=1&google_push=AYg5qPLwH3lpfX6tDKUudWe0uL3pFZ-F5lQrMAWMQVRVllbEfLjNk6wBQlDmND_ynE9fGJhyPVTPrGEV9aSmIksP_qxs94bZAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLwH3lpfX6tDKUudWe0uL3pFZ-F5lQrMAWMQVRVllbEfLjNk6wBQlDmND_ynE9fGJhyPVTPrGEV9aSmIksP_qxs94bZAw
Request Chain 282
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMkKNtNiMoEsDanrPD90M8U&google_cver=1&google_push=AYg5qPLNHdqnjciETwxqKQH7eLy90HcZcXsgZMdxfRniP0dn6q018dbe_IwxkRVvYZ-A8sz3IdiaFnPsZBVbH5GgTUMdawo0g2c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPLNHdqnjciETwxqKQH7eLy90HcZcXsgZMdxfRniP0dn6q018dbe_IwxkRVvYZ-A8sz3IdiaFnPsZBVbH5GgTUMdawo0g2c
Request Chain 283
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1
Request Chain 284
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAU2_VBwxT3TeQkGpjWNuTM&google_cver=1&google_push=AYg5qPI-1spBEIi-UlO3lHitW9cgn4TTRcwjNWPKZuKKoN0o9b2n3IIFVO91WSrh772zLMCyFTeah-aenf9uC3KPxHt_jtUgJ2li HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI-1spBEIi-UlO3lHitW9cgn4TTRcwjNWPKZuKKoN0o9b2n3IIFVO91WSrh772zLMCyFTeah-aenf9uC3KPxHt_jtUgJ2li&google_hm=
Request Chain 286
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAvRPHe2jwzY8a6kWBQCoCg&google_cver=1&google_push=AYg5qPK9mSjxw89hDCdIL7hsYmvHwbnZ3_M8iO2X4DK-pweDdeHAQNSW-UDb90qNmRtNCYP9BtHuJoDx2Ro_x2JvkfJJrXgu4K77 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK9mSjxw89hDCdIL7hsYmvHwbnZ3_M8iO2X4DK-pweDdeHAQNSW-UDb90qNmRtNCYP9BtHuJoDx2Ro_x2JvkfJJrXgu4K77&google_hm=f39utwQ8uhBInQsELIpnuw
Request Chain 287
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJbpXb2gcbKL8ZKa6dBxssUOkoz8W1fhXi8lzcTrnuulKR2E4eDxdKEQDz-MBIpqD6idtrl34hJgCSJOWRd52dps0H8sR-Y&google_gid=CAESEK1sdPKxUeowV0ZrOsau3IM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCTnR6TFdmQA&google_push=AYg5qPJbpXb2gcbKL8ZKa6dBxssUOkoz8W1fhXi8lzcTrnuulKR2E4eDxdKEQDz-MBIpqD6idtrl34hJgCSJOWRd52dps0H8sR-Y
Request Chain 288
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIvkj-vS6HMKP-ZGe9YEgDo&google_cver=1&google_push=AYg5qPIjgEtQfiaJ6OljTidlC-Z1kORY-tJ2YcVoTbo55Ape-TO_Q5Mi5amDvSYNIhZotQ6RfjXPKBpq0AFBjZ592dyegPzMoSwb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjgEtQfiaJ6OljTidlC-Z1kORY-tJ2YcVoTbo55Ape-TO_Q5Mi5amDvSYNIhZotQ6RfjXPKBpq0AFBjZ592dyegPzMoSwb&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
Request Chain 289
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENkBLQSo4C_OCoClgoyk8gE&google_cver=1&google_push=AYg5qPI24X890z3D-uOZKdOzUj33xYSHxH0JQwarDpaQs1PifMG1M_6kE50i0FiDXgFMhnF-SQ02HtmlXM4ArcWLGXYvtDaslfp7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI24X890z3D-uOZKdOzUj33xYSHxH0JQwarDpaQs1PifMG1M_6kE50i0FiDXgFMhnF-SQ02HtmlXM4ArcWLGXYvtDaslfp7
Request Chain 290
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMkKNtNiMoEsDanrPD90M8U&google_cver=1&google_push=AYg5qPKRwUA6GLulxv0Qnv-J94jUvHcyZiatrpXh8v8DcKcDFQLO_-Xw0DVgNeDXZ9lHXjJAonVpVnq2Th_tpsEiBecRHfDb5Ev6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPKRwUA6GLulxv0Qnv-J94jUvHcyZiatrpXh8v8DcKcDFQLO_-Xw0DVgNeDXZ9lHXjJAonVpVnq2Th_tpsEiBecRHfDb5Ev6
Request Chain 291
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
Request Chain 321
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzNmIzMTM2Yi00MTc0LTExZWMtOGUzNi0wMjllOTM1MWQ2OGM%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEA09wpR9CNiL-IR9kcx_GOY&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEA09wpR9CNiL-IR9kcx_GOY&google_cver=1&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
Request Chain 322
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YYqX2QADShkyxwAz HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YYqX2QADShkyxwAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYqX2QADShkyxwAz HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYqX2QADShkyxwAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYqX2QADShkyxwAz&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
Request Chain 323
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&_origin=1&gdpr=1&gdpr_consent=
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3211618a-97d9-4600-9dd1-8d6fea8cbe79
Request Chain 325
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
Request Chain 326
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5946305227674196105
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
Request Chain 330
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5939618a-97d9-4a00-ac93-2a24e1f8666b
Request Chain 331
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
Request Chain 332
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7131616832889707207
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
Request Chain 341
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
Request Chain 344
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYqX1-PcBeXTIIB28AFvTgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
Request Chain 345
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YASmVhiC1MKtkt5&gdpr=1
Request Chain 346
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559193&gdpr=1
Request Chain 350
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYqX1-PcBeXTIIB28AFvTgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
Request Chain 351
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
Request Chain 354
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YYqX2QADSdA1_wAz HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYqX2QADSdA1_wAz&gdpr=1&_test=YYqX2QADSdA1_wAz
Request Chain 355
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5172cfa-24a3-4692-ac1b-28a8d4ff294c
Request Chain 356
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 360
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1853969869881666058
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 363
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3211618a-97d9-4600-9dd1-8d6fea8cbe79
Request Chain 364
  • https://pixel.onaudience.com/?partner=214&mapped=502FA0C1-CAC5-4BEE-A99D-DBA3F6E1253D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4df140726466dc9e0d81808a42ead34 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=0dced6813be2d8b8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d31fe3fb-bd14-4d30-6561-a38480b37ce0&reqId=e0c6c2c8-334b-48fd-76a0-2b201e993aef&zcluid=0dced6813be2d8b8&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENCa2TdsOSyn3Tp85eWMCus&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d31fe3fb-bd14-4d30-6561-a38480b37ce0&reqId=e0c6c2c8-334b-48fd-76a0-2b201e993aef&zcluid=0dced6813be2d8b8&zdid=1332
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTAyRkEwQzEtQ0FDNS00QkVFLUE5OUQtREJBM0Y2RTEyNTNE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL8hsv206vnxAMHP4QrX51c&google_cver=1
Request Chain 368
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
Request Chain 374
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 379
  • https://sync.serverbid.com/ss/2000891.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Request Chain 385
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 387
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YASmVhiC1MKtkt5
Request Chain 388
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=90a99e53-a196-46fe-8534-8f6d28d53846&expires=1&user_group=5&ssp=openx&bsw_param=3336b219-a909-468e-896e-472052c0277b HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=3336b219-a909-468e-896e-472052c0277b
Request Chain 389
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=833650016440337580
Request Chain 390
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIRjBFN0RGVEFBQUJxNUNoWnVrZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHF0E7DFTAAABq5ChZukg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHF0E7DFTAAABq5ChZukg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENpeVfJ_-5poY_MtucosOEQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 393
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgwMzEwNTcwNDk5NDkzMDUxNjU%3D
Request Chain 395
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/18031057049949305165?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vejDtRlE2oRVOV8yzxqIDsBfS5.KX4KNHeCfmFHD1A--~A&dongle=0883
Request Chain 398
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=18031057049949305165 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=18031057049949305165&dcc=t
Request Chain 399
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 400
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2668862686710124112&dongle=d407
Request Chain 403
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=1&gdpr_consent=
Request Chain 405
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Request Chain 407
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639064794
Request Chain 408
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6897591931089549114&uid=Q6897591931089549114&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 412
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVS9N8MZ-X-LFLP&sigv=1&esig=2~502a62615665fb1e0489a21b4bca3e3f1369cdbd
Request Chain 414
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDAzZGQ1YzI2ZDg0YzE0YmIxOTRiZWU5YTliNjE2NDdiNmEwMWNiYQ
Request Chain 416
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ
Request Chain 417
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYqX2QADSdA1_wAz
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFt_qVgSuE2F-Bu3vIOYW-c&google_cver=1
Request Chain 419
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5OGO9Z3pXEUppm2aBu-8zw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=851013381327845345
Request Chain 425
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=833650016440337580
Request Chain 426
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=be2682b451bad70ec5ccb236
Request Chain 427
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1597645788 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/18f4a789-2be6-4ca5-a9dc-59c68415bbf4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-148a45fc-a8bf-4006-9327-f7e475218d7d-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
Request Chain 429
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433821652090395
Request Chain 431
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=7556d985-4705-4dd3-98d4-d22294be1646&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 432
  • https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?operaUid=f36377e1d52b46f6b55086773fb2c92a&pid=335&uid=
Request Chain 435
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2668862686710124112
Request Chain 436
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHF0E7DFTAAABq5ChZukg&expiration=1637682394&gdpr=1
Request Chain 437
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559194&gdpr=1
Request Chain 438
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 445
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 449
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=833650016440337580
Request Chain 450
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYqX1-PcBeXTIIB28AFvTgAA%261113
Request Chain 451
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=be2682b451bad70ec5ccb236
Request Chain 453
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP36b3136b-4174-11ec-8e36-029e9351d68c HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP36b3136b-4174-11ec-8e36-029e9351d68c
Request Chain 454
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
Request Chain 455
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D HTTP 302
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4 HTTP 303
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4&_li_chk=true&previous_uuid=f2b8064f2e3a4b1eb980f21045a1b0a6 HTTP 303
  • https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
Request Chain 456
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=833650016440337580
Request Chain 457
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_71df59b6-1541-496f-a950-5f179311acce&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9be787d5-4ec6-4ef3-982b-6c5292cfe6ed&user_group=1&ssp=gumgum2&bsw_param=3336b219-a909-468e-896e-472052c0277b HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=3336b219-a909-468e-896e-472052c0277b
Request Chain 458
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4414ac2a-f651-4323-5e69-60e40f66c4d3$ip$185.213.155.176
Request Chain 459
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_71df59b6-1541-496f-a950-5f179311acce&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=c2v-iaCAs3vLJEryiXkh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YZSOYWWSYKDIFZTG5SMJJCXE6LJLBVWQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YZSOYWWSYKDIFZTG5SMJJCXE6LJLBVWQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=c2v-iaCAs3vLJEryiXkh&us_privacy=1---
Request Chain 460
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003&rndcb=5621872183 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=3336b219-a909-468e-896e-472052c0277b&google_hm=MzMzNmIyMTktYTkwOS00NjhlLTg5NmUtNDcyMDUyYzAyNzdi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHtRjg50EVEF-1XeUjJmTSw&google_cver=1&ssp=adconductor&bsw_param=3336b219-a909-468e-896e-472052c0277b HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/3336b219-a909-468e-896e-472052c0277b?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-148a45fc-a8bf-4006-9327-f7e475218d7d-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
Request Chain 461
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=MNYcojv29THK&ev=1&pid=558355
Request Chain 462
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Z-Zm2g5tQQaXCJcqlrNcUDDQ5qFRSVfK0ti3MAklAxdvWo3Q86Mw-XrGqZQJi3lN%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Z-Zm2g5tQQaXCJcqlrNcUDDQ5qFRSVfK0ti3MAklAxdvWo3Q86Mw-XrGqZQJi3lN%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_71df59b6-1541-496f-a950-5f179311acce&obuid=ENC(Z-Zm2g5tQQaXCJcqlrNcUDDQ5qFRSVfK0ti3MAklAxdvWo3Q86Mw-XrGqZQJi3lN) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=t9ueJBgzABUhX6pDgDtF&pi=outbrain
Request Chain 463
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=b5ab993c-be0a-4bd1-a215-3346c32f3309
Request Chain 465
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=3790efec-4174-11ec-9d14-fb2c7a265914
Request Chain 468
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=53c9f482-5891-48b0-8431-d72f3b8b2a9b
Request Chain 474
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&t=1639064794
Request Chain 475
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
Request Chain 477
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YYqX2QADSdA1_wAz&gdpr=0&gdpr_consent=
Request Chain 481
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YYqX2sCo5tAAANZXUlEAAAAA
Request Chain 482
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=5107433821652090395
Request Chain 483
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=t9ueJBgzABUhX6pDgDtF&pi=gumgum&tc=1
Request Chain 486
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 488
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYqX2QADSdA1_wAz
Request Chain 489
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=7MlfxCgborPcOaSypJvOXyfy&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D7MlfxCgborPcOaSypJvOXyfy HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D7MlfxCgborPcOaSypJvOXyfy HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4df140726466dc9e0d81808a42ead34&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D7MlfxCgborPcOaSypJvOXyfy HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D7MlfxCgborPcOaSypJvOXyfy HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=7MlfxCgborPcOaSypJvOXyfy
Request Chain 490
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2668862686710124112&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 497
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2450375190193386447&gdpr=0&gdpr_consent=
Request Chain 498
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7028597131037767834&gdpr=0&gdpr_consent=
Request Chain 499
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkab64b90d-ecdb-4e46-ae76-d379ba84c5aa&expires=7&user_group=5&ssp=smartadserver&bsw_param=3336b219-a909-468e-896e-472052c0277b HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3336b219-a909-468e-896e-472052c0277b&gdpr=&gdpr_consent=

546 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
threatpost.com/robinhood-trading-platform-data-breach/176106/ 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c5d37752d029a3b7774a68f5cbb95c2e5848db7628310f4e127d1252217ec555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Tue, 09 Nov 2021 15:46:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Link
<https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/176106>; rel="alternate"; type="application/json" <https://threatpost.com/?p=176106>; rel=shortlink
X-Frame-Options
SAMEORIGIN
X-Debug-Auth
off
X-Request-Host
threatpost.com
x-cache-hit
HIT
Content-Encoding
gzip
museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:07 GMT
Server
nginx
ETag
"618a77a3-3ca8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15528
museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-5124"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20772
museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-3dcc"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
15820
museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-51a4"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20900
museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-5c74"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23668
museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-5194"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20884
museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-5bac"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23468
museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-51b8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20920
museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-5b34"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
23348
museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:26 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-50c8"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
20680
op.js
tagan.adlightning.com/math-aids-threatpost/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a2c171afe15c813ea16f589421494fc23f891cbbcccbe77999c2fac7c297fdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:08:01 GMT
content-encoding
gzip
age
2306
x-cache
Hit from cloudfront
content-length
18491
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 09 Nov 2021 14:38:47 GMT
server
AmazonS3
etag
"c4f3a90e3784547f4e4b0d3652287116"
x-amz-version-id
6nIRbqK1CdHh2Cce3v.Cif9UJWfbNwUw
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
qjsI_Rw062Z8GEWW89VSk7D252FAky2dO9ZLJA8AVeeUFvwo83akQw==
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
ec7cbcb312411e6c0f7bfc0c83543804cee6ce8709d54018422f8730af889f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1038 / 973 of 1000 / last-modified: 1636459612"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27078
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 15:46:27 GMT
ros-layout.js
qd.admetricspro.com/js/threatpost/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 03 Nov 2021 12:58:13 GMT
server
cloudflare
etag
W/"67a6-5cfe1f68177b1-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdlrj1Cr4P19b1idszH3yyz7zzqlHI52k1%2BNdERDpJCaXJWU5KxLxCehhOPJLjxjA%2BX9LIm37xWFuDpIlUDvq3T6qPeSmg4YYv%2F9RebizvI0YGjNBlpM25wTQqPG%2F52aeEK7j8DB4cCG1JzG%2BWqIv3KH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6ab82c813ba7693d-FRA
expires
Tue, 09 Nov 2021 15:49:45 GMT
cmp.js
qd.admetricspro.com/js/threatpost/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gs%2BrZGZnE2e3MWXfJ3IqqRYNPv6NPrT6Nnvc3JVRYZucZqDdMSRl9hUrqqg5UilzWIIosoSOrFd2bO1gknn6PuiEUq2GOs0NuPW%2Fur1om2cTvmwB2ExmYPe4kofd%2FrHeMIx%2F%2BdEs5wJjJAgtq3Se6Rul"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6ab82c86490b693d-FRA
expires
Tue, 09 Nov 2021 15:48:08 GMT
uspcmp.js
qd.admetricspro.com/js/threatpost/ 		148 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 08 Aug 2020 22:40:07 GMT
server
cloudflare
etag
W/"24e50-5ac65673cef1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKVeJzKaXgSdGdShbNAzGQmi1o5wHCOrInUWm%2Bc%2BRD02pCdNr3MRoVonMs3b001CmueWzpkK7sL5%2BvwVwjTi2cxkTDsMuhnF3vX2DkcpQ4bCcODhFAylLWNzSQ9iAvHKpSmVsPalRJxHkHYZZ7lWaPar"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6ab82c864911693d-FRA
expires
Tue, 09 Nov 2021 15:50:48 GMT
targeting.js
qd.admetricspro.com/js/threatpost/ 		393 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 21:50:12 GMT
server
cloudflare
etag
W/"189-5c8c2c96f96c7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO9klIeLxBeHpWr2HEPbI0roLT3jDEUJ0z7cUCeo86YP8Wf%2BzvOtqlZ2MRQt6iWppHSdolAGaAymedIVmNGOvf%2BYDESVkQJic3s620d3Lfyd8TsT6EkRYH9oT0O1256%2FM%2F5p2OfeC40FFrNM2dRSjYUc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6ab82c864914693d-FRA
expires
Tue, 09 Nov 2021 15:47:41 GMT
prebid.js
qd.admetricspro.com/js/threatpost/ 		430 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
193
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 14 Oct 2021 15:35:01 GMT
server
cloudflare
etag
W/"6b738-5ce51d26ef74c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a37lFsJL%2B4Z0R9vV2aM%2FMCQkbcibNeNdn6EDCOG6TrLJ9eYZePdptX64LU21TDKPt5hW80%2Fa37HFRYdV2B8jhectFOiK48vFO4JzurUThsNkwVDmOvsRpwOMzTCTC8goulqmJUExJPoHx9RZZa2e5fqS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6ab82c864917693d-FRA
expires
Tue, 09 Nov 2021 15:48:08 GMT
engine.js
qd.admetricspro.com/js/threatpost/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/engine.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 15 Oct 2021 02:14:43 GMT
server
cloudflare
etag
W/"8b7c-5ce5ac22db48b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPpFuTvV7X8PPfCAgtMw609KKOdNvbM5TNY3N%2BuI%2BbE5yms3Uwlz0q8ouz6qcXgCphS%2FSyF%2Fbt%2BfbAxMPEyEM7CVQaNorl0M6IxfR%2BmRdRvuxK2NuhSIYEpyCO7%2FuvVeFmpq8eE9LFZkEIF%2BGh1M%2BLB2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
6ab82c813ba9693d-FRA
expires
Tue, 09 Nov 2021 15:48:10 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		292 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
651e04b0e5647f9e2913196fa892689f13772efe4636cc1bbdad48868f67e1ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
42435
x-cache-hit
HIT
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
QgAcwDVCJGCipgNVxbXOUxkipFkrl7vs0XZ_vIQQuCl1Bt9q3dLTNg==
expires
Wed, 10 Nov 2021 14:47:24 GMT
jquery-1.12.4-wp.js
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
public
Date
Tue, 09 Nov 2021 15:46:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 13:29:07 GMT
Server
nginx
ETag
W/"618a77a3-17a56"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Tue, 16 Nov 2021 15:46:26 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=d6cf2cb9
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
6410
x-cache-hit
HIT
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
JEaXmhUGM-8aCRE2qf9tpEZLMMKR52BlpqxFl-iXq9hj8cG4sIRx3Q==
expires
Wed, 10 Nov 2021 14:47:24 GMT
robinhood.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2021/11/09093410/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/09093410/robinhood.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
192e03583d5e3b9e418577713ec648e7f8b0f45e505b25e4144c982c4b95bc93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:43:19 GMT
via
1.1 dbf3cec9f1989f98e490467b50a97739.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 14:34:12 GMT
server
AmazonS3
age
3789
etag
"cb1dcda2164e0f9b06f7ffe02bfaba00"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
PHX50-C1, FRA50-C1
accept-ranges
bytes
content-length
27345
x-amz-cf-id
GFWsukoiZ5bwveGYo-UNE4e1bIFETJ-IoQSFXvNz2irQzKrVxEixRw==
expires
Wed, 09 Nov 2022 14:34:10 GMT
api.js
www.google.com/recaptcha/ 		852 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
bdcea25ad7f9af5f4e8c55fce64efa20c6c5247c98e3ef68e8b22e1998b589fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
558
x-xss-protection
1; mode=block
expires
Tue, 09 Nov 2021 15:46:27 GMT
scripts.js
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
public
Date
Tue, 09 Nov 2021 15:46:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 13:29:07 GMT
Server
nginx
ETag
W/"618a77a3-828"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Tue, 16 Nov 2021 15:46:27 GMT
api.js
www.google.com/recaptcha/ 		852 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
00e691edd844f707db832038eeaee530372eed2599fc3365746b89ab2cec7458
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Tue, 09 Nov 2021 15:46:27 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=d6cf2cb9
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
926
x-cache-hit
HIT
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
FL_ddKqOGfUXGoQY22i2cS_InpDcgVEfaoAsOO0J55Mrt32C612NMA==
expires
Wed, 10 Nov 2021 14:47:28 GMT
gravityforms.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
public
Date
Tue, 09 Nov 2021 15:46:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 13:29:07 GMT
Server
nginx
ETag
W/"618a77a3-88c2"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=604800, public
Connection
close
Expires
Tue, 16 Nov 2021 15:46:27 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=d6cf2cb9
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
2685
x-cache-hit
HIT
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
4FkoJJ_GA_j0jN8TDUlGf51jQnd1vQfPNpMlM4kUwn0XNxAfDzpLKw==
expires
Wed, 10 Nov 2021 14:47:33 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=d6cf2cb9
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
1747
x-cache-hit
HIT
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
H9pnl_w8aWncqYh8OGpALPoGn3o42xxxOu_NvZv1iL_QAIBlVL9Snw==
expires
Wed, 10 Nov 2021 14:47:28 GMT
/
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 		161 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=d6cf2cb9
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
164f113713f0f15f300354fb36e2f2529e5d2f74c0b88ed714e745a277e4be02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
51515
x-cache-hit
HIT
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-debug-auth
off
x-request-host
assets.threatpost.com
x-amz-cf-id
wfAmAmqEBK1CbXHrHDPV76xyvEee-nNJ7DL7bNY_JPDR63Sf7lwmrA==
expires
Wed, 10 Nov 2021 14:47:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
634
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0A8N9X5Y27BQZPY5ENYM
date
Tue, 09 Nov 2021 15:35:53 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2tkVh1uwNWsEGId-6csYcEeCNck7dvfUtCEVu9AFrXuUfl0xQ37MGA==
connatix.player.dc.js
cds.connatix.com/p/137217/ Frame 319A
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/137217/connatix.player.dc.js
1 MB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/137217/connatix.player.dc.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd44dc96cf769020ece91868865b99ef2aa8478541bad13b64153bcf502a3bd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:26 GMT
content-encoding
br
last-modified
Mon, 08 Nov 2021 17:37:52 GMT
age
77502
etag
"a6a69989195bb355048bcf6e7fbb47c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
233318

