urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Submission: On January 11 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 12 countries across 144 domains to perform 976 HTTP transactions. The main IP is 104.20.60.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 85367.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 4th 2023. Valid for: a year.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.60.209 13335 (CLOUDFLAR...)
4 142.250.31.95 15169 (GOOGLE)
34 104.26.13.6 13335 (CLOUDFLAR...)
10 104.18.20.206 13335 (CLOUDFLAR...)
2 142.251.111.97 15169 (GOOGLE)
2 4 172.253.122.105 15169 (GOOGLE)
6 142.251.16.94 15169 (GOOGLE)
8 72 172.253.63.155 15169 (GOOGLE)
3 25 172.64.146.152 13335 (CLOUDFLAR...)
1 99.84.252.87 16509 (AMAZON-02)
1 13.249.98.27 16509 (AMAZON-02)
7 142.251.163.94 15169 (GOOGLE)
39 34.160.152.31 396982 (GOOGLE-CL...)
3 34.110.189.112 396982 (GOOGLE-CL...)
2 34.111.152.239 396982 (GOOGLE-CL...)
1 3 18.173.166.7 16509 (AMAZON-02)
5 172.253.122.101 15169 (GOOGLE)
1 18.64.174.3 16509 (AMAZON-02)
2 11 142.251.16.149 15169 (GOOGLE)
1 23.204.77.79 16625 (AKAMAI-AS)
25 142.251.163.155 15169 (GOOGLE)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 1 104.26.9.50 13335 (CLOUDFLAR...)
1 104.22.74.216 13335 (CLOUDFLAR...)
1 13.249.98.32 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 104.26.2.70 13335 (CLOUDFLAR...)
1 104.22.53.173 13335 (CLOUDFLAR...)
3 108.157.168.203 16509 (AMAZON-02)
2 13.32.87.78 16509 (AMAZON-02)
1 34.102.146.192 ()
1 34.96.70.87 ()
2 104.22.53.86 13335 (CLOUDFLAR...)
1 151.101.129.229 ()
1 18.64.174.91 16509 (AMAZON-02)
1 2 18.239.225.7 16509 (AMAZON-02)
7 23 172.64.151.101 13335 (CLOUDFLAR...)
2 2 54.152.0.153 ()
19 21 15.197.193.217 16509 (AMAZON-02)
5 5 50.116.194.21 6336 (TURN-US-ASN)
7 16 52.223.22.214 16509 (AMAZON-02)
10 10 68.67.161.208 29990 (ASN-APPNEX)
25 26 69.194.240.13 26120 (RHYTHMONE)
1 19 104.18.41.104 13335 (CLOUDFLAR...)
1 1 23.105.12.158 30633 (LEASEWEB-...)
3 3 23.205.2.235 16625 (AKAMAI-AS)
8 23.62.165.176 16625 (AKAMAI-AS)
22 22 67.202.105.23 32748 (STEADFAST)
1 4 67.202.105.31 32748 (STEADFAST)
8 23.204.76.201 16625 (AKAMAI-AS)
1 1 198.148.27.131 ()
8 8 35.214.142.250 15169 (GOOGLE)
2 5 52.204.91.144 14618 (AMAZON-AES)
1 1 54.163.157.65 14618 (AMAZON-AES)
2 3 63.251.28.134 13789 (INTERNAP-...)
9 34.203.113.223 14618 (AMAZON-AES)
2 2 54.80.204.71 14618 (AMAZON-AES)
1 1 159.203.147.11 14061 (DIGITALOC...)
2 2 69.166.1.35 27630 (AS-XFERNET)
2 3 52.71.125.247 14618 (AMAZON-AES)
1 142.234.204.77 396362 (LEASEWEB-...)
2 11 34.98.64.218 396982 (GOOGLE-CL...)
2 2 23.215.200.26 16625 (AKAMAI-AS)
19 39 172.253.122.155 15169 (GOOGLE)
1 3.131.10.225 16509 (AMAZON-02)
1 108.157.162.92 16509 (AMAZON-02)
1 23.43.238.38 16625 (AKAMAI-AS)
47 142.251.167.132 15169 (GOOGLE)
16 142.251.167.156 15169 (GOOGLE)
2 3.226.158.19 ()
1 16 172.67.23.234 13335 (CLOUDFLAR...)
1 192.184.68.166 14618 (AMAZON-AES)
1 23.194.228.145 16625 (AKAMAI-AS)
2 13.249.96.211 16509 (AMAZON-02)
10 11 35.211.178.172 15169 (GOOGLE)
2 2 172.240.127.130 7979 (SERVERS-COM)
12 34.117.239.71 396982 (GOOGLE-CL...)
11 11 3.225.218.10 14618 (AMAZON-AES)
14 34.107.140.113 396982 (GOOGLE-CL...)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 11 8.28.7.81 62713 (AS-PUBMATIC)
16 142.250.31.156 15169 (GOOGLE)
2 3 63.251.86.49 32475 (SINGLEHOP...)