Redirect headers

location
https://cds.connatix.com/p/137217/connatix.player.dc.js
date
Tue, 09 Nov 2021 15:46:26 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
/
kasperskycontenthub.com/ 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=580968027&back=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:27 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
application/javascript
x-cache-hit
HIT
Transfer-Encoding
chunked
X-Debug-Auth
off
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Request-Host
kasperskycontenthub.com
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1dec389cf73ad17027aee6f173bf8434f73048fcb3319edd76464011d8a39092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60002
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Nov 2021 15:46:27 GMT
icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:27 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-3496"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
13462
icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 		13 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/robinhood-trading-platform-data-breach/176106/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:27 GMT
Last-Modified
Tue, 09 Nov 2021 13:29:08 GMT
Server
nginx
ETag
"618a77a4-3496"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
13462
logo.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a3-4a32"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
18994
x-amz-cf-id
j9M1mANrjLffCYBuSfcelI6unNHjxTE4LqAzPKzpKcDIfY5nyWRC2w==
expires
Tue, 16 Nov 2021 15:46:27 GMT
mail-plane-light.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a3-33c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
828
x-amz-cf-id
bwV8x44uXgGTsI8glIecKz4LJb8U_E3OuvB1OatG_SIcMik6ZI6Dqw==
twitter-blue.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		868 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a4-364"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
868
x-amz-cf-id
EQuILGP-j-vwKakN0QiB1pT3Kqb_uQNOyrs3EuA8z021LSlUzG-Jrw==
museosans-700-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a4-51a4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20900
x-amz-cf-id
VCP4jzfQgi_WGxS_enyQQ2NdTU0FvBLN2wc0Bmnh717wpETrG1NHaQ==
museosans-100-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a4-50c8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20680
x-amz-cf-id
nC26Wwm0TeiXag0e7OfIUASON2P6KSwbtqm0MDDUub_h7zdxCqVZZA==
museosans-300-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a3-51b8"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20920
x-amz-cf-id
Ruz0NaAdxjhfhbgBurVBpJwVCf6sBCxJcOqMNTiVreNS9g7-1VlR0Q==
museosans-500-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a3-5194"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20884
x-amz-cf-id
1rtcCdKucolt7SGqcwPUpFnkl0Rb0V9StG30QsNRQBuhquxs0S4pMw==
museosans-700italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a4-3dcc"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15820
x-amz-cf-id
f_l-FAGkNOgdB5x8LjTpeeZVDJwzAVtsokZSUcavKzVApAbESZxwhg==
museosans-300italic-webfont.woff2
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a4-5bac"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23468
x-amz-cf-id
mdYqDngJlaelJWcZ377xsMsnB_KQjZld2kb8Ynygj9aQO5LKUE94Qw==
player.css
cds.connatix.com/p/137217/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/137217/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
284da3d2b11c82b2f5624dd0fad62bdcbe3b67a2a8687b00ff04e30deb17fd30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
br
last-modified
Mon, 08 Nov 2021 17:37:53 GMT
age
77502
etag
"e8ad8269886e013999d07e283560f314"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8279
mail-plane-large-dark.svg
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		812 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a3-32c"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
812
x-amz-cf-id
Iui3oOVJd05zm81bHZbuy5NFnzHHM6WzopENwVmzgOTd7K5hc6BJPg==
logo-white.png
assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:08 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a4-260a"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
9738
x-amz-cf-id
bHCodSlF4b_F28YQwmrHheLF-kvi85v9OvvfTKCVvrssGpJAsPgeJg==
expires
Tue, 16 Nov 2021 15:46:27 GMT
Tara-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15114841/Tara-headshot.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 17:03:54 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Fri, 17 Aug 2018 16:22:08 GMT
server
AmazonS3
age
9326554
etag
"dee18dfeea6de13bec60c1e5237eb723"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
13097
x-amz-cf-id
ZcU08iYhAJdr46Ly0EyZvANVxxwNOlxq4dcMIm_tPJ1ssBPrk2Bvcg==
expires
Sat, 17 Aug 2019 16:22:07 GMT
infosec_insiders_in_article_promo.png
media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/infosec_insiders_in_article_promo.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:44:34 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 20:58:17 GMT
server
AmazonS3
age
3754914
etag
"101ba02c43488b8b07cf42f9aa850f6a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
20484
x-amz-cf-id
ZgwRmAegBJuoePSMR3l6gFEkHN9iY7S_vHgwNJLKNRGAAo1_r6KS5w==
expires
Wed, 10 Aug 2022 20:58:15 GMT
arrested-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/07083346/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/07083346/arrested-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ce315aaef4a2143ca3199d8a5c298cc15109d905b4327b8ff919e4bfbeb40e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 10:22:35 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Tue, 07 Sep 2021 12:33:50 GMT
server
AmazonS3
age
192233
etag
"5d3816d90653c778339d216b68f0becc"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
18783
x-amz-cf-id
AQQPgWG8eQCPMu3kvEDw2gzqCh4pwTSSTmBalt8ky9uyDGYZtdj1LQ==
expires
Wed, 07 Sep 2022 12:33:49 GMT
DDoS-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/09/10120505/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/09/10120505/DDoS-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
848c1e69c0c7c9d75f4300302561e43e0dd4df7f6bf1baa258ff4c173a6e1d8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 10:22:01 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Fri, 10 Sep 2021 16:05:09 GMT
server
AmazonS3
age
192267
etag
"73e2b2384d4110d6dea069eda3af1e4d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
36155
x-amz-cf-id
vRcsEehJuwZJqN8DZdALy46YqHKHUKTGqmbFj6-CrS_sP0DmM8DjRw==
expires
Sat, 10 Sep 2022 16:05:08 GMT
zebra2-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/11/08141744/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/08141744/zebra2-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3208dd2d38454e4b00362ae7f8da09e98ad92fe7e21ea2bc483295d55024643d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 19:43:24 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Mon, 08 Nov 2021 19:17:50 GMT
server
AmazonS3
age
72184
etag
"ce83287bdd68b4c9b70159c46883d6b0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
44025
x-amz-cf-id
N7t28wFqS8P1xO4v-v3rkxzNV3X-olpopOKofGjpbC4AP1WEBWUxEw==
expires
Tue, 08 Nov 2022 19:17:49 GMT
ransomware7-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/11/05121727/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/05121727/ransomware7-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41d3883aa9d28284fb0126ba7a9273cc99a1110234d05656236a1d47f48bc6ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 16:38:21 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Fri, 05 Nov 2021 16:17:31 GMT
server
AmazonS3
age
342487
etag
"877263641d2d49ee2b578ff668e04c6a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
2036
x-amz-cf-id
RmgUAZdXBYr70TIFzBkaKP777h5vyvmZSDN8Pi1MMy3igj2sPTb66g==
expires
Sat, 05 Nov 2022 16:17:30 GMT
Firefighter_fire-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/11/04134731/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/04134731/Firefighter_fire-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d85851fa73efc7421749bd4a8944342270ed6a0d7a9bbbbab2c2f7eecdbb10be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 17:51:00 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 17:47:36 GMT
server
AmazonS3
age
424528
etag
"981d55fd1bdb16486fdc56db5cd75227"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2, FRA50-C1
accept-ranges
bytes
content-length
1800
x-amz-cf-id
mrt7use5eHq6Pfsz9ZIUDc6RGONm4JTso8uMX-2AkBAihJ87JUjUIg==
expires
Fri, 04 Nov 2022 17:47:35 GMT
APIs-64x64.gif
media.threatpost.com/wp-content/uploads/sites/103/2021/08/31092830/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/08/31092830/APIs-64x64.gif
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99d379f9f5e11b8e17b64c816166e4ecdfef61fc9b84448d59e75b9030b1898a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 17:06:44 GMT
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2021 13:28:35 GMT
server
AmazonS3
age
513584
etag
"aa317ce79fe01a57106478e81a8a5797"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2, FRA50-C1
accept-ranges
bytes
content-length
3179
x-amz-cf-id
SmzuReS33uTNBi0df5oU2U7TDtQziie5idFsWCSuat2hc7Qx2gMDTw==
expires
Wed, 31 Aug 2022 13:28:34 GMT
cougar-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/10/28174711/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/10/28174711/cougar-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fac892803ed75bf8ad547033fbcccc6afc4cf812d9ae31b6d7d11510254f76e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 21:56:16 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 21:47:16 GMT
server
AmazonS3
age
1014612
etag
"a973abae8452806b0052955c1b4860b9"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
1795
x-amz-cf-id
HDIOzjXkgQhNCpM79rX4ed3v86bKrnKWtmhHUDaNFDxPUSfMU6nzwg==
expires
Fri, 28 Oct 2022 21:47:15 GMT
ransomware-6-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/08/19171000/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/08/19171000/ransomware-6-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe8164494a25e115a1c3e7dde549dab0070c5761d640befb348bc039d07bac22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 23:28:03 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Thu, 19 Aug 2021 21:10:05 GMT
server
AmazonS3
age
1354705
etag
"978c52162a6b925e2cf3309f55586949"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
2697
x-amz-cf-id
YwcKQRJ_TOGd2FajkSEef9rxfzo5Rp00ls7dnLwUOzekwqMFCWqyjQ==
expires
Fri, 19 Aug 2022 21:10:04 GMT
pls
capi.connatix.com/core/ Frame 319A 		18 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
1568d2e7b6c488fbf37b9885a1a57b1c3b738f49ee1b2fac2419ea4af8e8e93b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
7336512
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lOZ8GP9JbfSrbtF8ZR-ztl3P42g77lu18JcYEUIoNLMyNMOG-I7nQQ==
bl-f821a95-45fe27db.js
tagan.adlightning.com/math-aids-threatpost/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-f821a95-45fe27db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8233a50176fde7ecadc3a692924bebad2dafa9855ac6f1b681107c1c4052ed99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:08:02 GMT
content-encoding
gzip
age
2305
x-cache
Hit from cloudfront
content-length
21355
x-amz-meta-git_commit
f821a95
last-modified
Tue, 09 Nov 2021 14:37:52 GMT
server
AmazonS3
etag
"7c9b5327096e14879e9388bde01e22ad"
x-amz-version-id
0CbtIU8jmSb7uSkxMHVRtVsw4sV35Vag
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
WBGmwiFjCNxMYFZm06pCBo3ChFnuy4uk7KliMrFDBuY-macpFnxIyA==
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:54:43 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
server
Server
age
3104
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
662
x-amz-cf-id
ahpaeh-Wb5J1RsA3rZhfZd8vkxwdO3dGIXu9ZpFGzbwUU7rTBImfmg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:29:25 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
37023
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
-PHB5LElEcmMYVIdB2PFdicEa5N2Qo8C27IIhDg49a1OFrcdVz3-1g==
vendor-list.json
qd.admetricspro.com/js/cmp2/ 		256 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 31 May 2021 16:54:38 GMT
server
cloudflare
etag
W/"3ffae-5c3a314b5dcb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxk3TjOugmBCn15Bp23E75Mg%2BiknVM%2FyhjA8XqAmBBIcK%2BWzMu0x7AqX3bN2LFkuFKSeXihUNKGIuOvps4IuU%2FIrvAGOuU03LzJdBc%2FTMcHCkcid7gBLyab8jF%2FiKgwMnVu3tQhH0fvRFJv4g21kqkqB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
6ab82c8888ac5c32-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 09 Nov 2021 15:56:27 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Tue, 09 Nov 2021 16:01:27 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Tue, 09 Nov 2021 15:30:34 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10053
x-request-id
389251573
recaptcha__de.js
www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/ 		153 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138756
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 18:13:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 09 Nov 2022 15:40:41 GMT
flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 		236 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a3-ec"
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
236
x-amz-cf-id
p6Dc7-YL0p2YQBF12_vPpnm19-uRcduBN4XbWnCtsZqx_Wz41LIvnw==
fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:da00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=d6cf2cb9
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 13:29:07 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"618a77a3-12d68"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
x-amz-cf-id
wPiiWPqeTDKwNttihH_S2HrSgx8c1x7_0Or6JT2HO7G6_C0NV4TsoA==
v1
geo.ipify.org/api/ 		380 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
threatintelligenceplatform.com
Software
nginx /
Resource Hash
c3b810d8a24fe204f9bd515333f3f37dcda69917eed7afbad854b1530c25cd4d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
recaptcha__en.js
www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/ 		117 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/kcXVPRWG7fMILHmzon0--fD3/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 04:01:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137623
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 18:13:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 09 Nov 2022 04:01:07 GMT
pubads_impl_2021110401.js
securepubads.g.doubleclick.net/gpt/ 		346 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119010
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 08:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 15:46:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		115 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Tue, 09 Nov 2021 15:46:27 GMT
724.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p13.id5-sync.com
Software
/
Resource Hash
de2c2632a701dceea693a7879d2512a476d91b956dd444122b9b586dd787ec9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Tue, 09 Nov 2021 15:46:20 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6323
date
Tue, 09 Nov 2021 14:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Nov 2021 16:01:06 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
etag
"4zy+3zXYb8Q7og5Af8HrBg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 16 Nov 2021 15:46:27 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100038-IAD, cache-hhn11545-HHN
insights.bin
ins.connatix.com/60764267-557e-410f-85cb-f102d92ee134/2/ Frame 319A 		120 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/60764267-557e-410f-85cb-f102d92ee134/2/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29b9543b1540aa339265d4e5be24903121905e7aaa4608c22180456c48eae2b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
access-control-max-age
86400
content-type
text/html
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
120
retry-after
0
blockedDomains_3.bin
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame 319A 		81 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_3.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be3ba2f86654b73dda7d39ed448c90628092498372215fffe2281e0b587a62dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 13:27:38 GMT
age
3550652
etag
"6a19519ac776603343ae0285e9d02606"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
85
sr
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
ec7cbcb312411e6c0f7bfc0c83543804cee6ce8709d54018422f8730af889f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1038 / 993 of 1000 / last-modified: 1636459612"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27078
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 15:46:27 GMT
2_media.bin
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/ Frame 319A 		477 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5bc52ae2efcff8d5cf4368185e54aef5fecd6124baf0ffa2f80e8cfd028dae03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 08:35:43 GMT
age
25798
etag
"6317621715848997a94720c3aeea2f9e"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
297
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 319A 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125099
x-xss-protection
0
expires
Tue, 09 Nov 2021 15:46:28 GMT
1.png
img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
br
age
1668752
etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age
86400
fastly-io-info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
6487
rules-p-_7kVx0t9Jqj90.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:30:09 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
server
AmazonS3
age
977
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
content-length
2
x-amz-cf-id
blq5HmgWppV1cmAuTa5hYWcbuhevyfGWTXVHsNSYrYXb4kWEm43LAA==
adsct
analytics.twitter.com/i/ 		31 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=bdfd86df-8b02-4be8-a6bf-79c364cba191&tw_document_href=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Tue, 09 Nov 2021 15:46:27 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
dc0e2203fbf66677c62bfb18bc12a8b695ef2247fb6d6b60a461d49a9c112d79
x-transaction
699d8d4e5d8db369
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=bdfd86df-8b02-4be8-a6bf-79c364cba191&tw_document_href=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Tue, 09 Nov 2021 15:46:27 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d48d999ce7119324b7f08d6e12659b26120c085f51df3d0d9a860322695b8bf5
x-transaction
7b79022289db1682
expires
Tue, 31 Mar 1981 05:00:00 GMT
pixel;r=1631923060;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F;uht=2;fpan=1;fpa=P0-1437220804-1636472787853;pbc=;ns=0;ce=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1631923060;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F;uht=2;fpan=1;fpa=P0-1437220804-1636472787853;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211103205804;cm=;gdpr=0;us_privacy=1---;ref=;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1636472787852;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2021%2F11%2F09093410%2Frobin%2Ctype.article%2Ctitle.Robinhood%20Trading%20Platform%20Data%20Breach%20Hits%207M%20Customers%2Cdescription.The%20cyberattacker%20attempted%20to%20extort%20the%20company%20after%20socially%20engineering%20a%20c%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Frobinhood-trading-platform-data-breach%2F176106%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29820
content-type
application/javascript
x-amz-request-id
txfb885b5eaead480dbfa2f-00617b9d6a
x-amz-id-2
txfb885b5eaead480dbfa2f-00617b9d6a
last-modified
Tue, 26 Oct 2021 12:44:38 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4rlt%2FFXdy4PO%2Fjokvtgs9KpeBDrMOh6COpMsRjPVlGxHpB%2BzjB2WFTOfmbAH6s7cEJxz5tB2n8eVwvEvwXo081%2BGO9GKiW0Db%2B8RA%2F%2BBotJSOkLP%2BKdq9kCLBmTiuwoRY9a77PCS3G1eCYK"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1635252278092292
cache-control
public, max-age=1800
cf-ray
6ab82c8cb9b85c38-FRA
expires
Tue, 09 Nov 2021 16:16:27 GMT
724.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p13.id5-sync.com
Software
/
Resource Hash
22f1d64e597d1cf6ae10ffed26c82c88f39e2afc59b354344e2771d9115ab53f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://threatpost.com
Date
Tue, 09 Nov 2021 15:46:20 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&pid=MgHzc32xCKhl6&cb=0&ws=1600x1200&v=7.70.0&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-6794670-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-1%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:27 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
3A51ZP94RVBSEVEV91QD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
5BYAXb35oF0-kUx8hht6InMkoTkIRxoP1crmhzv4cmtuqPGTLlBlGg==
v1
btlr.sharethrough.com/universal/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:28 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:28 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.116.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-116-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:28 GMT
access-control-allow-credentials
true
vary
Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a6e347849fcdd20b50f4739e37a893d547cb5bd7917ddd2ffcabadb7926b033b

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Nov 2021 15:46:28 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
179f02a9c3017f5d4015831aa5c642b141c4518c0e7dd0a838c45472e791169c

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Nov 2021 15:46:28 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&eidid5-sync.com=0&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
55829f1932028bc043ece609efdecdc6ca7ca57d7a4ebdc9aaafd3275a076aa2

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Nov 2021 15:46:28 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
adreq
ads.servenobid.com/ 		650 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=270
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3cb5b33362a1273aa7aa02191108604e561af3d549f782722acff04ce9c93348

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Nov 2021 15:46:28 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
arj
teachingaids-d.openx.net/w/1.0/ 		174 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=68f3dbe8-43df-4442-9e36-96779aa2bf17%2C68f3dbe8-43df-4442-9e36-96779aa2bf17%2Cc44a8683-97b4-4167-9e4c-cd543ea6ca3b%2C6cfc37f4-4afe-45d0-9b80-c248c4f0ba6c%2C6cfc37f4-4afe-45d0-9b80-c248c4f0ba6c&nocache=1636472787934&gdpr=0&x_gdpr_f=1&id5id=0&pubcid=913a0215-3f98-4c70-9fb8-eb436f5801b2&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divids=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&aucs=%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
9e99d327f3a270d9b5510b8429133aaaeed2eda89c5a7ba34e9e62a8a8773e5e

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:28 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b4e0209031bde921d5fcf191c13828c890903e1d8affb3d7f3e23d4abd05e10c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 Nov 2021 15:46:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c7a31c00-2ddc-4e1a-87cb-f29390e0e7dd
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		99 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091cedc4be1eea2beed7bbfb6d19cb8d03be534f40a38da276ea12221dc67535
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
6ab82c8cdfc6dff7-FRA
server
cloudflare
expires
0
mvo
tag.1rx.io/rmp/216477/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=5.17,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:28 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
tlx.3lift.com/header/ 		19 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.17.0&referrer=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tmax=1200&gdpr=false
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.103.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-103-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:28 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.17.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
835f75f337b74c4a413db1be31f0b1f1259e886e7bca9ae820257fd024dda352

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 Nov 2021 15:46:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
prebid
ib.adnxs.com/ut/v3/ 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
565688bca854313e25a6e9e964b235928978f3d20f272fac2862b1e6795217b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:28 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2890999f-2891-42aa-a9cb-0db5a26e74e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
361
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:28 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
305
vary
origin, Accept-Encoding
v2
e.serverbid.com/api/ 		711 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:28 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225866578589ee8a3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F%22%2C%22domain%22%3A%22threatpost.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22threatpost.com%22%7D%2C%22keywords%22%3A%22Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%22id5id%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225990057e1cfd0bd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%226029e409bf6d124%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2261c5ce30f85e374%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f8eb27e82f953c813b41d3c6a316c6cf784cf2fe69788e7e1864b5ad15c5019b

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:28 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 09 Nov 2021 15:46:28 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		585 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=68f3dbe8-43df-4442-9e36-96779aa2bf17&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1295845956085453
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
07084cf19e39ae8925ae7b0868055ecc26347ed5015e6ca3e4fa7d58089c39d4

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
585
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		583 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=c44a8683-97b4-4167-9e4c-cd543ea6ca3b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5799459154451636
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e6d5119257b72182ac88d19da4a2243144ed49122c36d85618c3e1277440ed5d

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
583
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		583 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=6cfc37f4-4afe-45d0-9b80-c248c4f0ba6c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5043062214996166
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7e60bd707e39b81454a566ba6c346eef3ec0f0036fd846396a4e5678245759c9

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
583
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		583 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.page=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&tg_i.domain=threatpost.com&tg_i.dfp_ad_unit_code=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tg_i.pbadslot=22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=6cfc37f4-4afe-45d0-9b80-c248c4f0ba6c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7306513406340276
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d433ddc9c0a7779dcb51d6da3f0f07648e7c280f42049739ead6e61ff3cd69ea

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:28 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
583
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1928449
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx0f1c8cdc280f4c90b7c2a-00616d2a26
x-amz-id-2
tx0f1c8cdc280f4c90b7c2a-00616d2a26
last-modified
Mon, 18 Oct 2021 08:01:50 GMT
server
cloudflare
etag
W/"cae476c264f28e37aca638d685ba55b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chE3TycGXkkwR%2BRg70P%2BZnByuAI6CE4JrWtk98kt7UihvaZpHXREwiu7mBZOKMLOn1GYV6FKe%2FUPDvIWu4odSkwoKFUwUtN2nxM9zrHaj26nNI6u0U8njI%2ByKSYnsPTdOdLXBOw3%2BI6oaRv4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1634544110326910
cf-ray
6ab82c8d1ce968f7-FRA
access-control-allow-headers
Authorization
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=609842062784995&correlator=3061353523378515&output=ldjh&impl=fifs&eid=31063136%2C31063205%2C31063183%2C44748552&vrg=2021110401&ptt=17&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF%2Cthreatpost-300x250-ATF%2Cthreatpost-300x600-ATF%2Cthreatpost-2x2-Skin%2Cthreatpost-AdX-Interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2%2C1x1&ists=1&fas=0%2C0%2C0%2C0%2C8&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_adid_appnexus%3D68a426580c4a0f7%26hb_bidder_appnexus%3Dappnexus%26dyn_bids%3D0.00%26hb_adid%3D68a426580c4a0f7%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Frobinhood-trading-platform-data-breach%252F176106%252F%26urlquery%3Dgoogfc%26contentid%3D176106%26category%3Dbreach%26contenttags%3D%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1636472788&dt=1636472788665&dlt=1636472786068&idt=1820&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1082%2C1082%2C0%2C-9&adys=8%2C165%2C1182%2C8%2C-9&adks=4166723991%2C1414505084%2C1356251026%2C3771495681%2C2643643476&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&msz=728x0%7C300x0%7C300x0%7C1600x0%7C0x-1&ga_vid=1886137934.1636472789&ga_sid=1636472789&ga_hid=1929247112&ga_fc=false&fws=0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
2688c12bd50013696e75dcd498688c0a2f06d47b88ae36b15e7786587760cece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10998
x-xss-protection
0
google-lineitem-id
5792876106,5794282999,5794835207,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138364533266,138364581378,138364590135,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3a0bde367e12cd1e26d08f9c9acc1b55.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7BA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3a0bde367e12cd1e26d08f9c9acc1b55.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 09 Nov 2021 15:46:29 GMT
expires
Wed, 09 Nov 2022 15:46:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021110401.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
ac4bb6d11eb6bc2f873df517370ccaa3e31a0dacbf5b217e28ab97f1eed53a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13414
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 08:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 Nov 2021 15:46:28 GMT
g
capi.connatix.com/rtb/ Frame 319A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
efeff45093bcfc7480a5771ab8c7c46710f1dcb5b1b01e932d4574ed3fa42949

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1214
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&pid=MgHzc32xCKhl6&cb=1&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
XF9GMT58XG073AYDERCW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
UNWEOzHoS6b6uKZlizdN44KJGAUwIqrY9SSWOCVxphTKN0b7GOoXeg==
1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
bl-f821a95-45fe27db.js
tagan.adlightning.com/math-aids-threatpost/ Frame B614 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-f821a95-45fe27db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8233a50176fde7ecadc3a692924bebad2dafa9855ac6f1b681107c1c4052ed99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:08:02 GMT
content-encoding
gzip
age
2307
x-cache
Hit from cloudfront
content-length
21355
x-amz-meta-git_commit
f821a95
last-modified
Tue, 09 Nov 2021 14:37:52 GMT
server
AmazonS3
etag
"7c9b5327096e14879e9388bde01e22ad"
x-amz-version-id
0CbtIU8jmSb7uSkxMHVRtVsw4sV35Vag
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Xlt-lQRorLUO4RDzf8s6JQCAfUvoyv_AV-dsJ8znrAKqs8O3Z6v_lg==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame B614 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
7336514
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
HqSuN4Z_YZqKF6jkqwMtthtA9-JWx32jDEyahmjjOMhnDXpzeN7pMA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B614 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
efef1440417e9b82173f037d7d05be925755e996c96fbbecd49eec673a61b0bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51393
x-xss-protection
0
server
cafe
etag
1884758801004918289
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 15:46:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B614 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 15:46:29 GMT
bl-f821a95-45fe27db.js
tagan.adlightning.com/math-aids-threatpost/ Frame 1915 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-f821a95-45fe27db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8233a50176fde7ecadc3a692924bebad2dafa9855ac6f1b681107c1c4052ed99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:08:02 GMT
content-encoding
gzip
age
2307
x-cache
Hit from cloudfront
content-length
21355
x-amz-meta-git_commit
f821a95
last-modified
Tue, 09 Nov 2021 14:37:52 GMT
server
AmazonS3
etag
"7c9b5327096e14879e9388bde01e22ad"
x-amz-version-id
0CbtIU8jmSb7uSkxMHVRtVsw4sV35Vag
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
9zsM5qwxxsrjWAIlRxb75vQxVHW5sTq-r-JHEe-YuL2u-6nCryp57A==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame 1915 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
7336514
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ydE87hLDm7dWiBkoy6S4dXGZ8toxCPelzgR3i6ueZronsMJcLvurMg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1915 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
efef1440417e9b82173f037d7d05be925755e996c96fbbecd49eec673a61b0bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51393
x-xss-protection
0
server
cafe
etag
1884758801004918289
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 15:46:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1915 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 15:46:29 GMT
bl-f821a95-45fe27db.js
tagan.adlightning.com/math-aids-threatpost/ Frame B0DB 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-f821a95-45fe27db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8233a50176fde7ecadc3a692924bebad2dafa9855ac6f1b681107c1c4052ed99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:08:02 GMT
content-encoding
gzip
age
2307
x-cache
Hit from cloudfront
content-length
21355
x-amz-meta-git_commit
f821a95
last-modified
Tue, 09 Nov 2021 14:37:52 GMT
server
AmazonS3
etag
"7c9b5327096e14879e9388bde01e22ad"
x-amz-version-id
0CbtIU8jmSb7uSkxMHVRtVsw4sV35Vag
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
015ZCy4TUFV9WIwG-5CTm40Uw-WpU3yfThUQg-XUtO6t277WyKZOoA==
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ Frame B0DB 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-20.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:51:16 GMT
content-encoding
gzip
age
7336514
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6MeenKib_y2IzijB_JJnFp3u7mRuUulTl8aFTIsGanPRENa4RiU5cw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B0DB 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
43c50cfe0d8112aaea57c3a80283fcaf3f684212adeb9fea8c86124f68a2b034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51393
x-xss-protection
0
server
cafe
etag
15306520218317650530
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 15:46:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0DB 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 15:46:29 GMT
prebid4.43.0-2.js
cds.connatix.com/p/plugins/ Frame 1230 		376 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c9a29d5877620bf729f6920b50466df6e2635d6cf6a7b3dd7bc7ec4f361bda4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
br
last-modified
Thu, 07 Oct 2021 08:28:44 GMT
age
1842148
etag
"d670a030e44b22136be6fe4a4f92f047"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
105730
playlist.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 319A 		279 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/playlist.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34d7bb2bbd510d29cad7fcf49e89b9f0c2443c09ccfe5b61cdc436522c4ed0ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 08:35:43 GMT
age
25815
etag
"555aab791eaac4ba5ce5f5b879cbef64"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
155
e
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/e
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
view
securepubads.g.doubleclick.net/pcs/ Frame B614 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuj_VFR0-2P1qGaQOXvyI193j1YVx1y0HikZ6HPXJwQ4y34NPi2uomCsG4ezYxKlg6J7ZDqKAO-nL5s7Xa0VNBARzQ_X8jvDgkPHPQQoVic7QDuczvYNQle8bNctCJBUlKMxh4_rm-2Rmm5Qdwuca7h9q_KKC8ycnRBgVi1Zg3Tgj2hpkDUshLzAWG6o5EGTO55gHhsjRA3eMXQjylGmDU-OI2hJUoPoU6wIbYflY1kLSsUeHFZmwcMmCDKr3vnXGPIR9I8MVg61fEF2FqH4QtvSGOjkQJ25fhj0RhfY3Xj7TcTOVs4d9htjIvEGMIPL8WF_xmX&sai=AMfl-YQC1LEtqNxOJPdpBMf8syPPeYga8vOqZXvoYShK8f_VWVyq5UTheLjbJo0k5qI7waBW-99DriT0wZj1UjWM1Rm7JNJLYUb3OIPIEtessuJcAT2wDIgNS0fcmFVQrnU&sig=Cg0ArKJSzIpqAO6Yf0_3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 15:46:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1915 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrtJWV3DMvwcEsAaM-17iCNwq5PQATsQYJNgNt5XXpmTWOkoeBcWN0d-FULQDATVkqF6q_nIEshXBmUOXZmV_FicFQGkCoQNcW39phC58INDnThDfZD55LApgY6YkosmBqH1agxC2Wp-GCgCoixWQXfTS8O_DAZQvNlkTFJ5SMYF9odnrl8pmc1ur_eaS3xJeZuVGeEzwKn9OM2naulG1NVoDso_yYgRHaOYG_KHJZpGj8f_kBAd4sdZO9DO79uErhRMI9EX4DntRQZsb9soYmTHs19vmLiOz6sFM2JC1WdltOs6bvWAciiVmYD-pKB1Ged_09&sai=AMfl-YQeaTt26S8RDMZjFpRmPNp3N2Zut7zsaYxfnz_RYsYdfmjdOo_p-ZTUW7XT4Ou7BcJdEJbM2-r8E03f_-NuNSMQ45KCDQkbM9VJKgpjcxzmCOQWzfdDmkjeF9zk96w&sig=Cg0ArKJSzJQLXzoREPO8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame B0DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbPSThI22Q5VQoN4Gn2cFk6eF-XpwWv3imOFAflKfSLOiULhJ4yovL1YBB0pfVp_0e2_tMH5C1i72bCp7_XREEITUscO0RUSP6GyGlwCO5ydtx06KIzgx9E_8W1Uuf4a0j3FkzsItULgtaDXBNXw0t5jdx5h2URpPjCVw_-F0nEs0oEs8-jLevdgOt60VxCb15KJcx6WWGWbYq6Sl3KesbmQOuLBH_7CnefG-kS9t3lRy6o73LO9m5YU-7FHBmZcuXNJjTmmhhOtnOEJWdUbfB2QMXGsIxaFkwUTfLxVD6MZlubIYbKR5AmLOxjDTZDGnA7GM2&sai=AMfl-YStbMJzLWRRKDOarq_069A688wFcT1vkpDmdkOa6scpL91y5yd16gcEg_HMwKZIxoIRoH09Mi5MfD3LTx8My257x-ivF0LxUHLKbNlpC7W8WCeRnl1RX2KSAvdNERo&sig=Cg0ArKJSzEhDN4lEHEb-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
0.m3u8
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 319A 		657 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
956a23e85d7465a01dc83ce1c54e909fa9f610cc75399006918aafe1377bde0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 08:35:42 GMT
age
25816
etag
"44329412341c3e3198bf36f0390ff1c6"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
257
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 319A 		855 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d6815a002679dd1b83a607c836a7e1503b3fe77b1fcb4c750f2a0827f5971de

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-854

Response headers

date
Tue, 09 Nov 2021 15:46:29 GMT
last-modified
Tue, 09 Nov 2021 08:35:42 GMT
age
25815
etag
"b203e4789588179b8d29a1f7b0fd759b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-854/1760735
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
855
sid
mug.criteo.com/ Frame 1230
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=pLfkQnxJVlg5cWZoZ0I1RnM5ckJYa3ByUzBsdjlmdFZucWxDdzFzRWtIQ2FkYUY3SHpydTZ4SC9TRkVKOFd2MmQ5cXZGT2I0ZUR4K092NDV2dnRnaUxBV0tCWHQwWkk4NkRZckp0dkRyT2ZKdHV0WlFpMzhoa3hSamFucn...
347 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pLfkQnxJVlg5cWZoZ0I1RnM5ckJYa3ByUzBsdjlmdFZucWxDdzFzRWtIQ2FkYUY3SHpydTZ4SC9TRkVKOFd2MmQ5cXZGT2I0ZUR4K092NDV2dnRnaUxBV0tCWHQwWkk4NkRZckp0dkRyT2ZKdHV0WlFpMzhoa3hSamFucnAvUFJSZnQ5QnFRekU1eTFqc1VPOW5jM2hYaVh5c0NQd1lIZk5LUHRQRURndk9mSFpTWDZTT2ZuK0Q5OW5EanJrWjFWRnd2bzFkZHpqdHZEYW0raEtnYzBhdDdVa2ljcjhhWDhkSnEzRERpWGV5OTBaMVpJPXw&cppv=2
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
daf007806619b808de47d0b1735acfe92fe54cae691e90e78d1ca9f6b6df4595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 09 Nov 2021 15:46:29 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2817
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 09 Nov 2021 15:46:29 GMT
location
https://mug.criteo.com/sid?cpp=pLfkQnxJVlg5cWZoZ0I1RnM5ckJYa3ByUzBsdjlmdFZucWxDdzFzRWtIQ2FkYUY3SHpydTZ4SC9TRkVKOFd2MmQ5cXZGT2I0ZUR4K092NDV2dnRnaUxBV0tCWHQwWkk4NkRZckp0dkRyT2ZKdHV0WlFpMzhoa3hSamFucnAvUFJSZnQ5QnFRekU1eTFqc1VPOW5jM2hYaVh5c0NQd1lIZk5LUHRQRURndk9mSFpTWDZTT2ZuK0Q5OW5EanJrWjFWRnd2bzFkZHpqdHZEYW0raEtnYzBhdDdVa2ljcjhhWDhkSnEzRERpWGV5OTBaMVpJPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1711
content-length
482
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 1230 		138 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
85d626fbad5bd67c566f537258a2811cf81e6e39391984163ffe7053ebe9a9b5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:29 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3f0841f1-7a8f-4591-8ffc-acc9efa2ca0d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/233148/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 1230 		24 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435870&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22501f2de3b32248%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2269fa761ea143%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00dd144a7637501b89545623a86d1ae54ecbc4ebe4c0964d5d4edfc815cbbeb7

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 09 Nov 2021 15:46:30 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1230 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4a82b1e600a22132ad30b88a2e9c0f824ba21f49f7eeb0475d28b27050d3d313
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:29 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d36b4391-a0e9-49a9-b3fe-57cf34267898
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame 1230 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
218
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/216475/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216476/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/233098/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 1230 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435871&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2217d7a663b77245d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218600a9bde998e7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e66d7e272030aa1b598aafda6d1afc93dd2d620680e20318ba1a88c61519aeb

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 09 Nov 2021 15:46:30 GMT
translator
hbopenbid.pubmatic.com/ Frame 1230 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
teachingaids-d.openx.net/v/1.0/ Frame 1230 		106 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5cdde952-e904-466e-bbb2-64722d62bc6d&nocache=1636472789859&gdpr=0&pubcid=c68add93-3a7f-44fc-b1af-c37fd5d139ce&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:29 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 1230 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
ads.adaptv.advertising.com/rtb/ Frame 1230 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
avjp
teachingaids-d.openx.net/v/1.0/ Frame 1230 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=86a618c1-1700-4943-8498-fcb5e4e4f469&nocache=1636472789865&gdpr=0&pubcid=c68add93-3a7f-44fc-b1af-c37fd5d139ce&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C7cda80b4-dffa-4268-94a1-f15422810098%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:29 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Tue, 09 Nov 2021 15:46:29 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthreatpost.com%2F&domain=threatpost.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://threatpost.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1566
date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
vary
Accept-Encoding
truncated
/ Frame 1915 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd3069487cdc9b19adfb0fc4d4aba2d6d905ad6e9a1e448257e197c416d2f599

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B614 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4883a9a1f8591ef76adf1befe3820d2887fd83ff276c316fedadd59950a41936

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B0DB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8cb0154ea3380833673e42c71e42f786039c2d5eec4cc051a067ea72a66ef35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pLfkQnxJVlg5cWZoZ0I1RnM5ckJYa3ByUzBsdjlmdFZucWxDdzFzRWtIQ2FkYUY3SHpydTZ4SC9TRkVKOFd2MmQ5cXZGT2I0ZUR4K092NDV2dnRnaUxBV0tCWHQwWkk4NkRZckp0dkRyT2ZKdHV0WlFpMzhoa3hSamFucnAvUFJSZnQ5QnFRekU1eTFqc1VPOW5jM2hYaVh5c0NQd1lIZk5LUHRQRURndk9mSFpTWDZTT2ZuK0Q5OW5EanJrWjFWRnd2bzFkZHpqdHZEYW0raEtnYzBhdDdVa2ljcjhhWDhkSnEzRERpWGV5OTBaMVpJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
810
date
Tue, 09 Nov 2021 15:46:29 GMT
content-encoding
gzip
vary
Accept-Encoding
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ Frame B614 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97992
x-xss-protection
0
server
cafe
etag
6769920751861283988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 15:46:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame 49AC 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:38:54 GMT
expires
Mon, 22 Nov 2021 18:38:54 GMT
content-type
text/html; charset=UTF-8
etag
2948287274155451234
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4905
x-xss-protection
0
age
76056
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ Frame B0DB 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97992
x-xss-protection
0
server
cafe
etag
6769920751861283988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 15:46:30 GMT
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Tue, 09 Nov 2021 15:46:30 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 319A 		233 KB
233 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b226b4f249570f824476853dbf0dfa51000fb57f77b9d5b6d08b00d9e66287e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=855-239366

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
last-modified
Tue, 09 Nov 2021 08:35:42 GMT
age
25816
etag
"b203e4789588179b8d29a1f7b0fd759b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 855-239366/1760735
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
238512
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ Frame 1915 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97992
x-xss-protection
0
server
cafe
etag
6769920751861283988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 15:46:30 GMT
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Tue, 09 Nov 2021 15:46:30 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 319A 		146 KB
147 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0dc6faf184a81d3a610a2752b82ca243d91f05343d3e04b43b0c5c0301a37b1f

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=239367-389313

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
last-modified
Tue, 09 Nov 2021 08:35:42 GMT
age
25816
etag
"b203e4789588179b8d29a1f7b0fd759b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 239367-389313/1760735
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
149947
g
capi.connatix.com/rtb/ Frame 319A 		2 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
28
mq
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/mq?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ps
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
sv
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sv?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
cookie.js
partner.googleadservices.com/gampad/ Frame B614 		12 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=threatpost.com&callback=_gfp_s_&client=ca-pub-7500593236707325&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B614 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B614 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B60D 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
791d0e0b37209bb769892b253cb3861506cd457954d87d1f1faa37aaac8c3e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 09 Nov 2021 15:46:30 GMT
server
cafe
content-length
11471
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame B0DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspB0sROq0KkmHomPKhAlz4ajgc3xMirhmd8jIW8XW6Dj41mkDqQtlV_rniue6a1lyR_YFoYo5v2Z_e-UAvo27sC6oJCvH1MkJ1P59B2wwURqOGSUgdzfRuAeuwo0QmGh5QnVlG-iM7A6-47pWPoA60e40hLwpV3ehuhPHc7oQwb3x3bmjzBorjocGpKsCzdmx3keZr0HVdB65YNlO_JlEbZcXbUg_RUknreLKh-e-qhW_pa3w92GzBcndz2GZ6gEgM0yZyZoZbndFCo9Il9C1pX3KxWIu3CLhS_Px8E2xyRcZxwHGnGQAheFjlSdSSJ1MTkUW1rVA&sai=AMfl-YQXLiYe2u1cnjelkW57N2P7yKcD7Gzn1m49Z3rvXzFLOpXC7YZl23EuZdFiOFAZGQxHPIsbCMRNiQaJQAYIZkCNTdX2SvY1nXgq7k38CA2H1mEXsefymbvMIYGK6yc&sig=Cg0ArKJSzIs8x_T6V9SNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 15:46:30 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame B0DB 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=threatpost.com&callback=_gfp_s_&client=ca-pub-7500593236707325&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B0DB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B0DB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 840C 		23 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f3254b3418951b4d799c8eead9a0ad00d041d18b3bc58efbee8a37531eea2410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 09 Nov 2021 15:46:31 GMT
server
cafe
content-length
11018
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame B0DB 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3cb80e1f928ad98638ae7eccd9b7c26c6ec4a806c47174e140f214aa0f2532d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9376
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1915 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXotiEjbbiHyblfKZwmL8S7OARVETrQjrB5p_gLs6Z6_ByNK_Jg7uydxbJ33_qx_u-K6lV5v864N5rRnfFFB5TtuI-OQFJgYB3d5dLCk-R4Bayngc70jYby1idZ6ItI1FOAqlpQnOlkzdGdcq7eFs19iU-rQdF1IeSF7UfhAWWYAIMtXM4QmJEtE9PG8cfSY-c6L_4Ikpy5N3Eia3pYMZq6OjIcalzeBFJcjsdWLmK2JxUJZToKccBGis0a_zpyjlxLpQiHQme4nmy3YUmcQfDyKGPXik2R4YbSxJnTwsfVdgEnng3opvLRoKPih0N3MQkfehMk8o&sai=AMfl-YRTkImzEWWS-nbVcY0lc-tMZEJmzyXkGbc4aRiYRRJkS7nOk21KFibVXwacySlGp9ZI54gNRA7R3PhjBfQBEIiRCAhuBbQPV42d9qprOnd7SFo_6_Qkeoo01pKnjzc&sig=Cg0ArKJSzCRafq_tcEfoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 15:46:30 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1915 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=threatpost.com&callback=_gfp_s_&client=ca-pub-7500593236707325&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 1915 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1915 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 16FE 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
275cc3af12a592b0de2c366003980156eb338dacddc13ad198b30a16e5d06f5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 09 Nov 2021 15:46:31 GMT
server
cafe
content-length
11662
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1915 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f678808dd71ac4133e0324e1a16f1c53cdb25fcebb7354de45855805bab207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9295
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 3BC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjDKO1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOcBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW1w6NYnCN0IbRTnuUK-NpJJrkNuJZifZeeNzAJIMBcpgWWyJwTlbpgAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzUwMDU5MzIzNjcwNzMyNRgA&sigh=E2YGpG22NY4&uach_m=[UACH]&cid=CAQSOwCNIrLM4RBzIrICv8Srq4sRK6c7jKMV8x2tutnRJ7jExmUmUdkWBbkpSLYoCPGSys1s6XJDuHan6wDqGAE
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Nov 2021 15:46:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 3BC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hsnda266j9b35r97cgxdjwpc9yt162h0fv08fap8c479asdxx314f5mn55qnyj4sc5pkx72v8xkj7kf0v2w8d3n52esphjf7r41my7hkppk4dztr7ztsmgc9fm534yttkv4x5rspv3a8ajr2c5k9ya25zwa10t6cjcdt6ybbrt7bczbeayeaaac90555kx2vq0eee0zvee9c3vensdwg45n66mhs03xrb8sxt05b5nyh0vgp4bm8fk6dje52qvyyfmh439hs897ree4gb6fkefkt5t1v33ve99nasndhae4emes92kvp6ydwde1pymdhgcmbwgxtrdak1kmsmw0gxp58qr264qfwc585t20gbw8s2cpjh4dp94frahwszegkwdw111k2gzphj45&b=YYqX1gAIRZ8IFUTMAAGy8inJmvCVxUVB43z5cw
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 15:46:30 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame CA3D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hmmkwgtdy7347g0pm7x3t7z6a5e0njkkzntq6h1bqc08gn2keg2z1z54xg1kgyas8xzeb1tjsz9pphpb05mtwkd844yzahanz25j74fqvspd4emwdz0bcjz0nd3rav7bgx1wrrmmfrva7r91h1tts7h5yzxpn3pdf8bf74qd4rhy3xx7td7d5dhf0hpnz26qbg3tgwcdr784b6w0jca67jk4w6622tw4rgke8ep8vjk6419136a2pz1t5j0a534zbpjxpgksgnn19gep2c4z6g6j5wxr5z4mk3qsechx4jcnpzckbsbxs7dsbe417fe4147xznxhys07dgvk8n1fwhhnd2qw4rp6qcn5e19hvw2mrn9ega501rmnkwg52hyk595qbpz02b16z3nb0kdkcyb2mn3dh0162466kjz323j5wqr0y90&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%26client%3Dca-pub-7500593236707325%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47791c121ec873a509ee4409bf127acdf94a18648a4eea2db9f07f901c8a252
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab82c9e7f90d6b1-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3BC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 15:43:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 98C8 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
76790
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3BC4 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 15:46:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 3BC4 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 15:40:35 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame CA3D 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmmkwgtdy7347g0pm7x3t7z6a5e0njkkzntq6h1bqc08gn2keg2z1z54xg1kgyas8xzeb1tjsz9pphpb05mtwkd844yzahanz25j74fqvspd4emwdz0bcjz0nd3rav7bgx1wrrmmfrva7r91h1tts7h5yzxpn3pdf8bf74qd4rhy3xx7td7d5dhf0hpnz26qbg3tgwcdr784b6w0jca67jk4w6622tw4rgke8ep8vjk6419136a2pz1t5j0a534zbpjxpgksgnn19gep2c4z6g6j5wxr5z4mk3qsechx4jcnpzckbsbxs7dsbe417fe4147xznxhys07dgvk8n1fwhhnd2qw4rp6qcn5e19hvw2mrn9ega501rmnkwg52hyk595qbpz02b16z3nb0kdkcyb2mn3dh0162466kjz323j5wqr0y90&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%26client%3Dca-pub-7500593236707325%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hmmkwgtdy7347g0pm7x3t7z6a5e0njkkzntq6h1bqc08gn2keg2z1z54xg1kgyas8xzeb1tjsz9pphpb05mtwkd844yzahanz25j74fqvspd4emwdz0bcjz0nd3rav7bgx1wrrmmfrva7r91h1tts7h5yzxpn3pdf8bf74qd4rhy3xx7td7d5dhf0hpnz26qbg3tgwcdr784b6w0jca67jk4w6622tw4rgke8ep8vjk6419136a2pz1t5j0a534zbpjxpgksgnn19gep2c4z6g6j5wxr5z4mk3qsechx4jcnpzckbsbxs7dsbe417fe4147xznxhys07dgvk8n1fwhhnd2qw4rp6qcn5e19hvw2mrn9ega501rmnkwg52hyk595qbpz02b16z3nb0kdkcyb2mn3dh0162466kjz323j5wqr0y90&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%26client%3Dca-pub-7500593236707325%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1108381
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 27 Oct 2021 19:53:29 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ab82c9ec95f5b98-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame CA3D 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmmkwgtdy7347g0pm7x3t7z6a5e0njkkzntq6h1bqc08gn2keg2z1z54xg1kgyas8xzeb1tjsz9pphpb05mtwkd844yzahanz25j74fqvspd4emwdz0bcjz0nd3rav7bgx1wrrmmfrva7r91h1tts7h5yzxpn3pdf8bf74qd4rhy3xx7td7d5dhf0hpnz26qbg3tgwcdr784b6w0jca67jk4w6622tw4rgke8ep8vjk6419136a2pz1t5j0a534zbpjxpgksgnn19gep2c4z6g6j5wxr5z4mk3qsechx4jcnpzckbsbxs7dsbe417fe4147xznxhys07dgvk8n1fwhhnd2qw4rp6qcn5e19hvw2mrn9ega501rmnkwg52hyk595qbpz02b16z3nb0kdkcyb2mn3dh0162466kjz323j5wqr0y90&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%26client%3Dca-pub-7500593236707325%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Tue, 09 Nov 2021 15:46:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65949
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FBKx7aIerSBuENu0xv27bvn8Rs0Ab0S0EkIgxJPb3tnxxThnbhDpRdHQ3OY0Aew0LSQ1fWPVtz3XKXITATtXVzIkg%2Bcl0FMWX9gYjLiaYTp17QSS2M%2BH%2Bvy%2BOMyR0J439Bvt6Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Mon, 08 Nov 2021 21:27:21 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6ab82c9ecffed6b1-FRA
cf-bgj
minify
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CA3D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Tue, 09 Nov 2021 15:46:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4973195
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YR49ExRZp0zTsQgQB1KkVad7nUUVj0Glt1oTBgfugtWuPDNFbGszLTpOmRlRhQ8l9r5ZDxtmsTuMKDxSkgObI2sU7aoItV5v8hLKaXoyHQwkTwwKfVLQF%2F%2B2Hfc5bW5C4EuhpQhTJymEd7CfhwHtT6Qh"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6ab82c9f2fe45c50-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
frame.html
ad4m.at/ Frame ED97 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Tue, 09 Nov 2021 16:46:30 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2332669
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gro28D4%2FKJsHYtOpWM5o2nVnSK9tnBA%2Byw9kV496JTzTRMjox3Noo9j%2B2kcAAFJBecANQiIAwMsZqcHxD%2Bt2sf7VtV4RK%2FajtToJq2gXtUboszn6vlkqyIVHV5hiIE8xYr6l3DM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ab82c9f09ff5b98-FRA
content-encoding
br
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 09 Nov 2021 15:46:30 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-2sfw
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKR5NQ6zyVbRMC0MYSg7GO9kX%2FT%2B5LeXfCFT%2BghW6yaWa8JNXThMHOGBPZLwNA%2BdtaR%2FoB%2BBDqJUppmMHwUhogkMkTXgQJiSMkQE9P%2BoE6lpPVKbkvWPkTKPbGKRTK6VcAO%2FCBQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ab82c9f5d96693f-FRA
rs
ad4m.at/ Frame CA3D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f60c324e2f2e0913976852b4c819b0115b13db7cd550b573160242f949ed32

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6ab82c9fae60693f-FRA
date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBidVbIc%2FLFst2xFoT5sLGr7JdO3WM%2BACYuY%2Bc0vDUaPD3ItIyWezIxrCPDJ7cMA3DpNa4uugkEF48e9u30Jcvu%2Fdvl7Iyy6JbiAn3Oix8GXwZANs9oA1f41g4nN3cBUWlIJ%2Bq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-2sfw
rar
as.ad4m.at/ad/ Frame 86B9 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e1f378dce1c2bb10293068e8721acf9c9418d21b317134ae3b20cbee3f4cc0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hmmkwgtdy7347g0pm7x3t7z6a5e0njkkzntq6h1bqc08gn2keg2z1z54xg1kgyas8xzeb1tjsz9pphpb05mtwkd844yzahanz25j74fqvspd4emwdz0bcjz0nd3rav7bgx1wrrmmfrva7r91h1tts7h5yzxpn3pdf8bf74qd4rhy3xx7td7d5dhf0hpnz26qbg3tgwcdr784b6w0jca67jk4w6622tw4rgke8ep8vjk6419136a2pz1t5j0a534zbpjxpgksgnn19gep2c4z6g6j5wxr5z4mk3qsechx4jcnpzckbsbxs7dsbe417fe4147xznxhys07dgvk8n1fwhhnd2qw4rp6qcn5e19hvw2mrn9ega501rmnkwg52hyk595qbpz02b16z3nb0kdkcyb2mn3dh0162466kjz323j5wqr0y90&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%26client%3Dca-pub-7500593236707325%26adurl%3D

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab82c9fec005b98-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 86B9 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1108382
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 27 Oct 2021 19:53:29 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ab82ca02cd45b98-FRA
cf-bgj
minify
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 86B9 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342666
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdu2H8EztDRkH7xMxkUi_RR54ZTCPrkYJAbFNV3c3b0sQp7Fc5Lbo0cB4LGAzujpB30IhyXag9KvJxClvmnIQ5zdJ6m09g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpS4aBfiOle3c8p%2BoG8J7i13t3nVysScZSKnbCNRPUokdeax3XFOEoYgWQ%2BPArH6ueomd5Mocmu9H3JgYkGaqP1cocPQCVK%2FG%2BgwPYZ7aT4abEJJBnQgwwrrM4b8ryKnCwCUFsEzpNWe%2F1c4"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6ab82ca03a19d6b1-FRA
cf-bgj
imgq:85,h2pri
923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 86B9 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70077
cf-polished
qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid
ADPycdsupjCE2Ubz9JpcgIsaUO6eIa9E8oPPNSpgUXPdfVwV25wPdfbmM3AsEjte2j_HuQJK4xo0HLR20wmfgz5rpMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10372
last-modified
Fri, 18 Sep 2020 09:05:40 GMT
server
cloudflare
etag
"0d69fd9136fbb169fa63568d6c765a6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FpEAtxtiMY1Dm1eioa00UKW%2BnjMhAFQ3HwN%2FdNsmPSGq7HZedS2%2BtMuNk7kOWc%2F7nYKbylt%2FCfl2dd6H8FncoyxYIG0QhpsFzcMJsBC%2F5zp%2FOhrDUQd%2FPL2Iel5Zbx831Rr%2BgGN0FyIODbK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600419940053465
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12438
accept-ranges
bytes
cf-ray
6ab82ca03a1cd6b1-FRA
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 86B9 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67732
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdvdo0azTcM7bgKH_ZV7cWhN5JVbIxsRqU2r_kwvgGeofxNIDpkroAkl6ITJDrTkRwX3DTHPrgysrH2h8RpEHeg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4n7SaST1r6nVZ%2BgkdFgb76uSQYtJMsoRQsoFCZMmSy%2B%2FeVB1MMFHydsA9Hbu%2BPw16dlocQoCq6zg7gicQ4pFIhW7Kn89CylFidiSw6njZYR%2FnvTzmbfUPUi%2F7hJagMhKq2YcViPrBuDZ2bH"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
6ab82ca03a1ed6b1-FRA
cf-bgj
imgq:85,h2pri
F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 86B9 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67867
cf-polished
qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid
ADPycdsNESLDZ-0v_mOhF8RI7XuClkJGSHPbV8KEXWEDMaYbNmLJNQSnwZxPP0r6BAJgy9QGpaDWviQ4Qhx9FrsA2RcUWOtWlw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35504
last-modified
Wed, 19 Feb 2020 17:37:15 GMT
server
cloudflare
etag
"9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BVW5Rv%2Bjrr9eUHTE5MEnlBCMITq18OfiOoV3vizYY92DNUy4wLbirkQgggtZRb2bjPxhYnup4%2BywGJ7fdV6vyWzjw8YszohhFonyxad7SF9cyI25ctd11afXUNr1mcF%2BGtaLRG4gx6FbTxW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1582133835673152
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
40264
accept-ranges
bytes
cf-ray
6ab82ca03a1fd6b1-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 86B9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNPunJvQi_QCFdly4AodHIQEzQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRot...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636472791_35a154e0-4174-11ec-9278-2234ffce0f80
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636472791_35a154e0-4174-11ec-9278-2234ffce0f80
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Tue, 09 Nov 2021 15:46:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1636472791_35a154e0-4174-11ec-9278-2234ffce0f80
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8CF4CECAA4B6B5418D7CD7F081ABD99B7C13E055EB5DF83212C8C0BFC50DD400F65C67309B8DFBDFAA0837008EE450BE6706F83FCBE40DA3C7776FFADEA4758
assets.ad4m.at/logo/ Frame 86B9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8CF4CECAA4B6B5418D7CD7F081ABD99B7C13E055EB5DF83212C8C0BFC50DD400F65C67309B8DFBDFAA0837008EE450BE6706F83FCBE40DA3C7776FFADEA4758
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa9b568619b823bdf222d00cf4bb00f294b479cb430bd7de8ec5dc79df80458

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=xtFiSg==, md5=Y+5Igp57rmrLt28PFAhevA==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95355
cf-polished
origFmt=png, origSize=12295
x-guploader-uploadid
ADPycduiH7ZorHd-QyUljJ-AKzcawQBojyEy360BgbVHf7ptgrMpjSRfb5OnttZ7PKAc8Ex-5CzQO1op34OjiHrh8BI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3330
last-modified
Tue, 28 Sep 2021 15:34:37 GMT
server
cloudflare
etag
"63ee48829e7bae6acbb76f0f14085ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtZw88UgbsGqaVRCZ0RSSyWUXAlsvj4QAJ%2Bx9gdsZ%2FZoa%2BIxjHPCrdkavbYENcD7aw46Gj%2Be9UxS1CpsVzXh3RhjeZAUsV6lXowwIgtolGpv2QlGuhmdcHHy5e%2B5wyg1a5gycIHLfSL0UXHq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1632843276963409
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12295
accept-ranges
bytes
cf-ray
6ab82ca03a25d6b1-FRA
cf-bgj
imgq:85,h2pri
61ECC61C81B67EDE45C6F7B29CD267709447DC04423F9C398E5B7909153DE241CCCC707BF20E291F88DEE1694FB0C06D3E2D6983110483C4EBD4DDE58A489D03
assets.ad4m.at/product_image/ Frame 86B9 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/61ECC61C81B67EDE45C6F7B29CD267709447DC04423F9C398E5B7909153DE241CCCC707BF20E291F88DEE1694FB0C06D3E2D6983110483C4EBD4DDE58A489D03
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8451658212fa322600a440231c41417b6c076f939653bbf7ce7ecd908cffff9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=R64pKQ==, md5=Vn8Tt/WvL1LMZnSSU/Zryg==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69959
cf-polished
origFmt=png, origSize=158824
x-guploader-uploadid
ADPycduyOpED0DulzMC2_YEP5b656wOvZ7TLs20Lzs4kALlXDdlkeQtBWI8WOZkptpj3IiYu-dWlTC70OhkpglBfLW1kD9A0MQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
97578
last-modified
Mon, 08 Nov 2021 14:37:27 GMT
server
cloudflare
etag
"567f13b7f5af2f52cc66749253f66bca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKdzrr74M0xRp1fXimoSbaJMnwy1TmP6Fqqmte8OAG81QdSLklyZhdnMXF%2BKA2ufhYZ9BCWMhmjrETaazwnEoidVl7DGrFa34sIpdSGVrHUDz1vrrxIh6xCR1km7nAJthnWZgKbS3Ksxup8c"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636382247574435
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
158824
accept-ranges
bytes
cf-ray
6ab82ca03a20d6b1-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.zenaps.com/ Frame 86B9
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2924494&v=24521&q=416965&r=412871&pv=1&pref3=oneidWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRot...
  • https://www.zenaps.com/cshow.php?pvr=357c8ed1-4174-11ec-9278-2234ffce0f80&v=24521&r=412871&q=416965&s=2924494&viewref3=oneidWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklN...
43 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zenaps.com/cshow.php?pvr=357c8ed1-4174-11ec-9278-2234ffce0f80&v=24521&r=412871&q=416965&s=2924494&viewref3=oneidWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&pv=1&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 09 Nov 2021 15:46:31 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.zenaps.com/cshow.php?pvr=357c8ed1-4174-11ec-9278-2234ffce0f80&v=24521&r=412871&q=416965&s=2924494&viewref3=oneidWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&pv=1&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
link.html
track.webgains.com/ Frame 86B9 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
46c24a74fd9c6d3dff6de560d83d1a236d8efbe572856bd4b87e9b70c18cc7aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Last-Modified
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1352
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dr
as.ad4m.at/ad/ Frame 6869 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jr2nf9b03ngkytkw83rpbp8zrffyt98gmczp8zh63gdahkkbqbwja3rded00rdvmq36s2m5xz26jhrpeat3hpx0zwp3d7epjy1abp0ek9ce317z5p80p74ev03dtd7zs0dzhq02c6cgtasyg1x5w6nryd2p6bqkkgkmnc56j0n61zgdt1ch4ywxmdmh9m0kqrjc005hght9thyv7pk2ktcjnb2nhr807n4rjd8yqkxxm1e369jxa7yvf9xb0eywa6kqp1hk32b9ztrr2zv6220m85re6j9pr5y0kmzr6yce42bq3r311ekwnsfqjvxcyjw74bmwvbd26kfertvmq57ek8vkbssepy2rprjwfkty2mbnvprxgqs0v5cs9xx5bneaae83hrnhkhsmcgp32n2spwrxhgc46nvprr2bn7ranfvx1d18c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%26client%3Dca-pub-7500593236707325%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825dd9c79e406e55fff5d1d95a18b17f42439e274fc0729a2170d342b6e6688d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab82ca0ae8c5b98-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A8B8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 15:43:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5147 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
76790
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8B8 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 15:46:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A8B8 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 15:40:35 GMT
l
www.google.com/ads/measurement/ Frame A8B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1VevwpyRgLzubFwiVEZ6ALF2OqGE8S7-nbcbrPOXwz_5P17298lclWqMr2vwRC3i0PGL_VdfBqquMGn6ArXPuMKCSsA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame A8B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoKX-1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOgBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZeIsj3hGfzQU2fJ9HKmyAPciVIZGTLB6D4ckIr--A2GVCUi3m4Pv4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzUwMDU5MzIzNjcwNzMyNRgA&sigh=PhgKmFEAhY4&uach_m=[UACH]&cid=CAQSOwCNIrLMXbS3Lxd_0C7WDSSyfw36P1yId0-i0WM6AQVJ3YGzKrN31ogsTT1795J2TJK2dOGdPpBaGBLUGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Nov 2021 15:46:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame A8B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g4ymjwbybjkxba7anhj51vqyxj6kz0pghtp7vj8h2newa5tc125avyknan14v8gjg5svhtvdx7x34fxvjaedwdqwey6zwabetsy8jyvjrx79xmze7hdb3qymc6fj306e6m4xj4y1x2xh74p9z9fenxzqtqnxrdw2n3e1thjsdh800ref55yq5p86tpm8r4n3hc3g6xq57retthredd54rhgh3gg4b77t5pz7yytr4xfn8kzqk0ea93g2c36xqectwzg6sstmw6hzexfhhcpsj1ya3dqwqk2p9y02m5ns838xh3zs2v766f0a2agtts52g3ab0md8carnfpv067m986k3kpr9vfh21c372z08yxxcqr0dbph3jackbyj4zc51zqf5s9fkfvvn1qt&b=YYqX1gAOgbMIFWTaAAdoTEe2XNUiA0AQd7uyeQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
ao
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 840C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1470
x-xss-protection
0
server
cafe
etag
9165589572046851897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 15:43:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 840C 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37743
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636374859716629"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Nov 2021 15:46:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 840C 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6619
x-xss-protection
0
server
cafe
etag
4215814365075848680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Nov 2021 15:40:35 GMT
l
www.google.com/ads/measurement/ Frame 840C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTh2BsqLZnfD7dJxW8_BEQOZ3tSjWYtbYbV3ugHUgjIvEzhQ3wWw9C7_VDWjHsSkb5G19ElNf-zYQn0a4VQXFytNP0Awg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 840C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFIui1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBO4BT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5ZbefZMD9yfQolOFZrEq92wUziBuIAIHLMk59HkrR83KWIwZP-u4oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzUwMDU5MzIzNjcwNzMyNRgA&sigh=JqKaycgiAfc&uach_m=[UACH]&cid=CAQSOwCNIrLModC8bncDw72f3oWUb4JpLcafVJV9fL8gblH4c9Z5Jk4RlaW_7xcSOjXfi2kPvHhUjqyXICOiGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Nov 2021 15:46:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 840C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gyba4kg5hrx49z4a72b6ga0vn64twxc8kc0sc673nakq16mzcshzhr7rx9vz9w4t1hb1444vzt9zzpxwhtssy90c02xb4y2ba48q3qfbc299e57mpvjy2p7nf76smd4pbaefz9ffr6z10aycc09ys3mmzeky4x1xbk7b5r5cdyydrxbze8p585m9tet6rqe48w1nhfxv1vvxvjg00hmdw70b22mf2jzarxwmtsqvzkkkfjbz3zj4mm7mqm52082am69n31qhcb7jad52zw9yc4ckm0fj0d3gbxeeaevw2e1jt4fnmyd4z1b1tpfn8jqpahhs1t6vgz3jkcrh67bf6zh0ftzqq8m4bkdyq74qa54h8vz9xgv1jd0y0kj70zd1qpn9y9m19fpjnmw&b=YYqX1gAN32AIFUr9AAKBvhqy3Ddcp9rap8s4hw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame A3C8 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g8mdz8hmc582r4ws5qzw36grtb5wsn8g559scgxf8ccf9vn4p6enrrf3ag5nj39de76m7rajbk21cejy1jsds3jmngn6vfn2z13zatnevw6c9tbb16a6yzzgtrfkgpvyhd72nw713e60yyftfz9n1wajqjzar7wjdhk50m8gwr7ag7cwgrvg70bmj9750mja6x17wvjjj9ew81jvjndxmb3hg3g94kttdhgjz2p3jbvkmfj9ggg7d192e17kv7w0qh8mssa2nxcfhhcnm9f06tayte1vx7ywhrsyzwkjnw91fhndfa6far385vynmwgh7wz1a77krn8wq1rz86158z25y0e4ywnye0xgcs6ryg14neejpswf3jyrbz4xtg92cjsa09fjnayap9hfejsxk6g8f7094wb7vnwps414y27hss9chpf6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%26client%3Dca-pub-7500593236707325%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c9c25a5fc5d0be5180021aef99fef255a05478f67ff50873d66c1c298175fd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab82ca0cec45b98-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4B70 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 08 Nov 2021 18:26:41 GMT
expires
Tue, 09 Nov 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
76790
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame 98C8 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAvRPHe2jwzY8a6kWBQCoCg&google_cver=1&google_push=AYg5qPKGAM4S19ZNjzvWLrrY9QlNJ5nFlam7c_DjDEjxYKpp51hJhryHznbqUiwQ_Vq_yGOj6oLCQf4BRh_d5iuD0-wEPy68FKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEEtblTENIUVB6MwArnfpwso&google_cver=1&google_push=AYg5qPJymNE5agK3QPoyjj-lem92iFgs8XPFNSEvimz17VoO_4Mi3YJjoveS8PHn9Zi_MSvusswW6KjICuQlOqWtes9QcWLOaXbt
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJymNE5agK3QPoyjj-lem92iFgs8XPFNSEvimz17VoO_4Mi3YJjoveS8PHn9Zi_MSvusswW6KjICuQlOqWtes9QcWLOaXbt&google_hm=Q0FFU0VFdGJsVEVOSVVWQ...
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJymNE5agK3QPoyjj-lem92iFgs8XPFNSEvimz17VoO_4Mi3YJjoveS8PHn9Zi_MSvusswW6KjICuQlOqWtes9QcWLOaXbt&google_hm=Q0FFU0VFdGJsVEVOSVVWQjZNd0FybmZwd3Nv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJymNE5agK3QPoyjj-lem92iFgs8XPFNSEvimz17VoO_4Mi3YJjoveS8PHn9Zi_MSvusswW6KjICuQlOqWtes9QcWLOaXbt&google_hm=Q0FFU0VFdGJsVEVOSVVWQjZNd0FybmZwd3Nv
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIvkj-vS6HMKP-ZGe9YEgDo&google_cver=1&google_push=AYg5qPIJxHUy5tpG8xsp3lrAfAkVJJJNXjqzgKuYNkd6SPu9pKdkqvR3X4SGjQNUTxw7-VHhCTdisfvh0Kqke6aeb7bGtz9zt758
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJxHUy5tpG8xsp3lrAfAkVJJJNXjqzgKuYNkd6SPu9pKdkqvR3X4SGjQNUTxw7-VHhCTdisfvh0Kqke6aeb7bGtz9zt758&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJxHUy5tpG8xsp3lrAfAkVJJJNXjqzgKuYNkd6SPu9pKdkqvR3X4SGjQNUTxw7-VHhCTdisfvh0Kqke6aeb7bGtz9zt758&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:30 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIJxHUy5tpG8xsp3lrAfAkVJJJNXjqzgKuYNkd6SPu9pKdkqvR3X4SGjQNUTxw7-VHhCTdisfvh0Kqke6aeb7bGtz9zt758&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
gdfehelcgo50aaib9jlj8250q9af3le7
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIOeNduM5Qh0qaW-wxcninABaENDCcfF8mlGMdz5EFRWIje22HYnBMyEk2KOyw-B9lBNk_g-6S_vlTcBN-1Gv6lWcIk54o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIOeNduM5Qh0qaW-wxcninABaENDCcfF8mlGMdz5EFRWIje22HYnBMyEk2KOyw-B9lBNk_g-6S_vlTcBN-1Gv6lWcIk54o
date
Tue, 09 Nov 2021 15:46:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMkKNtNiMoEsDanrPD90M8U&google_cver=1&google_push=AYg5qPITpcdkmprSP-B4M47AcvsQ0GjMTxnHmmMJ_2sqBFalgiERmwCFJ5IHe_INJgghvUXjL1h...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPITpcdkmprSP-B4M47AcvsQ0GjMTxnHmmMJ_2sqBFalgiERmwCFJ5IHe_INJgghvUXjL1hFzJx6ADUyf6a5FSkZdMFtMw_0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPITpcdkmprSP-B4M47AcvsQ0GjMTxnHmmMJ_2sqBFalgiERmwCFJ5IHe_INJgghvUXjL1hFzJx6ADUyf6a5FSkZdMFtMw_0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPITpcdkmprSP-B4M47AcvsQ0GjMTxnHmmMJ_2sqBFalgiERmwCFJ5IHe_INJgghvUXjL1hFzJx6ADUyf6a5FSkZdMFtMw_0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9...
0
0
pixel
cm.g.doubleclick.net/ Frame 98C8
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAU2_VBwxT3TeQkGpjWNuTM&google_cver=1&google_push=AYg5qPLQ1HEsgw_Pk9evBFY3...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLQ1HEsgw_Pk9evBFY3HAlDGMW8WqhQf2TgQk7wV2JdtV_MefbrPEbDBbzVH5vVQiv9hfdApx2ON4gTMewF1s20tVW0JAVeyw&google_hm=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLQ1HEsgw_Pk9evBFY3HAlDGMW8WqhQf2TgQk7wV2JdtV_MefbrPEbDBbzVH5vVQiv9hfdApx2ON4gTMewF1s20tVW0JAVeyw&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLQ1HEsgw_Pk9evBFY3HAlDGMW8WqhQf2TgQk7wV2JdtV_MefbrPEbDBbzVH5vVQiv9hfdApx2ON4gTMewF1s20tVW0JAVeyw&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 08 Nov 2021 15:46:31 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 98C8 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFRpERn_XIJ1cs7gvSUfuyiOYYfOUSomlHG_RTvZmntlEMgpVrxY4nx__SMjvFGKAYXXvCOQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=90&slotname=5620800026&adk=2236077833&adf=3173046727&pi=t.ma~as.5620800026&w=970&psa=0&format=970x90&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790030&bpp=8&bdt=831&idt=446&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=2&ga_vid=659362248.1636472790&ga_sid=1636472790&ga_hid=256388030&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=8&biw=1600&bih=1200&isw=970&ish=90&ifk=1425649986&scr_x=0&scr_y=0&eid=31063355&oid=2&pvsid=2336453506913286&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.93vx8qg477yr&fsb=1&dtd=470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 6869 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jr2nf9b03ngkytkw83rpbp8zrffyt98gmczp8zh63gdahkkbqbwja3rded00rdvmq36s2m5xz26jhrpeat3hpx0zwp3d7epjy1abp0ek9ce317z5p80p74ev03dtd7zs0dzhq02c6cgtasyg1x5w6nryd2p6bqkkgkmnc56j0n61zgdt1ch4ywxmdmh9m0kqrjc005hght9thyv7pk2ktcjnb2nhr807n4rjd8yqkxxm1e369jxa7yvf9xb0eywa6kqp1hk32b9ztrr2zv6220m85re6j9pr5y0kmzr6yce42bq3r311ekwnsfqjvxcyjw74bmwvbd26kfertvmq57ek8vkbssepy2rprjwfkty2mbnvprxgqs0v5cs9xx5bneaae83hrnhkhsmcgp32n2spwrxhgc46nvprr2bn7ranfvx1d18c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%26client%3Dca-pub-7500593236707325%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jr2nf9b03ngkytkw83rpbp8zrffyt98gmczp8zh63gdahkkbqbwja3rded00rdvmq36s2m5xz26jhrpeat3hpx0zwp3d7epjy1abp0ek9ce317z5p80p74ev03dtd7zs0dzhq02c6cgtasyg1x5w6nryd2p6bqkkgkmnc56j0n61zgdt1ch4ywxmdmh9m0kqrjc005hght9thyv7pk2ktcjnb2nhr807n4rjd8yqkxxm1e369jxa7yvf9xb0eywa6kqp1hk32b9ztrr2zv6220m85re6j9pr5y0kmzr6yce42bq3r311ekwnsfqjvxcyjw74bmwvbd26kfertvmq57ek8vkbssepy2rprjwfkty2mbnvprxgqs0v5cs9xx5bneaae83hrnhkhsmcgp32n2spwrxhgc46nvprr2bn7ranfvx1d18c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%26client%3Dca-pub-7500593236707325%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1108382
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 27 Oct 2021 19:53:29 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ab82ca0ef065b98-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 6869 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jr2nf9b03ngkytkw83rpbp8zrffyt98gmczp8zh63gdahkkbqbwja3rded00rdvmq36s2m5xz26jhrpeat3hpx0zwp3d7epjy1abp0ek9ce317z5p80p74ev03dtd7zs0dzhq02c6cgtasyg1x5w6nryd2p6bqkkgkmnc56j0n61zgdt1ch4ywxmdmh9m0kqrjc005hght9thyv7pk2ktcjnb2nhr807n4rjd8yqkxxm1e369jxa7yvf9xb0eywa6kqp1hk32b9ztrr2zv6220m85re6j9pr5y0kmzr6yce42bq3r311ekwnsfqjvxcyjw74bmwvbd26kfertvmq57ek8vkbssepy2rprjwfkty2mbnvprxgqs0v5cs9xx5bneaae83hrnhkhsmcgp32n2spwrxhgc46nvprr2bn7ranfvx1d18c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%26client%3Dca-pub-7500593236707325%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65950
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVF%2Bo%2BC1K0ntGtjb1C3KvUMNmcSvPUNPot9vO%2FOo6rrEGuJt8YVEAU1eW%2BUsVxLLlUlzR2IAIzIwmIOM8kzZuwZSoZojcQC6rrCKBIzOnTvAJpGEQfOoRsPGL6wzQgL5L%2Fqzppc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Mon, 08 Nov 2021 21:27:21 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6ab82ca0ef0a5b98-FRA
cf-bgj
minify
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame A3C8 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g8mdz8hmc582r4ws5qzw36grtb5wsn8g559scgxf8ccf9vn4p6enrrf3ag5nj39de76m7rajbk21cejy1jsds3jmngn6vfn2z13zatnevw6c9tbb16a6yzzgtrfkgpvyhd72nw713e60yyftfz9n1wajqjzar7wjdhk50m8gwr7ag7cwgrvg70bmj9750mja6x17wvjjj9ew81jvjndxmb3hg3g94kttdhgjz2p3jbvkmfj9ggg7d192e17kv7w0qh8mssa2nxcfhhcnm9f06tayte1vx7ywhrsyzwkjnw91fhndfa6far385vynmwgh7wz1a77krn8wq1rz86158z25y0e4ywnye0xgcs6ryg14neejpswf3jyrbz4xtg92cjsa09fjnayap9hfejsxk6g8f7094wb7vnwps414y27hss9chpf6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%26client%3Dca-pub-7500593236707325%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g8mdz8hmc582r4ws5qzw36grtb5wsn8g559scgxf8ccf9vn4p6enrrf3ag5nj39de76m7rajbk21cejy1jsds3jmngn6vfn2z13zatnevw6c9tbb16a6yzzgtrfkgpvyhd72nw713e60yyftfz9n1wajqjzar7wjdhk50m8gwr7ag7cwgrvg70bmj9750mja6x17wvjjj9ew81jvjndxmb3hg3g94kttdhgjz2p3jbvkmfj9ggg7d192e17kv7w0qh8mssa2nxcfhhcnm9f06tayte1vx7ywhrsyzwkjnw91fhndfa6far385vynmwgh7wz1a77krn8wq1rz86158z25y0e4ywnye0xgcs6ryg14neejpswf3jyrbz4xtg92cjsa09fjnayap9hfejsxk6g8f7094wb7vnwps414y27hss9chpf6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%26client%3Dca-pub-7500593236707325%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1108382
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 27 Oct 2021 19:53:29 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ab82ca0ff285b98-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame A3C8 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g8mdz8hmc582r4ws5qzw36grtb5wsn8g559scgxf8ccf9vn4p6enrrf3ag5nj39de76m7rajbk21cejy1jsds3jmngn6vfn2z13zatnevw6c9tbb16a6yzzgtrfkgpvyhd72nw713e60yyftfz9n1wajqjzar7wjdhk50m8gwr7ag7cwgrvg70bmj9750mja6x17wvjjj9ew81jvjndxmb3hg3g94kttdhgjz2p3jbvkmfj9ggg7d192e17kv7w0qh8mssa2nxcfhhcnm9f06tayte1vx7ywhrsyzwkjnw91fhndfa6far385vynmwgh7wz1a77krn8wq1rz86158z25y0e4ywnye0xgcs6ryg14neejpswf3jyrbz4xtg92cjsa09fjnayap9hfejsxk6g8f7094wb7vnwps414y27hss9chpf6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%26client%3Dca-pub-7500593236707325%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65950
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmDxs4Z5drys99H8O72juTlz4KggcBJUbDbRv7t6UTdbu3X8yaCtOX2yhHXUgOaeMhzHXeYzBxrx%2FovnNMRazYHPEjI6nGcuuKDZgmwIMfu1p7W9eHhpXMwBZaK0VwqjD7X97nU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Mon, 08 Nov 2021 21:27:21 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6ab82ca0ff295b98-FRA
cf-bgj
minify
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6869 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4973196
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONb00Ky2Fd2%2FU2TS9wxyGnS2rMif3Cjyq8ZxtOdVhYVhx0V1f5efw4ZWV94gmyhhT2tT4BuVWxQeXbcKCAXIi0D%2BGhu6SZIcoFRURsKQFGxBamle3e1qtNs7SgTqpL%2B7ow%2BXopmnumylXqpbhk1sX1DB"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6ab82ca139584eda-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
frame.html
ad4m.at/ Frame 06D3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Tue, 09 Nov 2021 16:46:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2332670
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glelat%2BnzFuwW7Ix1iulRm7PRCwzFQHFH0sV4CE5eVJ%2BNe0m0eOAL7tx0tRYMsjgXf0BE1%2Bge9Td7eF3yvXcxRcmt0TWRZKSZBqTDXxzCfHUcyOFweFjvVmDFJH3y7BEDsUBG9E%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ab82ca12f575b98-FRA
content-encoding
br
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A3C8 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4973196
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiImgUtMd0jPwyLdxg9hQoz1m9UY%2FkyN8ZUW5nNV9Nzo97ek054J1yKEI21o6Tn8sY3LnZoZ5pjZ7nCZ9cNYK1r%2BzB7tyAJZw0jofYkD7QhOy0tjO%2B1MjLbjHXM7oU3UZDQOC%2BSO8my1n3kPWtgMC1Jp"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6ab82ca139544eda-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
frame.html
ad4m.at/ Frame 3564 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Tue, 09 Nov 2021 16:46:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2332670
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf8Nr3bScYSDaZ2RtJ9ceMkpHpjh7sU2xhoT24C97JLxQU6n8XjxMJBujqrKCP8SLh47fkNBGg64ylhx93%2FDN%2Fi0NiAMwD41hcf32tAd08B3OztuXDOK6s%2BdGQusVl6v3iAjWis%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ab82ca12f715b98-FRA
content-encoding
br
rs
ad4m.at/ Frame A3C8 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f65c4ded25c41692a93d255c063e9a478cbeb1c9683d7afe976d58b8ab8117

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6ab82ca1ab83693f-FRA
date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8rjNjbByoDr4xH3w%2Bj7kCkhsTXa6xBqDM7%2FgLU708geHSJmXgzDBhAe6GG4ITDMwrkz0L2qJ0aYmeJjVdeKAhkC9N350R%2BcJWL%2Bkbr4h%2B3uOl8bNevuglHOPZvHBqYZxuYtuVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-2sfw
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-2sfw
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft%2B2CIbYgXb5lPN%2B76OUz2pkuTsfpfqP1FXfDYmakwU1cSBcxB1OGdRGXQUuOQV9KRoFH1FBbmd448MGyHDFNCRSRwua3TYBXybAT7Ir%2BEZNSHAY0vE24aegCfogDuws%2F92sFzc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ab82ca16aef693f-FRA
rs
ad4m.at/ Frame 6869 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa9494d1f2a92faaac34f984489d5314b5f92f766cc521c9bd269005257a113d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6ab82ca1ab80693f-FRA
date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePWB5Ft%2FnExBmUsjVPVm21UuHUIYbbtCuy1aHFuRHOJNfMpLTTnarYGdL3qqtQIvDwZfCFEfl50VwkHXmBUOrPr4FH9297zak3tMLRLgaHZam%2FyH5a%2BMavyzcvXaPCpvYJ5w%2F4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-2sfw
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-2sfw
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnzhlrkha8%2BGoT1h7oE3Q%2F6ZfHG3B30rvzvUt2j89BL4xRibMSP%2BFXkH9jjIWKgFdnomR%2B1IalaLrK%2FtQ8N7vZKUoX4PuCLN3PGUuQPK36x8Jfr3JUZSI5iVxdqdn5Fngi%2B7u%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ab82ca16af7693f-FRA
pvClk.min.js
analytics.webgains.io/ Frame 86B9 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 11:05:39 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
16853
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
51794
x-amz-cf-id
7b8lbMqs96fB2egKbiRX4cdb82AQWaa4sTaHGFu877s32IbL8xRnnQ==
link.html
track.webgains.com/ Frame 86B9 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid4BjuEf5fmdXfGH9HdtAtDXrTbSpTWGfKoneid__Autoscout24_IO_120x600&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C15255%2C169851&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2CWrpSrfYdsZZbzsYH5Hjtxt897qhPTET4QF2&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2C5reSXf4EsWWbrUpH7HMtkC7YRpTETVTzeF1&c=728&d=90&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=8a464f78024444bf0ee3991eec5b05ea%2F1755832909540319487&i=27720%2C25174%2C65713&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791009&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hyk5jwtyk0w6bw3kcj53djhdzfavvx1jwxjx9zhxfmm0vmk1maqeqh3aae0whnrywqes6wn010gjk67ysn26ef8zwz9pfwzbh426gj3cnaxph6txgfbppnc7zzpx38nbbgtkxtkd8kbprpfe235e9ytc73t1kd2055bkjpva0v2fham16fwebeqz68sgka3cxhrmc3q525jd67drcbn69hamx6z6fewbyh2mz56xy7yrjt30bp7f90zstdvdj62bqyx7bnkphcetj0nppz0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZO6N1peKYZ-LIcyJ1fAP8uWGoA6Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOoBT9DdEo9QRZjQ5OXYiAZ_p5m5OIbX7Wp0Jzz9OEkd-0182YaDTq0_nlFTFSomGpUEB3POJKRxx0SScyrLDxIN0WhA2AcZUpIR0YhpXOZKhiqIcTsWxM769gsUDtGr2FreuX_L_Pjb94N8TF38Jv-VRux1zVSOmtUx3CdSFZutj60E8KSJetIScwnGq7RlgKjIiMiTS3ff2DSE50utjpVBAP7JzHrh1msg7FJ2xoWhB9xLsdc_m5bfHOtvmvmdBIvW10yPQ-JaKQGRhvzcvTkgtmjdIuj0g9hGpVwCbRH55oY6Q_es0RYh7oM9gAaj4ejr-ezk1_cBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2cs52RxEppZ17orShoC2dRMaT-qg%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Last-Modified
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
rar
as.ad4m.at/ad/ Frame 357F 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4feebe232f300c8a94ef2b2fb9407e0ff54e8b4a8005e46a1b0a2017004f8956
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g8mdz8hmc582r4ws5qzw36grtb5wsn8g559scgxf8ccf9vn4p6enrrf3ag5nj39de76m7rajbk21cejy1jsds3jmngn6vfn2z13zatnevw6c9tbb16a6yzzgtrfkgpvyhd72nw713e60yyftfz9n1wajqjzar7wjdhk50m8gwr7ag7cwgrvg70bmj9750mja6x17wvjjj9ew81jvjndxmb3hg3g94kttdhgjz2p3jbvkmfj9ggg7d192e17kv7w0qh8mssa2nxcfhhcnm9f06tayte1vx7ywhrsyzwkjnw91fhndfa6far385vynmwgh7wz1a77krn8wq1rz86158z25y0e4ywnye0xgcs6ryg14neejpswf3jyrbz4xtg92cjsa09fjnayap9hfejsxk6g8f7094wb7vnwps414y27hss9chpf6&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%26client%3Dca-pub-7500593236707325%26adurl%3D

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab82ca1e8cd5b98-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame 6658 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f43639622c31cfd9cd5c8ffc722bbe10e709d6750b17bcdd51de513a2c9abb5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jr2nf9b03ngkytkw83rpbp8zrffyt98gmczp8zh63gdahkkbqbwja3rded00rdvmq36s2m5xz26jhrpeat3hpx0zwp3d7epjy1abp0ek9ce317z5p80p74ev03dtd7zs0dzhq02c6cgtasyg1x5w6nryd2p6bqkkgkmnc56j0n61zgdt1ch4ywxmdmh9m0kqrjc005hght9thyv7pk2ktcjnb2nhr807n4rjd8yqkxxm1e369jxa7yvf9xb0eywa6kqp1hk32b9ztrr2zv6220m85re6j9pr5y0kmzr6yce42bq3r311ekwnsfqjvxcyjw74bmwvbd26kfertvmq57ek8vkbssepy2rprjwfkty2mbnvprxgqs0v5cs9xx5bneaae83hrnhkhsmcgp32n2spwrxhgc46nvprr2bn7ranfvx1d18c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%26client%3Dca-pub-7500593236707325%26adurl%3D

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ab82ca1e8de5b98-FRA
content-encoding
br
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B0DB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 15:46:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1915 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 15:46:31 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 6658 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1108382
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 27 Oct 2021 19:53:29 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ab82ca239775b98-FRA
cf-bgj
minify
D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 6658 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69120
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdsFPSu4ps8ob4R3nCQTZFRR3JOzVssSMJVnIwLJzfvP2u8-YsEnQSPxCCyEQHzVJ8SFsi1h-bjd4sLVdhdTzrDRx5hvPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6390
last-modified
Wed, 18 Aug 2021 10:34:33 GMT
server
cloudflare
etag
"26c84ef9c719f5cf615a799a8667d2e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2gzZr0N4l3K7Kt5wlfzbH1qRxbdpV7Os2O2L9WwJlZ2l0RiVquMNBPJLhzr6UIRT5IWi2YOLsu5%2BEJd8dtCmPeMEod1gbDqnShub1JR7kAGGutEbPI2820Pc9N5PnQdMpQwv8G%2B10G4rh5u"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1629282873725600
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6ab82ca239785b98-FRA
cf-bgj
imgq:85,h2pri
8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 6658 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70223
cf-polished
qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid
ADPycdufFQRo7ZOoOjMxoIWoiO4BGSoBB6Rc_TMq36PeGz13kod-IojlsdOKpsM00xPtGtNWFPGzS27nrvdOCaU9U1wXkS74HA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28448
last-modified
Tue, 03 Aug 2021 12:47:14 GMT
server
cloudflare
etag
"6d92776609fcae3d35627b3987f9b1e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdtQaYuDJWguqiTNJZDUMV%2FbdeKcHIRThfxRuY4%2B1RsmQBi6j7gskNL%2BBTkhB9ORhZJ2jxr%2BDirHd%2Fywvm72pHIzx%2FaBfoifeZrI7cga7rR0s5LDckojDrgHX0k%2FUDcqMEq0BvAie%2BD9HQuN"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1627994834652806
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
82379
accept-ranges
bytes
cf-ray
6ab82ca239845b98-FRA
cf-bgj
imgq:85,h2pri
tsv
neso.r.niwepa.com/ts/i5542019/ Frame 6658 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.187.117.15 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
15.117.187.35.bc.googleusercontent.com
Software
nginx/1.13.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
last-modified
Tue, 09 Nov 2021 15:46:31 GMT
server
nginx/1.13.9
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 6658 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66761
cf-polished
origFmt=png, origSize=12441
x-guploader-uploadid
ADPycdsrCDiRWTcUB7xrSLg5537ED4tW1ashZltX_OSDkisGZrYiC5Qifp0ek6XLXAoCsmC4NA6w85PTh9uQyZi2GwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5676
last-modified
Wed, 22 Jan 2020 13:02:46 GMT
server
cloudflare
etag
"db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqRy9Dn6c3rdO6LQWcNPFE0sW5fdKb9BOKy%2Bqsr7g%2BVDjP%2FkVaWg4znUijJZFNx7WHP98N0909KqhIgxKtHqf6MMEbuZ6pf69Ll%2F6BP5uxA62J9kggWUWwOHe3sNbnCLC1pg%2Bo8PaK3xnbZU"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698166841638
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12441
accept-ranges
bytes
cf-ray
6ab82ca2498a5b98-FRA
cf-bgj
imgq:85,h2pri
9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 6658 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74516
cf-polished
qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid
ADPycduXp7mVLUcRinaW5MZh1S9-Jo89p4vcbphEnox7nCW3YD6R0cvEu2PxmCOPMP_FjsiMzgCT_ZWa_tbplu2jVCw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38376
last-modified
Tue, 30 Jun 2020 10:59:41 GMT
server
cloudflare
etag
"9a6735ce88738411b521c572479825a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF7x52720FoQCWeQzJGMI7HIhy8%2B10%2Fppzf6r7FXLqVpeiry73dLShHc0d%2FW1d7Ad6kDM0p%2FKsaXUjT6JdHc%2Fgn6uOwfo8VipmIisOG05aGaFsDrxqXOV9VQB3yjAuGSzxEK9o9BqwbEuT4n"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593514781204583
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
98417
accept-ranges
bytes
cf-ray
6ab82ca2498c5b98-FRA
cf-bgj
imgq:85,h2pri
view
t.adcell.com/p/ Frame 6658 		42 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneidqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
strict-transport-security
max-age=15768000
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 6658 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65976
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdsfyZ7TDwK2_ogVJC0crpi2_x098pUJRtsB7mqY34bKzxWpoxnZMeFKzXNQb04ie4JjNqxcpdkNpDAEU1dys60
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDbyt2PVFRSeV9s1c7H%2B3pZxpsCysw8nvpHF0uK32A3c%2FAbRIuuBaPKsuFxrE4HIb9wStayiu4pssEqHXcuvxVKiQrivzFBa%2Bbf9fUHCycOQo8rs%2BnpNNxLx2vqx7fz1zhZD%2Bxuf510LbwlJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6ab82ca2498f5b98-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 6658 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2208805
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdt0auuVYXxKcOeI32Nv-fvSJQzYQvFVwatuzPsEZD0eRaq_pBpNbp-MnA5kVrbBdCHt3HyAtodlGclxYmOQ7A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
85737
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAojRSdgVMXeR9pspZbfI6DtGupTGoFfIfFLAH1lXKlpwN9Th4SHmyjD1QnlVm1rIeOfFHieySHMmnxyrP4wqz%2B3JKHltERFofA2wciqWawXaJ2cINQF4KtPEf0Q72hCVDzzRbARGueadvLf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6ab82ca2499c5b98-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 357F 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1108382
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 27 Oct 2021 19:53:29 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6ab82ca2397c5b98-FRA
cf-bgj
minify
D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 357F 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69120
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdsFPSu4ps8ob4R3nCQTZFRR3JOzVssSMJVnIwLJzfvP2u8-YsEnQSPxCCyEQHzVJ8SFsi1h-bjd4sLVdhdTzrDRx5hvPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6390
last-modified
Wed, 18 Aug 2021 10:34:33 GMT
server
cloudflare
etag
"26c84ef9c719f5cf615a799a8667d2e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpjEUPmY%2BjtbUDbomk5MBWxHmF%2FPgckIqGCTN%2BKQ4GRv%2BTKHWNwPXrCqeNGKTJ1RE5REhU4SabhXy8StpKcQeCTByQ6obSa8cuTA%2BQ2k14wrYwLvyaKZqI64Bun5wn8RFsvOng1L6sKwklWF"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1629282873725600
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6ab82ca2397d5b98-FRA
cf-bgj
imgq:85,h2pri
8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 357F 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70223
cf-polished
qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid
ADPycdufFQRo7ZOoOjMxoIWoiO4BGSoBB6Rc_TMq36PeGz13kod-IojlsdOKpsM00xPtGtNWFPGzS27nrvdOCaU9U1wXkS74HA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28448
last-modified
Tue, 03 Aug 2021 12:47:14 GMT
server
cloudflare
etag
"6d92776609fcae3d35627b3987f9b1e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24UFhLCZlQawHH%2BfE19uuxSAdNghqeV6Hg7YVssqKnQG%2F%2BkocMu1MHm2OOJnLJ7RMsT63GqwdtR61sDbh3iHiaBvJ2ZMBGjbWkMlerpK1XzZMeWCB5h8BaasN9ukfm1F3xV7uvvQAhXPHmdm"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1627994834652806
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
82379
accept-ranges
bytes
cf-ray
6ab82ca249a05b98-FRA
cf-bgj
imgq:85,h2pri
tsv
neso.r.niwepa.com/ts/i5542019/ Frame 357F 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.187.117.15 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
15.117.187.35.bc.googleusercontent.com
Software
nginx/1.13.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
last-modified
Tue, 09 Nov 2021 15:46:31 GMT
server
nginx/1.13.9
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 357F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=hBHCMA==, md5=23TE0/JCZhnuq3Ni+PjppA==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66761
cf-polished
origFmt=png, origSize=12441
x-guploader-uploadid
ADPycdsrCDiRWTcUB7xrSLg5537ED4tW1ashZltX_OSDkisGZrYiC5Qifp0ek6XLXAoCsmC4NA6w85PTh9uQyZi2GwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5676
last-modified
Wed, 22 Jan 2020 13:02:46 GMT
server
cloudflare
etag
"db74c4d3f2426619eeab7362f8f8e9a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhCl%2BRcJn%2Br9oz6%2F1%2FDfcT%2Fb6eZznzSQ25PYBWwpe3nM0KLUGTWsjd0brHdg4WrnWf8t7PHKmMqAjWefw%2BqUoCXYx1xIHFyI4vK%2BY%2ButK6Epe65jt9nQC%2Bu0plLM3NrZtRMOxk7kciwDMdJH"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698166841638
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12441
accept-ranges
bytes
cf-ray
6ab82ca249a25b98-FRA
cf-bgj
imgq:85,h2pri
9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 357F 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=limNHA==, md5=mmc1zohzhBG1IcVyR5glog==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74516
cf-polished
qual=85, origFmt=jpeg, origSize=98417
x-guploader-uploadid
ADPycduXp7mVLUcRinaW5MZh1S9-Jo89p4vcbphEnox7nCW3YD6R0cvEu2PxmCOPMP_FjsiMzgCT_ZWa_tbplu2jVCw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38376
last-modified
Tue, 30 Jun 2020 10:59:41 GMT
server
cloudflare
etag
"9a6735ce88738411b521c572479825a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZ4LBoTtg3p5VbkpTV559HOyKZNfKJfePyshzh6h4cyGpWKOv93D%2F2i%2Fp0dMjEFcqjoL%2Biq5Um%2F49eUKTDe0%2FLsJ5NJreBFsNEXNI3NffMEgLMWcTdAsKKTV3h5muL%2BTrVltZpv9CbMzgBTq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593514781204583
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
98417
accept-ranges
bytes
cf-ray
6ab82ca249a45b98-FRA
cf-bgj
imgq:85,h2pri
view
t.adcell.com/p/ Frame 357F 		42 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneidqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
myracloud
strict-transport-security
max-age=15768000
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
expires
Sat, 11 Jan 2003 12:59:00 GMT
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 357F 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65976
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdsfyZ7TDwK2_ogVJC0crpi2_x098pUJRtsB7mqY34bKzxWpoxnZMeFKzXNQb04ie4JjNqxcpdkNpDAEU1dys60
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmHgoJ1oOCn8wXmzjy7NjBJ3RdZBGkU0v7elJGHCrodR6Na2iavnN6%2F2VXBA%2FlBoUop%2B1VmkzJoQHRAv7uVRUJrVo2xnnrJyPK7ZRUVyTD4r2XW7RsQKIyGC0WgWORfGFMFfVzpS351Oc6Jo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6ab82ca249a55b98-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 357F 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Tue, 09 Nov 2021 15:46:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2208805
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdt0auuVYXxKcOeI32Nv-fvSJQzYQvFVwatuzPsEZD0eRaq_pBpNbp-MnA5kVrbBdCHt3HyAtodlGclxYmOQ7A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
85737
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GndVUxajpDLNR17Q063oD9qcVkUvDdimmlX5IjWCPjK2AZesSatclLIcxQnNO9xs8qR2USWXio9DspGBqHQ1csbrjPXwydjDkNLjS7%2B%2FFdupzLFZbGENRGJhw0J9NTKSmwS%2F5uc2flgpHqPZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Wed, 10 Nov 2021 15:46:31 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6ab82ca249a75b98-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 357F 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
234ebc6d88e1ad29282ee9b9751fd85ac21c7c5e2ba24e3caad3e7a0e6fa7212

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Last-Modified
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1438
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 6658 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
bbf048cffadb2648cadafc60bd1030ba3fa1387aa3fdce91e1ed247bc34db85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Last-Modified
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1346
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5147
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAvRPHe2jwzY8a6kWBQCoCg&google_cver=1&google_push=AYg5qPKgD4ExtGMzo-Hgz5BBHbL3l0v5qaqcQSHcZvpPGgz330MuMGZ3UR...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKgD4ExtGMzo-Hgz5BBHbL3l0v5qaqcQSHcZvpPGgz330MuMGZ3URk7Bo2ClbWiFhlMNIDvJf2fA9lbSlENjfrDZkeXTfw&google_hm=f39utwQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKgD4ExtGMzo-Hgz5BBHbL3l0v5qaqcQSHcZvpPGgz330MuMGZ3URk7Bo2ClbWiFhlMNIDvJf2fA9lbSlENjfrDZkeXTfw&google_hm=f39utwQ8uhBInQsELIpnuw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKgD4ExtGMzo-Hgz5BBHbL3l0v5qaqcQSHcZvpPGgz330MuMGZ3URk7Bo2ClbWiFhlMNIDvJf2fA9lbSlENjfrDZkeXTfw&google_hm=f39utwQ8uhBInQsELIpnuw
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5147
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKgcUnXTi9x4DqcALFJUs_X081zgk0HM-vBklY...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCYk9VN25KUA&google_push=AYg5qPKgcUnXTi9x4DqcALFJUs_X081zgk0HM-vBklY-j8Sfo-9Halq62fs9GVIvNTGmzjRMaaEQ3i8uF1fdt3wxC9HrBh7GpnM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCYk9VN25KUA&google_push=AYg5qPKgcUnXTi9x4DqcALFJUs_X081zgk0HM-vBklY-j8Sfo-9Halq62fs9GVIvNTGmzjRMaaEQ3i8uF1fdt3wxC9HrBh7GpnM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCYk9VN25KUA&google_push=AYg5qPKgcUnXTi9x4DqcALFJUs_X081zgk0HM-vBklY-j8Sfo-9Halq62fs9GVIvNTGmzjRMaaEQ3i8uF1fdt3wxC9HrBh7GpnM
Date
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 5147
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIvkj-vS6HMKP-ZGe9YEgDo&google_cver=1&google_push=AYg5qPKyx5sFONGxa4Ad3idtG6vWW3Xa8bR8wwdRXWxIKFVeQayN7OWtI7iODbCVKBMvCy3l88JI60YJ2CjKpnyPav9x46AQ3w
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyx5sFONGxa4Ad3idtG6vWW3Xa8bR8wwdRXWxIKFVeQayN7OWtI7iODbCVKBMvCy3l88JI60YJ2CjKpnyPav9x46AQ3w&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyx5sFONGxa4Ad3idtG6vWW3Xa8bR8wwdRXWxIKFVeQayN7OWtI7iODbCVKBMvCy3l88JI60YJ2CjKpnyPav9x46AQ3w&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKyx5sFONGxa4Ad3idtG6vWW3Xa8bR8wwdRXWxIKFVeQayN7OWtI7iODbCVKBMvCy3l88JI60YJ2CjKpnyPav9x46AQ3w&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
s6f1hf21d65s96j48r723261vrhbf8cv
pixel
cm.g.doubleclick.net/ Frame 5147
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLwH3lpfX6tDKUudWe0uL3pFZ-F5lQrMAWMQVRVllbEfLjNk6wBQlDmND_ynE9fGJhyPVTPrGEV9aSmIksP_qxs94bZAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLwH3lpfX6tDKUudWe0uL3pFZ-F5lQrMAWMQVRVllbEfLjNk6wBQlDmND_ynE9fGJhyPVTPrGEV9aSmIksP_qxs94bZAw
date
Tue, 09 Nov 2021 15:46:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5147
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMkKNtNiMoEsDanrPD90M8U&google_cver=1&google_push=AYg5qPLNHdqnjciETwxqKQH7eLy90HcZcXsgZMdxfRniP0dn6q018dbe_IwxkRVvYZ-A8sz3Idi...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPLNHdqnjciETwxqKQH7eLy90HcZcXsgZMdxfRniP0dn6q018dbe_IwxkRVvYZ-A8sz3IdiaFnPsZBVbH5GgTUMdawo0g2c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPLNHdqnjciETwxqKQH7eLy90HcZcXsgZMdxfRniP0dn6q018dbe_IwxkRVvYZ-A8sz3IdiaFnPsZBVbH5GgTUMdawo0g2c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPLNHdqnjciETwxqKQH7eLy90HcZcXsgZMdxfRniP0dn6q018dbe_IwxkRVvYZ-A8sz3IdiaFnPsZBVbH5GgTUMdawo0g2c
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5147
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXa...
0
0
pixel
cm.g.doubleclick.net/ Frame 5147
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAU2_VBwxT3TeQkGpjWNuTM&google_cver=1&google_push=AYg5qPI-1spBEIi-UlO3lHit...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI-1spBEIi-UlO3lHitW9cgn4TTRcwjNWPKZuKKoN0o9b2n3IIFVO91WSrh772zLMCyFTeah-aenf9uC3KPxHt_jtUgJ2li&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI-1spBEIi-UlO3lHitW9cgn4TTRcwjNWPKZuKKoN0o9b2n3IIFVO91WSrh772zLMCyFTeah-aenf9uC3KPxHt_jtUgJ2li&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI-1spBEIi-UlO3lHitW9cgn4TTRcwjNWPKZuKKoN0o9b2n3IIFVO91WSrh772zLMCyFTeah-aenf9uC3KPxHt_jtUgJ2li&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 08 Nov 2021 15:46:31 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5147 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KH7qeU8Hwu0i28Oo5nmsdzAu9lzuouN8kwtvYUOJr7e8ykRM-GUqlqnn7sZlauN6TawYmZCw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=3173046726&pi=t.ma~as.7077012612&w=336&psa=0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790103&bpp=5&bdt=826&idt=444&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=1303749730.1636472791&ga_sid=1636472791&ga_hid=1270678663&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1064&ady=255&biw=1600&bih=1200&isw=336&ish=280&ifk=1585687901&scr_x=0&scr_y=0&eid=31062937%2C31063361&oid=2&pvsid=2866612404525817&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.umury66d96w8&fsb=1&dtd=508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4B70
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAvRPHe2jwzY8a6kWBQCoCg&google_cver=1&google_push=AYg5qPK9mSjxw89hDCdIL7hsYmvHwbnZ3_M8iO2X4DK-pweDdeHAQNSW-U...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK9mSjxw89hDCdIL7hsYmvHwbnZ3_M8iO2X4DK-pweDdeHAQNSW-UDb90qNmRtNCYP9BtHuJoDx2Ro_x2JvkfJJrXgu4K77&google_hm=f39utw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK9mSjxw89hDCdIL7hsYmvHwbnZ3_M8iO2X4DK-pweDdeHAQNSW-UDb90qNmRtNCYP9BtHuJoDx2Ro_x2JvkfJJrXgu4K77&google_hm=f39utwQ8uhBInQsELIpnuw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK9mSjxw89hDCdIL7hsYmvHwbnZ3_M8iO2X4DK-pweDdeHAQNSW-UDb90qNmRtNCYP9BtHuJoDx2Ro_x2JvkfJJrXgu4K77&google_hm=f39utwQ8uhBInQsELIpnuw
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B70
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJbpXb2gcbKL8ZKa6dBxssUOkoz8W1fhXi8lzc...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCTnR6TFdmQA&google_push=AYg5qPJbpXb2gcbKL8ZKa6dBxssUOkoz8W1fhXi8lzcTrnuulKR2E4eDxdKEQDz-MBIpqD6idtrl34hJgCSJOWRd52dps0H8sR-Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCTnR6TFdmQA&google_push=AYg5qPJbpXb2gcbKL8ZKa6dBxssUOkoz8W1fhXi8lzcTrnuulKR2E4eDxdKEQDz-MBIpqD6idtrl34hJgCSJOWRd52dps0H8sR-Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlxWDF3QUFCTnR6TFdmQA&google_push=AYg5qPJbpXb2gcbKL8ZKa6dBxssUOkoz8W1fhXi8lzcTrnuulKR2E4eDxdKEQDz-MBIpqD6idtrl34hJgCSJOWRd52dps0H8sR-Y
Date
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 4B70
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIvkj-vS6HMKP-ZGe9YEgDo&google_cver=1&google_push=AYg5qPIjgEtQfiaJ6OljTidlC-Z1kORY-tJ2YcVoTbo55Ape-TO_Q5Mi5amDvSYNIhZotQ6RfjXPKBpq0AFBjZ592dyegPzMoSwb
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjgEtQfiaJ6OljTidlC-Z1kORY-tJ2YcVoTbo55Ape-TO_Q5Mi5amDvSYNIhZotQ6RfjXPKBpq0AFBjZ592dyegPzMoSwb&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjgEtQfiaJ6OljTidlC-Z1kORY-tJ2YcVoTbo55Ape-TO_Q5Mi5amDvSYNIhZotQ6RfjXPKBpq0AFBjZ592dyegPzMoSwb&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIjgEtQfiaJ6OljTidlC-Z1kORY-tJ2YcVoTbo55Ape-TO_Q5Mi5amDvSYNIhZotQ6RfjXPKBpq0AFBjZ592dyegPzMoSwb&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
e1m9pttur3uh8dkosblpp1pbtvfrr1si
pixel
cm.g.doubleclick.net/ Frame 4B70
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI24X890z3D-uOZKdOzUj33xYSHxH0JQwarDpaQs1PifMG1M_6kE50i0FiDXgFMhnF-SQ02HtmlXM4ArcWLGXYvtDaslfp7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI24X890z3D-uOZKdOzUj33xYSHxH0JQwarDpaQs1PifMG1M_6kE50i0FiDXgFMhnF-SQ02HtmlXM4ArcWLGXYvtDaslfp7
date
Tue, 09 Nov 2021 15:46:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4B70
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMkKNtNiMoEsDanrPD90M8U&google_cver=1&google_push=AYg5qPKRwUA6GLulxv0Qnv-J94jUvHcyZiatrpXh8v8DcKcDFQLO_-Xw0DVgNeDXZ9lHXjJAonV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPKRwUA6GLulxv0Qnv-J94jUvHcyZiatrpXh8v8DcKcDFQLO_-Xw0DVgNeDXZ9lHXjJAonVpVnq2Th_tpsEiBecRHfDb5Ev6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPKRwUA6GLulxv0Qnv-J94jUvHcyZiatrpXh8v8DcKcDFQLO_-Xw0DVgNeDXZ9lHXjJAonVpVnq2Th_tpsEiBecRHfDb5Ev6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ&google_push=AYg5qPKRwUA6GLulxv0Qnv-J94jUvHcyZiatrpXh8v8DcKcDFQLO_-Xw0DVgNeDXZ9lHXjJAonVpVnq2Th_tpsEiBecRHfDb5Ev6
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4B70
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwn...
0
0
trk
ag.innovid.com/ Frame 4B70 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEB0TjOA9IkOFUYvvBf5w6os&google_cver=1&google_push=AYg5qPLLOaPZyyzJUelVOSoR_DvZ6Gk5zE5jPsrTu3UT6YnQHHd3OU37lhqHI3AWrWT-58wVLlUZy8j0ypSCvDGZzDro-ST8nt4m
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:f976:bfd0:751d:6023 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4B70 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLossQ1vgF6HZIR4DnAiwuJ4H33jKpzU1j7Vep_j8wjSWrqllSifwVRutTFeDeIHKw4QET
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=3173046725&pi=t.ma~as.2376748102&w=300&psa=0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636472790069&bpp=8&bdt=760&idt=468&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&cookie=ID%3D4a11c6759f2f0ed1-222432c539cb001e%3AT%3D1636472788%3AS%3DALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA&correlator=8272510522240&frm=23&ife=4&pv=1&ga_vid=2069912082.1636472791&ga_sid=1636472791&ga_hid=708896477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1082&ady=1552&biw=1600&bih=1200&isw=300&ish=250&ifk=1963043851&scr_x=0&scr_y=0&eid=44748553&oid=2&pvsid=842315337623768&pem=526&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ofmo6xi20dt&btvi=1&fsb=1&dtd=495
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame 357F 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 11:05:39 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
16853
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
51794
x-amz-cf-id
bZi5TG8IHxTWtnwVzPtYVbUlBvArrOjkWPe1mgqJzeT31q-OuYL1ew==
link.html
track.webgains.com/ Frame 357F 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidGEzhBfpfkXRs1CeHGtPtpPDTZSYTDcEoneid__asuidKMgnd94HoOVBYWRR8kFKCG0aDk6alLnQasuid__adf_Netmix_Reach10_Mweb&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=4bd770d24994e9c65084ba4f5dba1444%2F13861906992941938421&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791322&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hafrg1x1asc82j0n2tc73w099vs9kxcy3mtp2cg0rw7hbe0gjve425jc6w1w3fqm6a6xj37k34077b29949febb09mfxgxzek5gmwfydgcxh5e7gk34g5hmevtvmmy80x8ebv7ywf73js56g93zr08papg2n0e0h6hvmrt20rvca132d0zepm9g7dyqcmbgrvgkmjngxa1npffc3189v5b28sft5fv65zt1j8ye3cbcmk0qa9esexr9h7h1tfhb1ma48anh48rafvmbnczg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvQGA1peKYeC-N_2V1fAPvoOKuAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCZ8rGjYRysz6oAwGqBPEBT9CSFPwffxp9MbY0KwJkRP7KFevAiHUIrW0s54u66IniOb38LKsLAM1sdO7Ij8DJ67A-6sltt4mYNfu0K6Z5w3VspZ3QQx19Fn3N9oTEKcMu6Mdd93uGG5xnRD-2svD3Ta9w0Zm5tnuN25der6oEWiDEEO2LY2g1iq4P9IFLVA8fL44F8hs-kgzS7xpsrERFGHeToQEb9YxUZm2ExmrAzhUAH2duxfusPPyEUT7MAuUvdZ5tdNb5CgB2B5CTLsGRCbhL_0BsC5YZe9fe2CUYAkHJXQwe4k9CaiyLFYomBG6kJZh2VYspBXrluGDuKqLFMIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qOQkC_Aq51GU7Xm0ppNIaGuh49A%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Last-Modified
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1915 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuC7ir9fQGdrB5LsG4BoX65dSbr8PD-UCJstvEgJdhd-mdXn3_yCDBpCjzFy0wEGVmO-YY9pZMynzzgLSkCKYHwyMNrR_ZFoOFkRnmTJmQRLyc0qULC&sig=Cg0ArKJSzFoIIVrqawbhEAE&id=lidar2&mcvt=1000&p=255,1064,535,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1414505084&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636472789276&rpt=1320&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 6658 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSWoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhRoneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-61.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 11:05:39 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
16853
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
51794
x-amz-cf-id
B_Yz_SGiAzCT5K3RcTVRaxh1HLSKyUIVlrmvKLnZXrwPybrGoGYXQg==
link.html
track.webgains.com/ Frame 6658 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid86EHDf8fKRWagHJHEtxtkr3hGSwT8jFkoneid__reach_adf03netmixsis&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C765%2C24673&b=5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1%2CqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3%2CkMQH5fM3F9d1f4HwHetBtV8GukTjT9zhR&f=pVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE%2CR5Xfgf6QFW8ukHwH3tzCw1eawTzT7gs7%2Cz4pFRfEYabqxtpHBHMtJCzX4sJTwTrkSW&c=300&d=250&e=Z-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuC&g=490d949d38d830215c79e34184c0949e%2F11709887378973871968&i=65236%2C1676%2C20430&j=52%2C4%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1636472791323&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jj1fav5deq804vc2nfb9qegfrhkr7xdpstregt3hzza5b41dfsccrwnvdtkpak86ssr2yv13gxwg25zmr38ya2c5g2e8p1vkcxzspst9v9dfz0kw2kzxjvxzmpxv2xt448ct4n4r334g2c0v9cx6xteycy8xcpjmzkha3ghvz06029ebha8wq15rax38tdmpa8d8xkembp2p7kv9e6z15dyx1kvk43hg70qvefb6s98m4fhmvqzgt9k0tqj5qgfg8w2k6fvgv0gq2d4th10%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6ABs1peKYbODOtrJ1fAPzNCd2AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NTAwNTkzMjM2NzA3MzI1oAHCrujdA8gBCakCP1ovDZ5tsz6oAwGqBOsBT9AB_c21nuWbZHOFKloH8c8_cbA14wjPXGsjLZ5bE14jxlyx5z9U7zzmkwFLDvFezNB2TCmvHUVKhEYeu9jdOhlrnRI7BQXz8sZickO1S6B1W5hkI5gRW0zRpwVr1stBrKGLTSsuNeKww1B0EKnajW8TdStOav_yP_SHRx6bGx4Zy1SN6jhZ35dz-hWtyeJ3ZJbuI5q7j_iG2VSqK0BFR8LOtfBCJs3qi1m3BpDj2-lf-X25gOb5JtsACegXGG05VZfKsBxzzgVXE69OvOR8gZEusEYTtDjv8OOcUsNsAJmYeD33AvFPd9Bz8YAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3dSIbPzkypUBlRmhJI8E5SNG1dQw%252526client%25253Dca-pub-7500593236707325%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:31 GMT
Last-Modified
Tue, 09 Nov 2021 15:46:31 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 38CA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 09 Nov 2021 15:40:48 GMT
expires
Wed, 09 Nov 2022 15:40:48 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7091 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
40f491511ff88328ae5b6c543d8168b4f56c8d33eff3f5796d223fbfc50a6755
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YiUXhScdXVuyFWQzjNvjDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 15:46:31 GMT
date
Tue, 09 Nov 2021 15:46:31 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-YiUXhScdXVuyFWQzjNvjDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1C47 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 09 Nov 2021 15:40:48 GMT
expires
Wed, 09 Nov 2022 15:40:48 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 287B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d245062904454fb96fc264e624502420ddf8f3054aa4f6a0a9b1a8fc707eb7e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lm1TF9GC0Kl04D49KUFhvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 15:46:31 GMT
date
Tue, 09 Nov 2021 15:46:31 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-lm1TF9GC0Kl04D49KUFhvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking-event
api.webgains.io/ Frame 86B9 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 6658 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 357F 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
abt
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
pagead2.googlesyndication.com/bg/ Frame 38CA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:26:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 14:26:38 GMT
lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
pagead2.googlesyndication.com/bg/ Frame 1C47 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:26:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 14:26:38 GMT
id
id.sharedid.org/ Frame 1230 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.218.247.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-218-247-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5C28 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=50093
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Tue, 09 Nov 2021 15:46:33 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 1936 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4067 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 10 Nov 2021 15:46:35 GMT
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8B9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 10 Nov 2021 15:46:35 GMT
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8518 		668 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
06ef3b7a33213709cad19a439d33e4333628d0bd64a3315b8b8153e8ed535280

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 09 Nov 2021 15:46:33 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 59C4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 408E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=50093
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Tue, 09 Nov 2021 15:46:33 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1185 		668 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
06ef3b7a33213709cad19a439d33e4333628d0bd64a3315b8b8153e8ed535280

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 09 Nov 2021 15:46:33 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
ups.analytics.yahoo.com/ups/57304/ Frame 1230
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzNmIzMTM2Yi00MTc0LTExZWMtOGUzNi0wMjllOTM1MWQ2OGM%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEA09wpR9CNiL-IR9kcx_GOY&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEA09wpR9CNiL-IR9kcx_GOY&google_cver=1&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEA09wpR9CNiL-IR9kcx_GOY&google_cver=1&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEA09wpR9CNiL-IR9kcx_GOY&google_cver=1&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
date
Tue, 09 Nov 2021 15:46:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55986/ Frame 1230
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YYqX2QADShkyxwAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYqX2QADShkyxwAz
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYqX2QADShkyxwAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYqX2QADShkyxwAz&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYqX2QADShkyxwAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYqX2QADShkyxwAz&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YYqX2QADShkyxwAz&_origin=0&gdpr=0&gdpr_consent=&_test=YYqX2QADShkyxwAz&apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
date
Tue, 09 Nov 2021 15:46:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 1230
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sd
eu-u.openx.net/w/1.0/ Frame 8518
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3211618a-97d9-4600-9dd1-8d6fea8cbe79
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3211618a-97d9-4600-9dd1-8d6fea8cbe79
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3211618a-97d9-4600-9dd1-8d6fea8cbe79
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 15:46:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 8518
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 8518
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5946305227674196105
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5946305227674196105
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5946305227674196105
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 8518 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=42963d4c-961f-7387-c56e-23ab0b7f324f&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8518 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmVmOWVlODYtNWY2OC0yZDIzLWQwOGUtNzkxMmMxOWRmYzJm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8518
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1185
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5939618a-97d9-4a00-ac93-2a24e1f8666b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5939618a-97d9-4a00-ac93-2a24e1f8666b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5939618a-97d9-4a00-ac93-2a24e1f8666b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 15:46:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 1185
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=K17zKSRYr3swC_4qKgvmLHxY-i4wDqgrfgoaigG4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1185
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7131616832889707207
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7131616832889707207
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7131616832889707207
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 1185 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=42963d4c-961f-7387-c56e-23ab0b7f324f&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1185 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmVmOWVlODYtNWY2OC0yZDIzLWQwOGUtNzkxMmMxOWRmYzJm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1185
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEICezP4fMd0WJsxBwkgwdbY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame D439 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d161b7fb6e8f42456905b11bd152eefb9b1bc3adae6c2789fcf8726c6d8f63ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|39|230|88|195|105|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1714
Expires
Tue, 09 Nov 2021 15:46:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 4C42 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
074766a156eb539f7e32b172d7c7b86793f9dbba1954000c850eebf0b899a911

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|47|65|188|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1700
Expires
Tue, 09 Nov 2021 15:46:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame 4067 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c0e7ff0d-2714-45f2-9ef9-65046cb67e8e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8B9C 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fcc713d2-fac4-48ae-827e-8fb31d0386c4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5C28 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78312141&p=156858&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
408dc95a3083c60c4372f1fa120fa0f6cfff36e69feb6079a2178d6de5c0dcdf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1810
content-type
text/html; charset=UTF-8
dcm
s.amazon-adsystem.com/ Frame 4C42
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JPDSJ3JGA9T2WTVVCBJS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0V3VXVVSD8VEA86PJJTZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4C42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4C42 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4C42
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYqX1-PcBeXTIIB28AFvTgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4C42
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YASmVhiC1MKtkt5&gdpr=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YASmVhiC1MKtkt5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:32 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YASmVhiC1MKtkt5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 4C42
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559193&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559193&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559193&gdpr=1
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
CookieIndex
rtb.adentifi.com/ Frame 4C42 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.101.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-101-239.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4C42 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4C42 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYqX1-PcBeXTIIB28AFvTgAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2056
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 16:20:49 GMT
crum
dsum-sec.casalemedia.com/ Frame D439
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYqX1-PcBeXTIIB28AFvTgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTbqo_rGUEJdvyAtH0kK_w&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D439
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KPT77XNE4F9V7ETTR86A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FZ5SCPKG9BFZH8DMRCQ4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame D439 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame D439
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YYqX2QADSdA1_wAz
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYqX2QADSdA1_wAz&gdpr=1&_test=YYqX2QADSdA1_wAz
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYqX2QADSdA1_wAz&gdpr=1&_test=YYqX2QADSdA1_wAz
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636472793.354933,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYqX2QADSdA1_wAz&gdpr=1&_test=YYqX2QADSdA1_wAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame D439
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5172cfa-24a3-4692-ac1b-28a8d4ff294c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5172cfa-24a3-4692-ac1b-28a8d4ff294c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e5172cfa-24a3-4692-ac1b-28a8d4ff294c
date
Tue, 09 Nov 2021 15:46:33 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame D439
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 09 Nov 2021 15:46:33 GMT
server
nginx/1.20.0
content-length
76
ix
ad4m.at/ad/sim/ Frame D439 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame D439 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYqX1-PcBeXTIIB28AFvTgAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2056
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 16:20:49 GMT
match
c1.adform.net/serving/cookie/ Frame 09C9 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=502FA0C1-CAC5-4BEE-A99D-DBA3F6E1253D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 15:46:33 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 1027
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1853969869881666058
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1853969869881666058
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 09 Nov 2021 15:46:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug010:0:351
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1853969869881666058
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame CB23 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 09 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
357522
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5C28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UC-gwcrFS-6pnduj9uElPQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=50093
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 10 Nov 2021 05:41:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5C28
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3211618a-97d9-4600-9dd1-8d6fea8cbe79
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3211618a-97d9-4600-9dd1-8d6fea8cbe79
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3211618a-97d9-4600-9dd1-8d6fea8cbe79
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 15:46:32 GMT
mw
mwzeom.zeotap.com/ Frame 5C28
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=502FA0C1-CAC5-4BEE-A99D-DBA3F6E1253D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4df140726466dc9e0d81808a42ead34
  • https://spl.zeotap.com/?zdid=1332&zcluid=0dced6813be2d8b8
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d31fe3fb-bd14-4d30-6561-a38480b37ce0&reqId=e0c6c2c8-334b-48fd-76a0-2b201e993aef&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENCa2TdsOSyn3Tp85eWMCus&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d31fe3fb-bd14-4d30-6561-a38480b37ce0&reqId=e0c6c2c8-334b-48fd-76a0-2b2...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESENCa2TdsOSyn3Tp85eWMCus&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d31fe3fb-bd14-4d30-6561-a38480b37ce0&reqId=e0c6c2c8-334b-48fd-76a0-2b201e993aef&zcluid=0dced6813be2d8b8&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6ab82cb1ad50695b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESENCa2TdsOSyn3Tp85eWMCus&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=d31fe3fb-bd14-4d30-6561-a38480b37ce0&reqId=e0c6c2c8-334b-48fd-76a0-2b201e993aef&zcluid=0dced6813be2d8b8&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5C28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTAyRkEwQzEtQ0FDNS00QkVFLUE5OUQtREJBM0Y2RTEyNTNE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:576
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5C28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL8hsv206vnxAMHP4QrX51c&google_cver=1
42 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL8hsv206vnxAMHP4QrX51c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:447
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEL8hsv206vnxAMHP4QrX51c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5C28 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 08 Nov 2021 15:46:33 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5C28
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
42 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:313
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 15:46:32 GMT
truncated
/ Frame 3BC4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffbb9f971ad01196bd12b2dfe196164919f9afc0840809345a57515edc8d757b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B614 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjN6Z4gKfdya2EovIGFhV1UDa4dhJGlWtRLRweLRMnYgomOE6iUkyvTUhLaVa2yfCtzpgGlCdXPE7QnAs_qQaRbJSzPJM2eOSSgsTEQf-s6kxnRM0kUjWOJN-5yuDbMO3pZeoySHtLzOkEGrTAOBoQdhbmP71fy4fCSW1_SyQuHv7MivOou4sJkOkqVZ-v4-ZTevNsGLcYM0sCLK9ufEfUA0FCueulWMAj6rIarBSHpS-OobaU4iaXbG65PhJ9VO62c7BKrtmjtQy1nqxdYElsmAqDRxe-Yxlqmrq3TTnUxvPmu2eKp9cUM8HzosuwCtAQfpk9bc4&sai=AMfl-YS_oYLHM3sYsMOXyDzhB9mDxDxqFdHYTiSWpHVzxmARgVymh6KNAbrLk15-3JrwEtHQasGymFWcjZUbtbePU7c6XabDf4YLlhqvI8Jhm4nWzs-rD3LkBvyb3OTrbQA&sig=Cg0ArKJSzFhhgRStn-a5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 09 Nov 2021 15:46:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B614 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7500593236707325&plah=threatpost.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
09c18ba0c5c3c60ae32b026bc76e6ce38b2a7958db0ac914cb04170a350240a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9348
x-xss-protection
0
truncated
/ Frame A8B8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5fe83ce0baca21e55adaadccced1011736de94ff8911a06e4aa88af1c0f73ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
async_usersync.html
acdn.adnxs.com/dmp/ Frame D685 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 10 Nov 2021 15:46:35 GMT
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 7B73
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
07fbd48d7d9cd10ec4ed0f70ba8ce6932893731fc0cb0238a5ece87836300923

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
content-type
text/html; charset=utf-8
content-length
464
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 09 Nov 2021 15:46:33 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF7E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=50093
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Tue, 09 Nov 2021 15:46:33 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 17EE 		542 B
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
65156bcaa1fe980eb789f475e5cd487e57937a4da06bd8dfaaf1bb26022ab779

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 09 Nov 2021 15:46:33 GMT
content-type
text/html
content-length
340
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame A7A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
sync.html
public.servenobid.com/ Frame A0CD 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Mon, 08 Nov 2021 19:40:02 GMT
accept-ranges
bytes
etag
"1484c6be7981ef2d93457ae1b8222f04"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
HswxSxHTE0AR0rcud1T76gDEit9NcfWEXTeDGSHiPFyjXkZUnOojK8bLMjQjNnxLji700DhYZ5g=
x-amz-request-id
WPH209T98XBJMM0M
x-amz-meta-codebuild-content-sha256
62eaff6ee8ff549c0050f611ee47c040b5383016dfbf921a2d194f6354569f2b
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:d8405d4a-5b5c-467c-aa1e-ad154dcb077c
x-amz-meta-codebuild-content-md5
81217ffa8e68730be30130a20e0871d1
x-azure-ref-originshield
03ICKYQAAAACT6WztMa81TZ3KyDGzEfJHQU1TMDRFREdFMTkxMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
02peKYQAAAACcfW66hPjDT712O+70dQF8WlJIRURHRTA2MDkAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Tue, 09 Nov 2021 15:46:33 GMT
2000891.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame EE14
Redirect Chain
  • https://sync.serverbid.com/ss/2000891.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
Keep-Alive
Cache-Control
max-age=79772
Content-Length
4947
Content-Type
text/html
Last-Modified
Wed, 20 Nov 2019 20:29:05 GMT
Accept-Ranges
bytes
etag
"1b0ebac83fe30af80513039edbdf566f"
x-amz-request-id
tx0000000000000227d56cc-00618a7df6-67e7768-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
317
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1636472794.dop248.am5.t,1636472794.cds260.am5.shn,1636472794.dop248.am5.t,1636472794.cds277.am5.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
cache-control
no-cache
beacon
ap.lijit.com/ Frame 81F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13394437
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
nginx
Date
Tue, 09 Nov 2021 15:46:33 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
usync.html
eus.rubiconproject.com/ Frame 67E3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame D685 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
51b9045a-906d-4da0-931f-ae1dfe010240
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 40DE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
474734b277464f83b5452bd98d0ef9f206b3b4551fe49545ad0b5724984985f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|3|206|241|218|64|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1748
Expires
Tue, 09 Nov 2021 15:46:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Connection
keep-alive
truncated
/ Frame 840C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fb159ee711891d78d92f602a952ca1d2947d0c168e1fc8ca38536499309caeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dds
rtb.openx.net/sync/ Frame 17EE
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ncC3cD-ZyqkjGm8c2GYI9Q==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
sol3ju9njhe974mk62qm8ud93v93fmrb

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d6515b08-06b3-e1ce-f4b9-355ef428ff06
pr-bh.ybp.yahoo.com/sync/openx/ Frame 17EE 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/d6515b08-06b3-e1ce-f4b9-355ef428ff06?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
eu-u.openx.net/w/1.0/ Frame 17EE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YASmVhiC1MKtkt5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YASmVhiC1MKtkt5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=YASmVhiC1MKtkt5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 17EE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=90a99e53-a196-46fe-8534-8f6d28d53846&expires=1&user_group=5&ssp=openx&bsw_param=3336b219-a909-468e-896e-472052c0277b
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=3336b219-a909-468e-896e-472052c0277b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=3336b219-a909-468e-896e-472052c0277b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=3336b219-a909-468e-896e-472052c0277b
Date
Tue, 09 Nov 2021 15:46:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 17EE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=833650016440337580
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=833650016440337580
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e7337931-c02c-4693-a482-5c5940e4de40
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=833650016440337580
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 17EE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIRjBFN0RGVEFBQUJxNUNoWnVrZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHF0E7DFTAAABq5ChZukg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHF0E7DFTAAABq5ChZukg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHF0E7DFTAAABq5ChZukg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
HTTP/1.1
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHF0E7DFTAAABq5ChZukg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame 7B73 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 7B73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENpeVfJ_-5poY_MtucosOEQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENpeVfJ_-5poY_MtucosOEQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESENpeVfJ_-5poY_MtucosOEQ&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7B73
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgwMzEwNTcwNDk5NDkzMDUxNjU%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgwMzEwNTcwNDk5NDkzMDUxNjU%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTgwMzEwNTcwNDk5NDkzMDUxNjU%3D
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 7B73 		0
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=18031057049949305165&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
25X7/VXrtRZQzh6aESsAAA==
xuid
eb2.3lift.com/ Frame 7B73
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/18031057049949305165?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vejDtRlE2oRVOV8yzxqIDsBfS5.KX4KNHeCfmFHD1A--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vejDtRlE2oRVOV8yzxqIDsBfS5.KX4KNHeCfmFHD1A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 09 Nov 2021 15:46:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vejDtRlE2oRVOV8yzxqIDsBfS5.KX4KNHeCfmFHD1A--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 7B73 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=18031057049949305165&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.162.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-162-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 7B73 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=18031057049949305165&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 69014EEB1AC4456083CE556B1AD58CE1 Ref B: FRAEDGE1513 Ref C: 2021-11-09T15:46:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 7B73
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=18031057049949305165
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=18031057049949305165&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=18031057049949305165&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V37Y0C1MXMGT0TE0WE2F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=18031057049949305165&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 7B73
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 7B73
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2668862686710124112&dongle=d407
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2668862686710124112&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2668862686710124112&dongle=d407
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
getuid
secure.adnxs.com/ Frame 40DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 40DE 		43 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 40DE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:33 GMT

Redirect headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 09 Nov 2021 15:46:32 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 40DE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame 40DE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WC15WBSVYNF82GPV6FDT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XBBFSW56HC3AN0KXHMJ9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=YYqX1-PcBeXTIIB28AFvTgAA%261113
dpm.demdex.net/ Frame 40DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYqX1-PcBeXTIIB28AFvTgAA%261113?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.192.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-192-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 40DE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639064794
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639064794
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:34 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639064794
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
noop
px.owneriq.net/ Frame 40DE
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6897591931089549114&uid=Q6897591931089549114&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 40DE 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YYqX1-PcBeXTIIB28AFvTgAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://threatpost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2056
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 16:20:49 GMT
usync.js
eus.rubiconproject.com/ Frame 67E3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56375
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Wed, 10 Nov 2021 07:26:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B614 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 09 Nov 2021 15:46:33 GMT
v1
ads.yahoo.com/cms/ Frame 67E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVS9N8MZ-X-LFLP&sigv=1&esig=2~502a62615665fb1e0489a21b4bca3e3f1369cdbd
0
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVS9N8MZ-X-LFLP&sigv=1&esig=2~502a62615665fb1e0489a21b4bca3e3f1369cdbd
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVS9N8MZ-X-LFLP&sigv=1&esig=2~502a62615665fb1e0489a21b4bca3e3f1369cdbd
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 67E3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 67E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDAzZGQ1YzI2ZDg0YzE0YmIxOTRiZWU5YTliNjE2NDdiNmEwMWNiYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDAzZGQ1YzI2ZDg0YzE0YmIxOTRiZWU5YTliNjE2NDdiNmEwMWNiYQ
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDAzZGQ1YzI2ZDg0YzE0YmIxOTRiZWU5YTliNjE2NDdiNmEwMWNiYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 67E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 67E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTOU44TVotWC1MRkxQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 67E3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYqX2QADSdA1_wAz
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYqX2QADSdA1_wAz
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636472794.088851,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYqX2QADSdA1_wAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 67E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFt_qVgSuE2F-Bu3vIOYW-c&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFt_qVgSuE2F-Bu3vIOYW-c&google_cver=1
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFt_qVgSuE2F-Bu3vIOYW-c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 67E3
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5OGO9Z3pXEUppm2aBu-8zw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=851013381327845345
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=851013381327845345
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Tue, 09 Nov 2021 15:46:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=851013381327845345
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
13926
g2.gumgum.com/usync/ Frame C2F6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ba4ee88890449f37c9b1c0a8dc29b0e987bd7db6b26f800d4ecc949693754300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"0d424043f735af648c680015041425a55"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 27A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Tue, 09 Nov 2021 15:46:33 GMT
/
onetag-sys.com/usync/ Frame 25AA 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame C5A7 		687 B
937 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
1224d8b8a4dbd8d8b311ce3cebf1d04708cfcd0ccf17f122355161ca82553fc5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
content-type
text/html
content-length
687
usermatch
ssum-sec.casalemedia.com/ Frame CDEC 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
78721611721c4d732fc10d6806820044186a704532e03af2286f879566e1a64a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
4|130|65|90|191|206|238|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1519
Expires
Tue, 09 Nov 2021 15:46:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
keep-alive
sync
ads.servenobid.com/ Frame A0CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=833650016440337580
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=833650016440337580
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
11f8d677-6555-4c0f-b982-6027e24906c7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=833650016440337580
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame A0CD
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=be2682b451bad70ec5ccb236
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=be2682b451bad70ec5ccb236
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=be2682b451bad70ec5ccb236
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame A0CD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1597645788
  • https://sync.1rx.io/usersync/tradedesk/18f4a789-2be6-4ca5-a9dc-59c68415bbf4
  • https://sync.targeting.unrulymedia.com/csync/RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
date
Tue, 09 Nov 2021 15:46:34 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX148a45fca8bf40069327f7e475218d7d003
content-type
text/html
101954
jadserve.postrelease.com/suid/ Frame A0CD 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.13.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-13-13.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame A0CD
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433821652090395
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433821652090395
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433821652090395
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame A0CD 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame A0CD
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=7556d985-4705-4dd3-98d4-d22294be1646&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=7556d985-4705-4dd3-98d4-d22294be1646&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=7556d985-4705-4dd3-98d4-d22294be1646&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame A0CD
Redirect Chain
  • https://t.adx.opera.com/pub/sync?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D335%26uid%3D
  • https://ads.servenobid.com/sync?operaUid=f36377e1d52b46f6b55086773fb2c92a&pid=335&uid=
0
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?operaUid=f36377e1d52b46f6b55086773fb2c92a&pid=335&uid=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
Tengine
access-control-allow-origin
*
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
location
https://ads.servenobid.com/sync?operaUid=f36377e1d52b46f6b55086773fb2c92a&pid=335&uid=
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
117
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7091 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=842315337623768&rc=
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 287B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=2866612404525817&rc=
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame CDEC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2668862686710124112
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2668862686710124112
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2668862686710124112
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame CDEC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHF0E7DFTAAABq5ChZukg&expiration=1637682394&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHF0E7DFTAAABq5ChZukg&expiration=1637682394&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:34 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHF0E7DFTAAABq5ChZukg&expiration=1637682394&gdpr=1
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum.casalemedia.com/ Frame CDEC
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559194&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559194&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 09 Nov 2021 15:46:34 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636559194&gdpr=1
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
no_match_opted_out
um.simpli.fi/ Frame CDEC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Nov 2021 15:46:34 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Tue, 09 Nov 2021 15:46:34 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 08 Nov 2021 15:46:34 GMT
index
dmp.brand-display.com/cm/api/ Frame CDEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame CDEC 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
461886.gif
idsync.rlcdn.com/ Frame CDEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YYqX1-PcBeXTIIB28AFvTgAA%261113&&gdpr_consent=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
tpid=YYqX1-PcBeXTIIB28AFvTgAA%261113
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame CDEC 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YYqX1-PcBeXTIIB28AFvTgAA%261113?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.217
content-type
image/gif
content-length
49
expires
0
sync
ads.servenobid.com/ Frame CDEC 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
um
cs.emxdgt.com/ Frame 27E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type
text/html
date
Tue, 09 Nov 2021 15:46:33 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame C063
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
uc.html
go.sonobi.com/ Frame BBC6 		43 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.148 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-8
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
cm
gift-connect-d.openx.net/w/1.0/ Frame F31D 		699 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
fc0d091fc39a5c99b48a73a0bf8e5d685cf3b7533465ccad69f99a18c77b29f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
text/html
content-length
445
content-encoding
gzip
via
1.1 google
alt-svc
clear
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6C0F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=50092
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Tue, 09 Nov 2021 15:46:34 GMT
vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame EE14
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=833650016440337580
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=833650016440337580
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6e6af8d4-3293-4f7b-b51e-f9a70f17168c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=833650016440337580
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame EE14
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYqX1-PcBeXTIIB28AFvTgAA%261113
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYqX1-PcBeXTIIB28AFvTgAA%261113
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YYqX1-PcBeXTIIB28AFvTgAA%261113
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Tue, 09 Nov 2021 15:46:34 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame EE14
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=be2682b451bad70ec5ccb236
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=be2682b451bad70ec5ccb236
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-length
0

Redirect headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=be2682b451bad70ec5ccb236
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame EE14 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame EE14
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP36b3136b-4174-11ec-8e36-029e9351d68c
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP36b3136b-4174-11ec-8e36-029e9351d68c
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP36b3136b-4174-11ec-8e36-029e9351d68c
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
H2
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP36b3136b-4174-11ec-8e36-029e9351d68c
date
Tue, 09 Nov 2021 15:46:34 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/ Frame EE14
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
cache-control
no-cache
content-length
0
56939
i6.liadm.com/s/ Frame EE14
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fi.liadm.com%2Fs%2F56939%3Fbidder_id%3D203802%26bidder_uuid%3D
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
  • https://i.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4&_li_chk=true&previous_uuid=f2b8064f2e3a4b1eb980f21045a1b0a6
  • https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Server
2600:1f18:444a:4680:6bbe:49e:bc45:59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:35 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
86ebb0e21c29aebb
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/56939?bidder_id=203802&bidder_uuid=ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
keep-alive
trace-id
78f2b97ffa884cba
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=833650016440337580
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=833650016440337580
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
14840807-d3e2-4459-9bf3-c6d25c76b3fb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=833650016440337580
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_71df59b6-1541-496f-a950-5f179311acce&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9be787d5-4ec6-4ef3-982b-6c5292cfe6ed&user_group=1&ssp=gumgum2&bsw_param=3336b219-a909-468e-896e-472052c0277b
  • https://rtb.gumgum.com/usersync?b=bsw&i=3336b219-a909-468e-896e-472052c0277b
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=3336b219-a909-468e-896e-472052c0277b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=3336b219-a909-468e-896e-472052c0277b
Date
Tue, 09 Nov 2021 15:46:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4414ac2a-f651-4323-5e69-60e40f66c4d3$ip$185.213.155.176
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-4414ac2a-f651-4323-5e69-60e40f66c4d3$ip$185.213.155.176
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-4414ac2a-f651-4323-5e69-60e40f66c4d3$ip$185.213.155.176
Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_71df59b6-1541-496f-a950-5f179311acce&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=c2v-iaCAs3vLJEryiXkh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2YZSOYWWSYKDIFZTG5SMJJCXE6LJLBVWQJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=c2v-iaCAs3vLJEryiXkh&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=c2v-iaCAs3vLJEryiXkh&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=c2v-iaCAs3vLJEryiXkh&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003&rndcb=5621872183
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=3336b219-a909-468e-896e-472052c0277b&google_hm=MzMzNmIyMTktYTkwOS00NjhlLTg5NmUtNDcyMDUyYzAy...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHtRjg50EVEF-1XeUjJmTSw&google_cver=1&ssp=adconductor&bsw_param=3336b219-a909-468e-896e-472052c0277b
  • https://sync.1rx.io/usersync/bidswitch/3336b219-a909-468e-896e-472052c0277b?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
date
Tue, 09 Nov 2021 15:46:34 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX148a45fca8bf40069327f7e475218d7d003
content-type
text/html
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=MNYcojv29THK&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=MNYcojv29THK&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=MNYcojv29THK&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-857fc6c844-5vssv
expires
-1
cookie-sync
sync.outbrain.com/ Frame C2F6
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Z-Zm2g5tQQaXCJcqlrNcUDDQ5qFRSVfK0ti3MAklAxdvWo3Q86Mw-XrGqZQJi3lN%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_71df59b6-1541-496f-a950-5f179311acce&obuid=ENC(Z-Zm2g5tQQaXCJcqlrNcUDDQ5qFRSVfK0ti3MAklAxdvWo3Q86Mw-XrGqZQJi3lN)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=t9ueJBgzABUhX6pDgDtF&pi=outbrain
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=t9ueJBgzABUhX6pDgDtF&pi=outbrain
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:35 GMT
Cache-Control
no-cache
X-TraceId
d51be2845c8fc5c30ce292841a24f6d5
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=t9ueJBgzABUhX6pDgDtF&pi=outbrain
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:35 GMT, Tue, 09 Nov 2021 15:46:35 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=b5ab993c-be0a-4bd1-a215-3346c32f3309
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=b5ab993c-be0a-4bd1-a215-3346c32f3309
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=b5ab993c-be0a-4bd1-a215-3346c32f3309
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame C2F6 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=3790efec-4174-11ec-9d14-fb2c7a265914
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=3790efec-4174-11ec-9d14-fb2c7a265914
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=3790efec-4174-11ec-9d14-fb2c7a265914
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
3790efed-4174-11ec-9d14-fb2c7a265914
services
sync.technoratimedia.com/ Frame C2F6 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1004541854
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame C2F6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:33 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame C2F6
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=53c9f482-5891-48b0-8431-d72f3b8b2a9b
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=53c9f482-5891-48b0-8431-d72f3b8b2a9b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=53c9f482-5891-48b0-8431-d72f3b8b2a9b
date
Tue, 09 Nov 2021 15:46:34 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame C2F6 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-length
0
sync
ads.servenobid.com/ Frame C2F6 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_71df59b6-1541-496f-a950-5f179311acce
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame 4067 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7eea458f-24bb-42b1-95dd-5ee325011547
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8B9C 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
29a140e1-dd31-4883-a464-d2214ef8417a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6B9F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=50092
expires
Wed, 10 Nov 2021 05:41:26 GMT
date
Tue, 09 Nov 2021 15:46:34 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 41B3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&t=1639064794
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&t=1639064794
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=18f4a789-2be6-4ca5-a9dc-59c68415bbf4&t=1639064794
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 7D72
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Tue, 09 Nov 2021 15:46:34 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame 1E5A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 4067 88cc6bf master cdg-pixel-x29 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=3211618a-97d9-4600-9dd1-8d6fea8cbe79&gdpr=0&gdpr_consent=
Expires
Tue, 09 Nov 2021 15:46:33 GMT
usersync
rtb.gumgum.com/ Frame FD9F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=YYqX2QADSdA1_wAz&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YYqX2QADSdA1_wAz&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YYqX2QADSdA1_wAz&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 varnish
x-served-by
cache-hhn4053-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1636472794.264322,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 39D3 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83MWRmNTliNi0xNTQxLTQ5NmYtYTk1MC01ZjE3OTMxMWFjY2U=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Tue, 09 Nov 2021 15:46:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ssc-cms.33across.com/ps/ Frame 0973 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Tue, 09 Nov 2021 15:46:34 GMT
um
cs.emxdgt.com/ Frame 8284 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Tue, 09 Nov 2021 15:46:33 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 9594
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YYqX2sCo5tAAANZXUlEAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YYqX2sCo5tAAANZXUlEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Tue, 09 Nov 2021 15:46:35 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Tue, 09 Nov 2021 15:46:34 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YYqX2sCo5tAAANZXUlEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
4
X-SO-HostName
m-ad358.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":38,"gdpr":true,"ipv4":"0.0.0.0","key":"YYqX2sCo5tAAANZXUlEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad358"}
X-SO-Key
YYqX2sCo5tAAANZXUlEAAAAA
X-SO-IP
185.213.155.176
X-SO-Cluster-ID
38
X-SO-Upstream-ID
m-ad358
usersync
rtb.gumgum.com/ Frame EA59
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=5107433821652090395
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=5107433821652090395
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=zet&i=5107433821652090395
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame D7B9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=t9ueJBgzABUhX6pDgDtF&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=t9ueJBgzABUhX6pDgDtF&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Tue, 09 Nov 2021 15:46:34 GMT Tue, 09 Nov 2021 15:46:34 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=t9ueJBgzABUhX6pDgDtF&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame F31D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=0f0b975b-737b-4cb5-80c7-3bc8db3a5eb9
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-length
0
current
openx2-match.dotomi.com/match/bounce/ Frame F31D 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame F31D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame F31D 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=0817f3bc-c1ae-49ed-9770-a59d0a0a7175
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.78.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame F31D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYqX2QADSdA1_wAz
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYqX2QADSdA1_wAz
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636472794.385538,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYqX2QADSdA1_wAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame F31D
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=7MlfxCgborPcOaSypJvOXyfy&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4df140726466dc9e0d81808a42ead34&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D7MlfxCgborPcOaSypJvOXyfy
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=7MlfxCgborPcOaSypJvOXyfy
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=7MlfxCgborPcOaSypJvOXyfy
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=7MlfxCgborPcOaSypJvOXyfy
date
Tue, 09 Nov 2021 15:46:34 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame F31D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2668862686710124112&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2668862686710124112&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: gift-connect-d.openx.net
URL: https://gift-connect-d.openx.net/w/1.0/cm?id=fd531c74-f5ed-4e60-8874-939fb2acafa1&r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gift-connect-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2668862686710124112&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usync.js
eus.rubiconproject.com/ Frame C063 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56374
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Wed, 10 Nov 2021 07:26:08 GMT
usync.js
eus.rubiconproject.com/ Frame 7D72 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56374
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Wed, 10 Nov 2021 07:26:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B614 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssORdz7lt5aYNOywZEbZ4IKHf9RgElT9yYFA_rpC39NrWeIoIFnV2PHKs378cdtdm6Y_oX4GNyMUKF8I74fWdkkzYSmoy9rPFtsUB4dBFUh2BVEQhCJ&sig=Cg0ArKJSzAaGGWLva_w6EAE&id=lidar2&mcvt=1010&p=8,315,98,1285&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20211108&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4166723991&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636472789199&rpt=4275&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BC4 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuajOpkp6QTmrTjWPIacLo1wcJvTorLPndQtwXWxmsfl9U7EcMRLXdVwSQoSonyC1nJNTpzoY4XQEnR5IbOvwP5cg&sig=Cg0ArKJSzBZMJ79AQUH_EAE&cid=CAASF-RotpKPfmrp5NHzQzazLOIz5djlUU3U&id=lidar2&mcvt=1012&p=0,0,90,728&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2236077833&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636472790756&rpt=2705&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A8B8 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZjTf0Ekv8ouURQee1A2CSMTwgUv7EGmiIMmPxoLs99aW2FHKn00hJuP587-H9hDULiMvpIFa5damwVD4CxCcMFA&sig=Cg0ArKJSzC0SC6lzX5wIEAE&cid=CAASF-RofPohQZdN_kG7_J8VIu2DhtMfRJks&id=lidar2&mcvt=1016&p=0,0,250,300&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2662501839&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636472791107&rpt=2387&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame C5A7 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2092492643633820213&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.212.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-212-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame C5A7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2450375190193386447&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2450375190193386447&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:33 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
server
nginx
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=2450375190193386447&gdpr=0&gdpr_consent=
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame C5A7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7028597131037767834&gdpr=0&gdpr_consent=
43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7028597131037767834&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7028597131037767834&gdpr=0&gdpr_consent=
Date
Tue, 09 Nov 2021 15:46:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame C5A7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=3336b219-a909-468e-896e-472052c0277b
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkab64b90d-ecdb-4e46-ae76-d379ba84c5aa&expires=7&user_group=5&ssp=smartadserver&bsw_param=3336b219-a909-468e-896e-472052c0277b
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3336b219-a909-468e-896e-472052c0277b&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3336b219-a909-468e-896e-472052c0277b&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=3336b219-a909-468e-896e-472052c0277b&gdpr=&gdpr_consent=
Date
Tue, 09 Nov 2021 15:46:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
csync.loopme.me/ Frame C5A7 		0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C063 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Content-Type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame 7D72 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1915 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=2866612404525817&bg=!cXKlcjbNAAYH3anuB907ACkAdvg8WmytVu7TSevs7v4XRhGSbGwNmRQsM4iKVe-bXSXktdrabrxRDwIAAAE6UgAAAA9oAQcKAIg7cA_3w0TUvKCaMjitfN2YALAgydJJGjPzeaHhR7CPUnBvFogTZEmrbKMIZxGY2y7iUrPoz1zxe4GoPwtVJ0y9oxH4aW7zqNX8ts84upTRKSyCoVr10WivDcDcpuXGanZltEXzu8hpEyaz1V3HCepmDXwnw_LQKUEYNftarRQMksZPr6geTnXemQLuJiNIY08Ri2-EzO0EPDmKbYRReyAH1kixqFCCZTkMK09vzpgatciiAi23vxgRck_rxYz94nRan54Dos_sAOXFSQbTTjYob73Dt87jfjMNkkI1k_waczAStgDnk1jp5MyJybU-xSscE2iDb3FzO9Hd4mPfEgJSjeuY290uNVVmib17VQFTBcyycz0h_z2ED0Zy24tnRUxzqu6jfm_TnVArFjODM9zcx8mqxLn3kWc43of19WnAhNVZhMTSA6Fx3cnn8_X847u3nFBECh4Y_ZhR2t2BLER0W5VyD77Vo3Z5kJYtaAflZEA5cj8hk1g_9NihChoSkh98RXNhnjd4OO7oeqBFDoqOi3_5ZSx5w8HEfHutnJbhX94wRupSo0l1v0NZ4JT7kjPvrUBUB5s72MHFdFrm6yhhGDtj-4PxIQ3NkoKwr4i19W004wIW6acBwh8NjbK-QgyRU-Shy3tVv5klAQhSyADjj8p5VRqnlG5XjWRhK-UrLOZWWynZfT4ZH7uwan74cpFkFtH69FvV1L9vZCXl3qCrx6EUOnyoU2EtgarahS8CUudJxsnFq22mCnI0mRG7CzPRbwDk1DxY-csyE7JXEiU72q8kRImcWcA5DcsF863-as78x2OOgt9VJKJNcQcdo2-mXgQkeIm_IL5Zs_L-DysHxJEC1GXkt-5Dq2Jxshoj6M8riz_5B5a2QLvwZH1YCLngIHmc5mYgfWuCnWRhqsY4Eg3hlhrtTQPmJmM9GbxzwkX_xEUjIf-RjkwylKVEzSlipcLqmEsBHZx7QyZBsu9zYrFJiRSMW6ujiaDOd_S-atAGstL5ztPIPRyM3X9s1MyvnFn21wHbB6spC__eN43pGfDn0XenfriC3pvbCr42q5G28aUFQGR3HJ3T-YyxsmcjfFn8Ld9q4aIQTQziPblLYFxJqkvMsfapAn0JVJZBk6pq3APn5Z-gd5A2aw8ohSmUVg0KJK8-H9WDhDd5DyQybr3rSVg0vMKW
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0DB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=842315337623768&bg=!YWKlYibNAAYH3anuB907ACkAdvg8Wo6dkLTHAZu523c2gnG6BGhX4rPrkzvv4B5tEbLvOyKBGmWwvAIAAAEFUgAAAA9oAQcKAILNZJrJbfqU_X6iiRDRA3-6jQhCzVN1dxSAx2pY_oBTwgmGA19WsNqwMsXufH7zRONrAYUQBUM3SWnRoKdpxv4q2NWKsWYAjtriX4xdAPR2oxmgTPNAjrp54NsbT34WDHTL-OhrY8716s_mJoT-BAzBob_jkuzPJ8Ag0c72SV2qsJy7mQLbCrxHvxre7Db7q61reA4wGpb6px0qhFD11IsUjo4LLLlXM6J0c3mJXcbzqqcdaljaDkwk5iCxsIbhjH4uOG2I5JxBxpItMPnzw04ShohI39TKd4r_4m7VZ4_6S91G3fCnE_6wZ2U2l0x4rgiyGF_ZFrQk3E3W6kd7G1PG065LU4VJji_lW4MRnth8ZYiOMFkwKyBIqXUbfqj5OLYw6nzY1Boyu5rGptu3B7C-JxUcBF8HKwm4_tUiA358RJjx6VA6YuN_RQlr5aMBK-LGzR1CWaSMsCs1lQLUsK-xco_6hg3HFngGqbJD6jP6NczLpaClFQvnwKVbL1AIL6aJiwdo8rKFCyG7Q6Sui3bD32EZGDSvNJsmLuMoT0TIsI3ySZnsXn2GYHrLPxeIEtYM4Cq4LJnQcT2bFOJs4XM4IoudyWEmdxNFed1hDgqswapJfaTz_NNtOqVvzBwQMUFrtYof_0rpNWgqDSw7rZGm3VL7fvwr_fbcmMNUcUzJCc-cIY25aHFnOVs6Mixpx9TZDNILJPokuuF6O7j2Og7DqGvRwbkKStNcJv65bVOdUHJk_nEPmW207tvCFXqLcxl4vI7SuMKY2BtauJ0OYYk-48KeJrRN-FQGCo26SEjk_uioSZoVCXoWuk5fhD4vrqN8a53rhqhjGryqcBacgJF7D6G2Ron7UoainyHaN4yrweEGa4ghMZKM97Uhqx3sNwCMWqb_Hp4slmwpAWsIvdf98ecZqpYCKlUCL_P-XJ17UXSqoMum_R6kQV6G0zMGTz_5TsZQF0mmFR3LxRrpZhOaH1kIuH-kVGLvSqWbB9TQKETsGEQS0NA622x8cPD8yyQhm8yoBBHgL6wBkt5dRVy6HN71iYB9H466ZBWe6zpFsk5fT326sMEzUVoR7TMvcdBwJUwlemp6ByAAuluLOC_cC5kzJpC91p2yLtOoTLwXLd81pSpd5KumlIc6KB_z6Qg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D685 		0
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
08697dcd-71db-47ec-a915-ccac827b229c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
st
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7364 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 09 Nov 2021 15:31:59 GMT
expires
Wed, 09 Nov 2022 15:31:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
876
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6CFB 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eaf0cb2cce23fb64628443591887896fbc1d77d8ce04a65db65135893699ab2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Nt3TBTgYODr3Q/8YTvQqlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 09 Nov 2021 15:46:35 GMT
date
Tue, 09 Nov 2021 15:46:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Nt3TBTgYODr3Q/8YTvQqlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 6CFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=2336453506913286&rc=
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 5C28 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156858&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
pagead2.googlesyndication.com/bg/ Frame 7364 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lFqatAGMGI5ruFOuc2G8YqsaAHQUb5EGFuJALWeAUJk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 14:26:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
4797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13523
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 14:26:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B614 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=2336453506913286&bg=!mZqlmt7NAAYH3anuB907ACkAdvg8WvPNa73XBdl46UTgLNQyEg5KzrnSfn1QNYq_DFnJq3CmRr78YgIAAABXUgAAAAtoAQcKABRCXeUFKroPQ17BEXKTSzGA1l746JkCx39BKlfH8jy60_rWrgBxgceT6LeRBOJtDyMfi5aUcoCtWVYyzTXeeQG2a7_CYw-TBazBeKO0bqCMYzdmTH92rZQ-Ou8T3VA7YPQShSghMjPK0Ib4WFclYFh2R2mY1WH06c2_hwP0EPI7hcWcoKpaMdMnT1mJVyE0HEGY3xXjQk4iP5EhoCHuCo_HD863PN2tHGxvHcEfrwwndJooxWFGMhDbUtbE6kEEu4bnDJZu3HQHB3f0Mww1TvODXfAzZWwo8uFAwHA9uxRIbgT0ldxkvbj0FRjgeh04MMknENvMCzygPzsr6twHWxnC5BckZ82BqtTfxFekC_L_F3ROqivDWPl6g9uRp_ygkPB4GYYUlQgodZbxE-yaWVJNYVzDfxapqcTmwRWM59hs3KnfZcJrOqFxRSnbZqWbaOzJT4JqQaXbZdTojBFlNUHgUmjY2zOJKFvlPSKvzIL_1bYQMtlkBZVUDkAzk96IZdR5thA4_VNMjhtX9V9K-fOusq0RxbJ-NI9pG3NTDgrURpu3rFFy03IaocSOtxrnU-eX0IsQtRRuT2BSNby77BYXzhu1IN_27qtGM9_G899yDJY3eIJMY4YRzjkbv3MTq_WZNd9AFwCT8s3KrjH296lbtmpL64q8IXwzOxbHd4OWk9FLG-_Mcnpv-TT6PyWVYSlvheolZVZ_ZOrZ1Er-rA59-O0Z_PGZwl4aANo2UtpuTUnksuCjmi8TtXbVRfiFqiPrkJ15THBGoXmWN_Y1PeZC6BQlzRGfrDl4HUBG_ejRg1BOaaPKQElAQ_eELNbsy9k6qIjGTaKaN4sywilZzrIlFXRxwRhQc8Y1TvnIy1wDS5XjilWsD8nEcVPTq9rwG3-NuesL9wa9eymGUN4Ki1Mti7d16qr4kN55VIbZHarMR8IJSghC7MYT4usdR-Nqm5iOrs6f1VjzMVBGxlLIZg
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&pid=MgHzc32xCKhl6&cb=2&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:39 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
Y0T28QEZ9DQWVKX1DHCQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
ypasH-vGLeRH257yvmWwsD7V9z7irzCC1E66Ryr7OryPuNGjBj5gYw==
g
capi.connatix.com/rtb/ Frame 319A 		1 KB
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
50fbfb2ffd2a339298bf03368a69530e00886798d5b61d249f4891de4faf5f48

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
677
prebid
ib.adnxs.com/ut/v3/ Frame 1230 		139 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7b6da29f2d07f722c235dbc2e863438a940363978df2a27aa916076009f18107
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:40 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
19c50767-c9b3-4c81-82a3-c26e747e8149
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/233148/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233148/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 1230 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435870&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%224118fb1924445c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%227cda80b4-dffa-4268-94a1-f15422810098%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22423f0c5f60b3ff8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c9a5378ce5e088624062511aeb87322369b71ff80b3a0018e8b8870a6651b006

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:40 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 09 Nov 2021 15:46:40 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1230 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
392272f9f98a74ef4878bab9ada2e0d6bd35ee54207f7fa8b38f0c0f159c9807
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 09 Nov 2021 15:46:40 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9e58e5c3-05a8-4d54-b85c-816f772a5337
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame 1230 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
230
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/216475/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216475/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/216476/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216476/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/233098/0/ Frame 1230 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/233098/0/mvo?z=1r&hbv=4.43,2.1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Tue, 09 Nov 2021 15:46:40 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 1230 		25 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?t=900&s=435871&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2253ee95fe84a65c7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%221005%22%2C%22rid%22%3A%227cda80b4-dffa-4268-94a1-f15422810098%22%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254327fa67c67c95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A180%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22skip%22%3A1%2C%22skipmin%22%3A31%2C%22skipafter%22%3A5%2C%22placement%22%3A1%2C%22w%22%3A400%2C%22h%22%3A225%7D%2C%22bidfloor%22%3A0.25%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6991e0cfed62971624ec79624afe3f73d6c0f1e21b9b1b1101142e5afcb9a2ad

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:40 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Tue, 09 Nov 2021 15:46:40 GMT
translator
hbopenbid.pubmatic.com/ Frame 1230 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
teachingaids-d.openx.net/v/1.0/ Frame 1230 		0
0
translator
hbopenbid.pubmatic.com/ Frame 1230 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Tue, 09 Nov 2021 15:46:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
ads.adaptv.advertising.com/rtb/ Frame 1230 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-183-32.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
avjp
teachingaids-d.openx.net/v/1.0/ Frame 1230 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4e78f28d-9c02-42d3-ae96-cb87415efcc3&nocache=1636472800267&gdpr=0&pubcid=c68add93-3a7f-44fc-b1af-c37fd5d139ce&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2Cc063a4f5-cf09-4618-a43e-fbcd6d8d9293%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882779&vwd=400&vht=225
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/plugins/prebid4.43.0-2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:40 GMT
via
1.1 google
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 319A 		199 KB
199 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a3fd0236cc000c9d995c15cc1282d2037b96a25bea3884b1c3361415095fe4e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=389314-593032

Response headers

date
Tue, 09 Nov 2021 15:46:40 GMT
last-modified
Tue, 09 Nov 2021 08:35:42 GMT
age
25826
etag
"b203e4789588179b8d29a1f7b0fd759b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 389314-593032/1760735
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
203719
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Tue, 09 Nov 2021 15:46:40 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
g
capi.connatix.com/rtb/ Frame 319A 		2 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
28
st
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
abt
capi.connatix.com/tr/ Frame 319A 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=137217
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Tue, 09 Nov 2021 15:46:42 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 46DB 		407 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
325597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 319A 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Nov 2021 15:46:44 GMT
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 5161 		411 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
325597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.488.0_en.html
imasdk.googleapis.com/js/core/ Frame 95B0 		368 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194718
date
Fri, 05 Nov 2021 21:20:07 GMT
expires
Sat, 05 Nov 2022 21:20:07 GMT
last-modified
Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
325597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 83F7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Nov 2021 16:18:40 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D12B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Nov 2021 16:18:40 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E414 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 09 Nov 2021 16:18:40 GMT
integrator.js
adservice.google.com/adsid/ Frame 319A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Nov 2021 15:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1929247112&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ul=en-us&de=UTF-8&dt=Robinhood%20Trading%20Platform%20Data%20Breach%20Hits%207M%20Customers%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1226904981&gjid=1706011612&cid=1886137934.1636472789&tid=UA-35676203-21&_gid=1287826526.1636472804&_r=1&gtm=2wgb80PM29HLF&z=1381445149
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1929247112&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ul=en-us&de=UTF-8&dt=Robinhood%20Trading%20Platform%20Data%20Breach%20Hits%207M%20Customers%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=1886137934.1636472789&tid=UA-35676203-21&_gid=1287826526.1636472804&gtm=2wgb80PM29HLF&z=1462452239
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 07:10:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30968
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35676203-21&cid=1886137934.1636472789&jid=1226904981&gjid=1706011612&_gid=1287826526.1636472804&_u=YAhAAEAAAAAAAC~&z=1546121953
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 09 Nov 2021 15:46:44 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=1886137934.1636472789&jid=1226904981&_u=YAhAAEAAAAAAAC~&z=546028594
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=1886137934.1636472789&jid=1226904981&_u=YAhAAEAAAAAAAC~&z=546028594
Requested by
Host: threatpost.com
URL: https://threatpost.com/robinhood-trading-platform-data-breach/176106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Nov 2021 15:46:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&pid=MgHzc32xCKhl6&cb=3&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 15:46:50 GMT
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
0Z9CV9HNAEZEQCRX0K21
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
YfgGl5ZiHrSeBAuVm1H4ASKTFb5gUKhF7uIl9I20umrTeK3TxORldQ==
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://threatpost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

retry-after
0
access-control-allow-methods
*
access-control-allow-headers
range
accept-ranges
bytes
date
Tue, 09 Nov 2021 15:46:50 GMT
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
access-control-allow-origin
*
content-length
0
0.mp4
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/ Frame 319A 		204 KB
204 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/bd6e1521-fba5-4279-9dbf-030d2b7a9236_/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45a077881c14b7c51d1d9f57a0ec62bf3fe3387507ba33a8829aa7e759547d0d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=593033-802224

Response headers

date
Tue, 09 Nov 2021 15:46:50 GMT
last-modified
Tue, 09 Nov 2021 08:35:42 GMT
age
25836
etag
"b203e4789588179b8d29a1f7b0fd759b"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 593033-802224/1760735
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
209192
g
capi.connatix.com/rtb/ Frame 319A 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Domain
teachingaids-d.openx.net
URL
https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Frobinhood-trading-platform-data-breach%2F176106%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d7487f2c-f7ed-4f91-a873-01cbc54fb42a&nocache=1636472800263&gdpr=0&pubcid=c68add93-3a7f-44fc-b1af-c37fd5d139ce&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C7cda80b4-dffa-4268-94a1-f15422810098%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22skippable%22%3Atrue%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%2C%22video%2Fogg%22%2C%22video%2Fmpeg%22%5D%2C%22protocols%22%3A%5B5%2C2%2C3%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A180%7D%7D%5D%7D&auid=540882778&vwd=400&vht=225
Domain
capi.connatix.com
URL
https://capi.connatix.com/rtb/g?v=137217

Verdicts & Comments Add Verdict or Comment

297 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| gAMP_urlhost string| gAMP_urlpath string| gAMP_urlquery string| gAMP_contentid string| gAMP_category string| gAMP_contenttags number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| k999SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad728x90ATF object| ad300x250ATF object| ad300x250ATF2 object| ad728x90ATFTAB object| ad728x90STICKY object| ad300x250ATFTAB object| ad300x250ATF2TAB object| ad320x50ATF object| ad300x250ATFM object| ad300x250ATF2M object| ad2x2skin object| adGoogleAdXInterstitial number| gBrowserWidth object| desktopAdUnits object| tabletAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount function| _0x10e398 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack object| googletag function| _0x306c object| pbjs function| _0x5af4 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx function| $ function| jQuery object| gdprDynamicStrings object| kss object| gdprStrings object| sNew object| s0 object| dataLayer boolean| jQueryMigrateHelperHasSentDowngrade object| cnx_usr_storage object| F6DQww2 function| F6DQww3 object| xop boolean| apstagLOADED function| __uspapi function| __uspOpenUI object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI function| pbjsChunk object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid boolean| creativeVendorLibraryLoaded object| MZ1D6o2 function| MZ1D6o3 function| xblocker object| tH66dq function| tH66dR function| xblacklist object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gf_global function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format object| gform undefined| __gf_keyup_timeout function| renderRecaptcha function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input object| Placeholders object| kasperskyDynamicaReCaptchaData object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| jQuery112402639676091483478 object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp object| gf_form_conditional_logic string| gf_number_format function| do_callback object| ggeac object| google_js_reporting_queue object| PublisherCommonId object| google_tag_manager object| ID5 object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents function| twq object| player_instance_b3587debe137438e936c6c2286f5ac11 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| twttr function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing object| google_reactive_ads_global_state object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| cnxProxyTask object| ONFOCUS object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| gaplugins object| gaData object| closure_lm_361259 function| cnxAddEventListener

140 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQ69SEq9AvCgoI4gEQ69SEq9AvCgoI5gEQ69SEq9AvCgoIhwIQ69SEq9AvCgkICRDr1ISr0C8KCQg6EOvUhKvQLwoJCAsQ69SEq9AvCgoIjAIQ69SEq9AvCgoIzgEQ69SEq9AvCgkIXxDr1ISr0C8=
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQ6hA
.quantserve.com/ Name: mc
Value: 618a97d3-d5b7d-da71f-accce
threatpost.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.threatpost.com/ Name: __qca
Value: P0-1437220804-1636472787853
.twitter.com/ Name: personalization_id
Value: "v1_cFec9KOG3gqK3A+39g2DHQ=="
.adnxs.com/ Name: uuid2
Value: 833650016440337580
.rubiconproject.com/ Name: rsid
Value: 1|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxpnGfrzPAh1r4f5PW3gQ6qaZLiJj4/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqPCx1KqnWuDc9aU/+oD8/ZWV4=
.openx.net/ Name: i
Value: 913a0215-3f98-4c70-9fb8-eb436f5801b2|1636472788
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: be2682b451bad70ec5ccb236
.rubiconproject.com/ Name: khaos
Value: KVS9N8MZ-X-LFLP
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpqfiytWd1vfz5APvdogVCbaTd6KyMQnasCO6vdpaaRU+9rWtkRaMjSb05ecXDiI+jhlI2uKWkDtsxuhZpbWKLtINWY3Pa16NE=
e.serverbid.com/ Name: azk
Value: ue1-sb1-c8c7d114-f81e-4031-b518-fb2fcbca9be4
.a-mo.net/ Name: amuid2
Value: 7556d985-4705-4dd3-98d4-d22294be1646
.threatpost.com/ Name: __gads
Value: ID=4a11c6759f2f0ed1-222432c539cb001e:T=1636472788:S=ALNI_Maj3cWBbupGhlLUArjht3j2CzEmcA
.doubleclick.net/ Name: IDE
Value: AHWqTUldxTrrPXKtYP7Ut1V0dr5Pz09kKsTZW4VXeXsfcGvnjXs8OL7pweK-mKX6uP4
.threatpost.com/ Name: _pubcid
Value: c68add93-3a7f-44fc-b1af-c37fd5d139ce
threatpost.com/ Name: cto_bidid
Value: 3hIT318xayUyRlRvNGJwajdUU1V0eVFVbUoyRU5sZVlSYklTckRWaGIwZ0JxYVBLSlhGMmRUSE0lMkZEOGdkWGswV0YwTk5SalBUWXdOamZrZk5wNGVjSVY5WUgxVWclM0QlM0Q
threatpost.com/ Name: cto_bundle
Value: 6icerl9DbEl5OW1rTWRhJTJGaXpCZDQwd0JmekFyYmNiJTJGMVpBOGNXMVhQMVlmR09GT2d4YnBuaWFBJTJGWkZRcTNZemJKVlRLOVl3VFBSTkFHaTJRRkpJR2NtMzF0VHNKNmg2VmQlMkI1NGR5WnI0ZVlVR0hwc2Z0aVExdHNWRFVFTXdVUXhHYmls
.awin1.com/ Name: awpv24521
Value: 412871|1636472791|357c8ed1-4174-11ec-9278-2234ffce0f80
.zenaps.com/ Name: awpv24521
Value: 412871|1636472791|357c8ed1-4174-11ec-9278-2234ffce0f80
.zenaps.com/ Name: AWSESS
Value: 416965:2924494
.casalemedia.com/ Name: CMID
Value: YYqX1-PcBeXTIIB28AFvTgAA
.casalemedia.com/ Name: CMPS
Value: 3276
.agkn.com/ Name: ab
Value: 0001%3A2YOwG79xIXKTooIrfadkXwzBAWDQtEls
.agkn.com/ Name: u
Value: C|0CEApHVRXKR1UVwAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/ Name: CMPRO
Value: 1113
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 502FA0C1-CAC5-4BEE-A99D-DBA3F6E1253D
.awin1.com/ Name: awpv11938
Value: 412871|1636472791|35a154e0-4174-11ec-9278-2234ffce0f80
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1636472791_35a154e0-4174-11ec-9278-2234ffce0f80%22%2C%22sp%22%3A%22awin%22%7D
.r.niwepa.com/ Name: tsv
Value: kBc!HUwak4pt3B4!AQ|CkIw!A!~BMYB2bLA*3Y
t.adcell.com/ Name: ADCELLvpid2945
Value: 164800-46690-oneidqGXsmf1WUMZuZHgHDtJt4AjTPTgTq4s3oneid__asuidZ-4Rwuk1i3ZjTBVLZ5vLSIJklNF-VPuCasuid__suite_Netmix_Reach43_TopRotaMonth%23%23%23%23%40%40%40%401636472791
.innovid.com/ Name: uuid
Value: 3dc794b4-6489-4db8-88b6-5a31b0ace19d-20211109 10:46:31
.advertising.com/ Name: APID
Value: UP36b3136b-4174-11ec-8e36-029e9351d68c
.quantserve.com/ Name: d
Value: ECsBDwHXJIEPisMA
.adsrvr.org/ Name: TDID
Value: 18f4a789-2be6-4ca5-a9dc-59c68415bbf4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156858:3
.pubmatic.com/ Name: DPSync3
Value: 1636502400%3A174%7C1637625600%3A201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1637712000%3A35%7C1637625600%3A220_21_13_7_161
threatpost.com/ Name: usprivacy
Value: 1---
.mathtag.com/ Name: uuid
Value: 3211618a-97d9-4600-9dd1-8d6fea8cbe79
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBNmXimECEO8emxyD_Nv-_nOSIFwaq_MFEgEBAQHpi2GUYQAAAAAA_eMAAA&S=AQAAAvzMMrmpOP7tFwAtW9imH_s
.yahoo.com/ Name: APID
Value: UP36b3136b-4174-11ec-8e36-029e9351d68c
.adform.net/ Name: uid
Value: 2450375190193386447
.w55c.net/ Name: wfivefivec
Value: YASmVhiC1MKtkt5
.w55c.net/ Name: matchcasale
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYqX2QADSdA1_wAz
.onaudience.com/ Name: cookie
Value: 0dced6813be2d8b8
.onaudience.com/ Name: done_redirects147
Value: 1
.simpli.fi/ Name: suid
Value: 1B2D6D03061747B180121EB3021DA96F
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79&KRTB&16736-uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79&KRTB&23019-uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79&KRTB&23114-uid:3211618a-97d9-4600-9dd1-8d6fea8cbe79
.pubmatic.com/ Name: PUBMDCID
Value: 3
.de17a.com/ Name: guid2
Value: 1.1853969869881666058
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEL8hsv206vnxAMHP4QrX51c&KRTB&16514-CAESEL8hsv206vnxAMHP4QrX51c&KRTB&23025-CAESEL8hsv206vnxAMHP4QrX51c
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1853969869881666058
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 4df140726466dc9e0d81808a42ead34
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQN0lJMzQxMDcyMzEzS0m2TDVIsTC0MLBINDFKTUwxNmEAgsSu6TdBNBQAAEEhCqc%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7Jp%2BE0hBAQAcyQJc"
.onaudience.com/ Name: done_redirects219
Value: 1
.3lift.com/ Name: tluid
Value: 18031057049949305165
.zeotap.com/ Name: zc
Value: d31fe3fb-bd14-4d30-6561-a38480b37ce0
.zeotap.com/ Name: zsc
Value: %C1UK-%10%02%E5%98n%CD%B0wD%C7%94%01%BF%A5%C1%04_%C7%94%C0P%A4%C3%1AHo%95%13+%D7%D7o%3E%CF%10%BC%C7%1BHQ-%8E%B5%B1z%9A%1D%F32%0A%FE%E0%2A%C0%A52%B8%1C%92%A8F%11%B11%9C%3An%C8%C4%F1%04%3D%A3%DB%3B%2B%8E%F1%FA
.w55c.net/ Name: matchopenx
Value: 5
.bing.com/ Name: MUID
Value: 114C179057DB6E143382077A56B06F1B
.turn.com/ Name: uid
Value: 2668862686710124112
.bidswitch.net/ Name: tuuid
Value: 3336b219-a909-468e-896e-472052c0277b
.bidswitch.net/ Name: c
Value: 1636472793
.owneriq.net/ Name: si
Value: Q6897591931089549114
.owneriq.net/ Name: p2
Value: cc
.bidswitch.net/ Name: tuuid_lu
Value: 1636472794
.casalemedia.com/ Name: CMST
Value: YYqX12GKl9oA
.bidr.io/ Name: bito
Value: AAHF0E7DFTAAABq5ChZukg
.bidr.io/ Name: bitoIsSecure
Value: ok
.servenobid.com/ Name: pid_312
Value: 833650016440337580
.nrich.ai/ Name: _nauid
Value: 90a99e53-a196-46fe-8534-8f6d28d53846
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjQzNTKwNDC2NBXiM9T1CAjRdfYsMzBM8suS4jU0MzYzMTcytzQxNLEEANRFwlo0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjQzNTKwNDC2NBXiM9T1CAjRdfYsMzBM8ssCAKPVoxslAAAA
.adx.opera.com/ Name: UID
Value: f36377e1d52b46f6b55086773fb2c92a
.gumgum.com/ Name: vst
Value: e_71df59b6-1541-496f-a950-5f179311acce
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_335
Value: f36377e1d52b46f6b55086773fb2c92a
.servenobid.com/ Name: pid_324
Value: 5107433821652090395
.analytics.yahoo.com/ Name: IDSYNC
Value: "1776~21fr:187s~21fr:17ot~21fr"
.yahoo.com/ Name: APIDTS
Value: 1636472794
.openx.net/ Name: pd
Value: v2|1636472793.1|kigqiysLommOgevNgunsn0gi.j8mWfcsHqGiS
.servenobid.com/ Name: pid_310
Value: be2682b451bad70ec5ccb236
.servenobid.com/ Name: pid_327
Value: 7556d985-4705-4dd3-98d4-d22294be1646
.casalemedia.com/ Name: CMRUM3
Value: 69618a97d905a0&ee618a97da2760&5a618a97da05a0&2d618a97d92760CAESEPTbqo_rGUEJdvyAtH0kK_w&f1618a97d905a0&49618a97d905a0&dd618a97da2760&03618a97d927603211618a-97d9-4600-9dd1-8d6fea8cbe79&58618a97d905a0&40618a97da2760no-consent&41618a97da05a0&1f618a97d905a00&da618a97d92760&c3618a97d92760av-e5172cfa-24a3-4692-ac1b-28a8d4ff294c&04618a97da27602668862686710124112&e6618a97d92760&2f618a97d92760YASmVhiC1MKtkt5&ce618a97da05a0&05618a97d905a0&2e618a97d905a0&bf618a97da05a0&27618a97d90b40&82618a97daa8c0
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAHF0E7DFTAAABq5ChZukg
.pubmatic.com/ Name: PugT
Value: 1636472793
.servenobid.com/ Name: pid_309
Value: e_71df59b6-1541-496f-a950-5f179311acce
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslxmtoZmxmYm5kbmliZGZ-ShyJb2hiCQCX6WxSIAAAAA
.go.sonobi.com/ Name: HAPLB5G
Value: s578|YYqX3
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwiMoMfs2uiROhAFOAFaBmd1bWd1bWAC
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003%22%7D
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&7df60c77-6cac-4dbe-8bcf-12ed841291be"
.linkedin.com/ Name: li_gc
Value: MTswOzE2MzY0NzI3OTQ7MjswMjHPyr1LwHZb0wrnNkBIwGJP1Urg8odQ0GgBZH1IHgX2yA==
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2170:u=1:x=1:i=1636472794:t=1636559194:v=2:sig=AQFolS5Zd0l59zunLSz0Ug6t4cpozj-n"
.creativecdn.com/ Name: u
Value: t9ueJBgzABUhX6pDgDtF
.creativecdn.com/ Name: ts
Value: 1636472794
.servenobid.com/ Name: pid_321
Value: RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003
.justpremium.com/ Name: jpxumaster
Value: um-b2cb0e84-9245-4f4e-8d23-3f7f2749c612-1636472794
.justpremium.com/ Name: jpxumatched
Value: ox
.postrelease.com/ Name: opt_out
Value: 1
.zemanta.com/ Name: zuid
Value: c2v-iaCAs3vLJEryiXkh
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-148a45fc-a8bf-4006-9327-f7e475218d7d-003%22%2C%22nxtrdr%22%3Afalse%7D
.erne.co/ Name: u
Value: 7MlfxCgborPcOaSypJvOXyfy
.360yield.com/ Name: tuuid
Value: 53c9f482-5891-48b0-8431-d72f3b8b2a9b
.360yield.com/ Name: tuuid_lu
Value: 1636472794
.smartadserver.com/ Name: pid
Value: 2092492643633820213
.onaudience.com/ Name: done_redirects200
Value: 1
.servenobid.com/ Name: pid_317
Value: 2092492643633820213
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.adfarm1.adition.com/ Name: UserID1
Value: 7028597131037767834
.smartadserver.com/ Name: csync
Value: 22:2450375190193386447|49:7028597131037767834
.outbrain.com/ Name: obuid
Value: b115c64a-d11b-45f2-a224-cc9ff3041b4d
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4414ac2a-f651-4323-5e69-60e40f66c4d3.hf5cY4tJoeVMPBiPeqhgRJ9ay99C2XWyMeHl1hRNxwo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-4414ac2a-f651-4323-5e69-60e40f66c4d3%24ip%24185.213.155.176.NmJZ31kM84n%2FLtxn6%2BX75wL%2BQE2MCCc%2FR9o6tOPliZI
.ipredictive.com/ Name: cu
Value: 3790efec-4174-11ec-9d14-fb2c7a265914|1636472794590
pool.admedo.com/ Name: tuuid
Value: 9be787d5-4ec6-4ef3-982b-6c5292cfe6ed
pool.admedo.com/ Name: c
Value: 1636472794
pool.admedo.com/ Name: tuuid_lu
Value: 1636472794
.liadm.com/ Name: lidid
Value: f2b8064f-2e3a-4b1e-b980-f21045a1b0a6
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 30e28f8156b08e53
event.clientgear.com/ Name: mkuuid
Value: mkab64b90d-ecdb-4e46-ae76-d379ba84c5aa
.outbrain.com/ Name: rtbhs
Value: t9ueJBgzABUhX6pDgDtF
.pubmatic.com/ Name: SPugT
Value: 1636472794
.servenobid.com/ Name: pid_333
Value: YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB
.adnxs.com/ Name: icu
Value: ChgIzLJhEAoYAyADKAMw4K-qjAY4A0ADSAMQ4K-qjAYYAg..
prebid.a-mo.net/ Name: __amc
Value: 3_1636472788_1636472800
.threatpost.com/ Name: _ga
Value: GA1.2.1886137934.1636472789
.threatpost.com/ Name: _gid
Value: GA1.2.1287826526.1636472804
.threatpost.com/ Name: _gat_UA-35676203-21
Value: 1

18 Console Messages

Source Level URL
Text
network error URL: https://ins.connatix.com/60764267-557e-410f-85cb-f102d92ee134/2/insights.bin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/90f4e3c1-4d7a-4159-94f4-2c032d2d3787/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_cver=1&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPJfxla33q1mN3ZiU8ltK8IDqSPhjDKY9250YCZ880MdorEqaFpn6uIe6KF_65DJdu42sc6THe52ToAiJRaugXgLGhSnsPUu
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_push=AYg5qPKLdSJQeMJ4qiDfmNZAQgq-DOXYr_85YOjyj3WZzfZrgc7aGGtDxWLzedG-BcxIPO-t_YFrrCvEhBzS5WSSwnQLBktdOs8&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYqX1_PcBeXTIIB28AFvTgAABFkAAAAB&google_gid=CAESELfm7kttEk-kG1YrBwU1iRE&google_push=AYg5qPKS7OzCz8RMb0jK3BubptT6BmD8Ge0tueg4EkxFGPCvsXaybR72WT26VXP0fb04zSPmcEJ7FpLbEbO-AeIbT651KW-GNw&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YYqX1-PcBeXTIIB28AFvTgAA%261113&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://threatpost.com') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a0bde367e12cd1e26d08f9c9acc1b55.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.twitter.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.threatpost.com
b1sync.zemanta.com
banner.congstar.de
bcp.crwdcntrl.net
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.id5-sync.com
cds.connatix.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d.agkn.com
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
g2.gumgum.com
geo.ipify.org
gift-connect-d.openx.net
go.sonobi.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
jadserve.postrelease.com
js-sec.indexww.com
kasperskycontenthub.com
lit.connatix.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
media.threatpost.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
neso.r.niwepa.com
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.advertising.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prod-rtb.ad4mat.net
public.servenobid.com
px.ads.linkedin.com
px.owneriq.net
qd.admetricspro.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static-de.ad4mat.net
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adcell.com
t.adx.opera.com
t.co
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
tg.socdm.com
threatpost.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.connatix.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
x.bidswitch.net
capi.connatix.com
cm.g.doubleclick.net
csync.loopme.me
teachingaids-d.openx.net
104.111.215.191
104.111.219.144
104.111.239.217
104.111.242.53
104.244.42.131
104.244.42.197
134.209.129.254
142.250.181.226
142.250.184.226
142.250.185.164
142.250.185.66
142.250.185.97
142.250.185.98
142.250.186.130
142.250.186.136
142.250.186.70
142.250.186.98
143.204.95.188
143.204.98.20
143.204.98.61
146.59.148.16
147.75.61.140
148.251.139.77
151.101.194.137
151.101.66.49
169.50.137.182
178.162.133.148
178.162.133.149
178.250.2.146
178.250.2.151
18.156.147.57
18.195.155.181
18.196.159.27
18.196.162.123
18.197.116.184
185.184.8.65
185.29.134.248
185.33.221.53
185.33.223.38
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.86.138.143
193.0.160.129
193.122.128.135
198.148.27.139
198.47.127.20
199.187.193.181
199.232.136.157
2.18.232.130
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
202.241.208.55
205.185.216.42
206.189.254.17
213.155.156.185
213.19.147.42
213.19.147.44
216.58.212.134
23.37.38.181
23.37.42.132
23.79.143.124
2600:1901:0:76b9::
2600:1f18:444a:4680:6bbe:49e:bc45:59
2600:9000:2156:2200:0:5c46:4f40:93a1
2600:9000:2156:5a00:6:44e3:f8c0:93a1
2600:9000:2156:da00:2:9275:3d40:93a1
2602:803:c003:200::41
2606:4700:10::6816:1957
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:cf70
2606:4700::6812:272
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:119:50e1:101::6cae:b25
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:400c:c06::9d
2a02:2638::1c
2a02:cb40:200::242
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:dc78:e42b:b41a:32a0
2a05:d01c:1d8:8100:f976:bfd0:751d:6023
3.126.56.137
3.130.74.217
3.64.78.138
34.194.7.56
34.247.192.108
34.98.64.218
35.156.135.60
35.157.246.167
35.173.160.135
35.187.117.15
35.210.53.219
35.227.252.103
35.241.40.233
35.244.174.68
35.71.131.137
37.157.5.142
38.91.45.7
44.195.123.19
46.105.202.126
46.236.13.147
47.252.78.131
50.19.13.13
51.68.39.188
51.89.21.21
51.89.9.254
52.208.210.171
52.21.104.248
52.211.212.107
52.211.218.251
52.214.156.237
52.215.68.151
52.28.103.21
52.29.183.32
52.30.140.199
52.4.101.239
52.46.130.91
54.218.247.33
54.225.68.204
54.77.236.168
63.32.201.39
64.140.160.2
64.74.236.127
66.155.71.149
67.202.105.21
69.173.144.138
69.173.144.139
69.173.151.100
70.42.32.191
72.251.249.13
72.251.249.14
76.223.111.18
79.137.69.91
82.145.213.8
85.114.159.93
94.23.171.206
00dd144a7637501b89545623a86d1ae54ecbc4ebe4c0964d5d4edfc815cbbeb7
00e691edd844f707db832038eeaee530372eed2599fc3365746b89ab2cec7458
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
01864580e1f385dc4512aed0de4b324cc1a04812709e7020e857612fc0ce9f4c
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ef3b7a33213709cad19a439d33e4333628d0bd64a3315b8b8153e8ed535280
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
07084cf19e39ae8925ae7b0868055ecc26347ed5015e6ca3e4fa7d58089c39d4
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
074766a156eb539f7e32b172d7c7b86793f9dbba1954000c850eebf0b899a911
07fbd48d7d9cd10ec4ed0f70ba8ce6932893731fc0cb0238a5ece87836300923
091cedc4be1eea2beed7bbfb6d19cb8d03be534f40a38da276ea12221dc67535
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
09c18ba0c5c3c60ae32b026bc76e6ce38b2a7958db0ac914cb04170a350240a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc6faf184a81d3a610a2752b82ca243d91f05343d3e04b43b0c5c0301a37b1f
1224d8b8a4dbd8d8b311ce3cebf1d04708cfcd0ccf17f122355161ca82553fc5
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc
1568d2e7b6c488fbf37b9885a1a57b1c3b738f49ee1b2fac2419ea4af8e8e93b
164f113713f0f15f300354fb36e2f2529e5d2f74c0b88ed714e745a277e4be02
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
179f02a9c3017f5d4015831aa5c642b141c4518c0e7dd0a838c45472e791169c
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
192e03583d5e3b9e418577713ec648e7f8b0f45e505b25e4144c982c4b95bc93
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1aeb3ee07f4b462935c5d8047ff038c8e279d75f9be1dcd0b848ba68223a3ee2
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ce315aaef4a2143ca3199d8a5c298cc15109d905b4327b8ff919e4bfbeb40e0
1dec389cf73ad17027aee6f173bf8434f73048fcb3319edd76464011d8a39092
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fb159ee711891d78d92f602a952ca1d2947d0c168e1fc8ca38536499309caeb
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22f1d64e597d1cf6ae10ffed26c82c88f39e2afc59b354344e2771d9115ab53f
234ebc6d88e1ad29282ee9b9751fd85ac21c7c5e2ba24e3caad3e7a0e6fa7212
2688c12bd50013696e75dcd498688c0a2f06d47b88ae36b15e7786587760cece
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
275cc3af12a592b0de2c366003980156eb338dacddc13ad198b30a16e5d06f5a
284da3d2b11c82b2f5624dd0fad62bdcbe3b67a2a8687b00ff04e30deb17fd30
29b9543b1540aa339265d4e5be24903121905e7aaa4608c22180456c48eae2b2
2a2c171afe15c813ea16f589421494fc23f891cbbcccbe77999c2fac7c297fdc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
31d5648df5eebdf3d492b355285870ced53b93143889c04edf9deb94357dd6e6
3208dd2d38454e4b00362ae7f8da09e98ad92fe7e21ea2bc483295d55024643d
34d7bb2bbd510d29cad7fcf49e89b9f0c2443c09ccfe5b61cdc436522c4ed0ec
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
392272f9f98a74ef4878bab9ada2e0d6bd35ee54207f7fa8b38f0c0f159c9807
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3cb5b33362a1273aa7aa02191108604e561af3d549f782722acff04ce9c93348
3cb80e1f928ad98638ae7eccd9b7c26c6ec4a806c47174e140f214aa0f2532d7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
408dc95a3083c60c4372f1fa120fa0f6cfff36e69feb6079a2178d6de5c0dcdf
40f491511ff88328ae5b6c543d8168b4f56c8d33eff3f5796d223fbfc50a6755
41d3883aa9d28284fb0126ba7a9273cc99a1110234d05656236a1d47f48bc6ad
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
43c50cfe0d8112aaea57c3a80283fcaf3f684212adeb9fea8c86124f68a2b034
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a077881c14b7c51d1d9f57a0ec62bf3fe3387507ba33a8829aa7e759547d0d
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
46c24a74fd9c6d3dff6de560d83d1a236d8efbe572856bd4b87e9b70c18cc7aa
474734b277464f83b5452bd98d0ef9f206b3b4551fe49545ad0b5724984985f4
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
4883a9a1f8591ef76adf1befe3820d2887fd83ff276c316fedadd59950a41936
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
4a82b1e600a22132ad30b88a2e9c0f824ba21f49f7eeb0475d28b27050d3d313
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fddec1cb13ee6848cce386a733d405fff2be9ab4d904f55a1d15c7cc84f410d
4feebe232f300c8a94ef2b2fb9407e0ff54e8b4a8005e46a1b0a2017004f8956
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
50fbfb2ffd2a339298bf03368a69530e00886798d5b61d249f4891de4faf5f48
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55829f1932028bc043ece609efdecdc6ca7ca57d7a4ebdc9aaafd3275a076aa2
565688bca854313e25a6e9e964b235928978f3d20f272fac2862b1e6795217b6
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
5bc52ae2efcff8d5cf4368185e54aef5fecd6124baf0ffa2f80e8cfd028dae03
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
631ab175f70696c2c2fb9c6826cbbc72afc54c21abe3e81fc919091f45f15c25
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e
65156bcaa1fe980eb789f475e5cd487e57937a4da06bd8dfaaf1bb26022ab779
651e04b0e5647f9e2913196fa892689f13772efe4636cc1bbdad48868f67e1ce
6991e0cfed62971624ec79624afe3f73d6c0f1e21b9b1b1101142e5afcb9a2ad
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c9a29d5877620bf729f6920b50466df6e2635d6cf6a7b3dd7bc7ec4f361bda4
6d6815a002679dd1b83a607c836a7e1503b3fe77b1fcb4c750f2a0827f5971de
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
70e1f378dce1c2bb10293068e8721acf9c9418d21b317134ae3b20cbee3f4cc0
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
74f60c324e2f2e0913976852b4c819b0115b13db7cd550b573160242f949ed32
78721611721c4d732fc10d6806820044186a704532e03af2286f879566e1a64a
791d0e0b37209bb769892b253cb3861506cd457954d87d1f1faa37aaac8c3e3e
7a3fd0236cc000c9d995c15cc1282d2037b96a25bea3884b1c3361415095fe4e
7b226b4f249570f824476853dbf0dfa51000fb57f77b9d5b6d08b00d9e66287e
7b6da29f2d07f722c235dbc2e863438a940363978df2a27aa916076009f18107
7e60bd707e39b81454a566ba6c346eef3ec0f0036fd846396a4e5678245759c9
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fa9b568619b823bdf222d00cf4bb00f294b479cb430bd7de8ec5dc79df80458
8233a50176fde7ecadc3a692924bebad2dafa9855ac6f1b681107c1c4052ed99
825dd9c79e406e55fff5d1d95a18b17f42439e274fc0729a2170d342b6e6688d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f75f337b74c4a413db1be31f0b1f1259e886e7bca9ae820257fd024dda352
848c1e69c0c7c9d75f4300302561e43e0dd4df7f6bf1baa258ff4c173a6e1d8b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
85d626fbad5bd67c566f537258a2811cf81e6e39391984163ffe7053ebe9a9b5
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89ce08431545cd3c6d42419d99ee0152027a68c1d0c7c82838cc9a51d9d52451
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91c9c25a5fc5d0be5180021aef99fef255a05478f67ff50873d66c1c298175fd
945a9ab4018c188e6bb853ae7361bc62ab1a0074146f910616e2402d67805099
956a23e85d7465a01dc83ce1c54e909fa9f610cc75399006918aafe1377bde0b
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d379f9f5e11b8e17b64c816166e4ecdfef61fc9b84448d59e75b9030b1898a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e66d7e272030aa1b598aafda6d1afc93dd2d620680e20318ba1a88c61519aeb
9e99d327f3a270d9b5510b8429133aaaeed2eda89c5a7ba34e9e62a8a8773e5e
9f43639622c31cfd9cd5c8ffc722bbe10e709d6750b17bcdd51de513a2c9abb5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a355508d811ac666d1b61e566f7f1daf5d39b8915c036b271f14a4cfb9247ac3
a3f65c4ded25c41692a93d255c063e9a478cbeb1c9683d7afe976d58b8ab8117
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6e347849fcdd20b50f4739e37a893d547cb5bd7917ddd2ffcabadb7926b033b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac4bb6d11eb6bc2f873df517370ccaa3e31a0dacbf5b217e28ab97f1eed53a57
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b4e0209031bde921d5fcf191c13828c890903e1d8affb3d7f3e23d4abd05e10c
b813e47b551a74f55e504ad2e4a7fdb97ee55a9497486ffa61f4dfc34e6fd338
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba4ee88890449f37c9b1c0a8dc29b0e987bd7db6b26f800d4ecc949693754300
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb66dbe2867f4bd08186615c104fefef105858870dd23550d3fd33100115f4e9
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f
bbf048cffadb2648cadafc60bd1030ba3fa1387aa3fdce91e1ed247bc34db85f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bdcea25ad7f9af5f4e8c55fce64efa20c6c5247c98e3ef68e8b22e1998b589fd
be3ba2f86654b73dda7d39ed448c90628092498372215fffe2281e0b587a62dc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3b810d8a24fe204f9bd515333f3f37dcda69917eed7afbad854b1530c25cd4d
c5d37752d029a3b7774a68f5cbb95c2e5848db7628310f4e127d1252217ec555
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a5378ce5e088624062511aeb87322369b71ff80b3a0018e8b8870a6651b006
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d161b7fb6e8f42456905b11bd152eefb9b1bc3adae6c2789fcf8726c6d8f63ae
d245062904454fb96fc264e624502420ddf8f3054aa4f6a0a9b1a8fc707eb7e1
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d433ddc9c0a7779dcb51d6da3f0f07648e7c280f42049739ead6e61ff3cd69ea
d4f678808dd71ac4133e0324e1a16f1c53cdb25fcebb7354de45855805bab207
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d8451658212fa322600a440231c41417b6c076f939653bbf7ce7ecd908cffff9
d85851fa73efc7421749bd4a8944342270ed6a0d7a9bbbbab2c2f7eecdbb10be
d8cb0154ea3380833673e42c71e42f786039c2d5eec4cc051a067ea72a66ef35
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daf007806619b808de47d0b1735acfe92fe54cae691e90e78d1ca9f6b6df4595
dd3069487cdc9b19adfb0fc4d4aba2d6d905ad6e9a1e448257e197c416d2f599
de2c2632a701dceea693a7879d2512a476d91b956dd444122b9b586dd787ec9b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e6d5119257b72182ac88d19da4a2243144ed49122c36d85618c3e1277440ed5d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eaf0cb2cce23fb64628443591887896fbc1d77d8ce04a65db65135893699ab2c
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ec7cbcb312411e6c0f7bfc0c83543804cee6ce8709d54018422f8730af889f58
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efef1440417e9b82173f037d7d05be925755e996c96fbbecd49eec673a61b0bf
efeff45093bcfc7480a5771ab8c7c46710f1dcb5b1b01e932d4574ed3fa42949
f3254b3418951b4d799c8eead9a0ad00d041d18b3bc58efbee8a37531eea2410
f3d66b78ca0c93adf48dec8533da3c4db538cc648dc60e383d5fd0b666859206
f47791c121ec873a509ee4409bf127acdf94a18648a4eea2db9f07f901c8a252
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea
f5fe83ce0baca21e55adaadccced1011736de94ff8911a06e4aa88af1c0f73ea
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
f8eb27e82f953c813b41d3c6a316c6cf784cf2fe69788e7e1864b5ad15c5019b
fa9494d1f2a92faaac34f984489d5314b5f92f766cc521c9bd269005257a113d
fac892803ed75bf8ad547033fbcccc6afc4cf812d9ae31b6d7d11510254f76e8
fc0d091fc39a5c99b48a73a0bf8e5d685cf3b7533465ccad69f99a18c77b29f9
fd44dc96cf769020ece91868865b99ef2aa8478541bad13b64153bcf502a3bd6
fe8164494a25e115a1c3e7dde549dab0070c5761d640befb348bc039d07bac22
ffbb9f971ad01196bd12b2dfe196164919f9afc0840809345a57515edc8d757b
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0