1 11 63.251.86.51 10913 (INTERNAP-BLK)
2 18.235.26.124 14618 (AMAZON-AES)
15 20 68.67.160.132 29990 (ASN-APPNEX)
1 23.220.120.23 16625 (AKAMAI-AS)
1 23.62.230.196 20940 (AKAMAI-ASN1)
2 74.119.119.131 19750 (AS-CRITEO)
3 34.120.63.153 396982 (GOOGLE-CL...)
2 18.173.166.107 16509 (AMAZON-02)
2 34.160.128.112 15169 (GOOGLE)
1 34.95.113.183 396982 (GOOGLE-CL...)
3 104.16.119.60 13335 (CLOUDFLAR...)
1 23.212.251.26 20940 (AKAMAI-ASN1)
1 69.175.41.32 32475 (SINGLEHOP...)
3 54.147.254.41 14618 (AMAZON-AES)
1 209.204.232.140 27381 (CASALE-MEDIA)
6 23.222.5.74 20940 (AKAMAI-ASN1)
2 34.238.95.105 14618 (AMAZON-AES)
2 69.20.43.192 27357 (RACKSPACE)
13 20 69.173.151.100 26667 (RUBICONPR...)
1 2 104.96.165.48 16625 (AKAMAI-AS)
1 3.81.176.252 14618 (AMAZON-AES)
3 104.18.127.192 13335 (CLOUDFLAR...)
1 1 213.19.162.80 3356 (LEVEL3)
1 1 54.89.198.103 14618 (AMAZON-AES)
2 2 82.145.213.8 39832 (NO-OPERA)
8 142.251.167.149 15169 (GOOGLE)
5 5 8.43.72.98 26667 (RUBICONPR...)
1 1 192.184.68.134 14618 (AMAZON-AES)
1 1 8.2.110.134 46636 (NATCOWEB)
1 8.2.111.13 46636 (NATCOWEB)
1 162.248.18.36 62713 (AS-PUBMATIC)
3 3 69.90.254.78 13768 (COGECO-PEER1)
1 174.137.133.49 27257 (WEBAIR-IN...)
3 8 35.186.193.173 15169 (GOOGLE)
1 1 20.237.30.240 8075 (MICROSOFT...)
8 34.117.228.201 396982 (GOOGLE-CL...)
1 104.22.5.69 13335 (CLOUDFLAR...)
1 23.204.76.188 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 1 35.207.24.140 15169 (GOOGLE)
2 13.107.42.14 8068 (MICROSOFT...)
2 6 44.215.192.137 14618 (AMAZON-AES)
1 23.40.207.42 20940 (AKAMAI-ASN1)
2 2 52.23.23.251 14618 (AMAZON-AES)
5 74.119.119.150 19750 (AS-CRITEO)
6 6 173.231.178.115 32475 (SINGLEHOP...)
44 8.28.7.83 62713 (AS-PUBMATIC)
6 6 52.5.202.159 14618 (AMAZON-AES)
5 5 54.146.92.239 14618 (AMAZON-AES)
8 12 34.111.113.62 396982 (GOOGLE-CL...)
9 8.28.7.84 62713 (AS-PUBMATIC)
6 6 216.34.207.201 3561 (CENTURYLI...)
5 5 185.167.164.39 198622 (ADFORM)
2 2 54.90.95.251 14618 (AMAZON-AES)
6 6 35.236.220.17 396982 (GOOGLE-CL...)
1 1 44.215.45.69 14618 (AMAZON-AES)
1 104.18.36.155 13335 (CLOUDFLAR...)
6 6 74.121.140.211 30419 (MEDIAMATH...)
2 104.16.201.63 13335 (CLOUDFLAR...)
9 195.244.31.10 63140 (IGUANA-WO...)
1 108.157.162.29 16509 (AMAZON-02)
1 1 45.137.176.88 60350 (VP)
1 2 34.193.251.250 14618 (AMAZON-AES)
1 1 216.219.92.22 19318 (IS-AS-1)
4 195.5.165.20 44968 (IPROM-AS)
5 162.55.120.196 24940 (HETZNER-AS)
6 6 23.58.232.192 16625 (AKAMAI-AS)
3 6 34.199.242.225 14618 (AMAZON-AES)
3 54.90.34.250 14618 (AMAZON-AES)
3 52.3.191.88 14618 (AMAZON-AES)
3 3 64.227.64.62 14061 (DIGITALOC...)
1 13.32.87.86 16509 (AMAZON-02)
2 104.16.94.114 13335 (CLOUDFLAR...)
2 162.19.138.120 16276 (OVH)
1 141.95.98.64 16276 (OVH)
1 52.40.119.126 16509 (AMAZON-02)
1 18.239.225.17 16509 (AMAZON-02)
1 18.64.174.54 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
1 172.240.155.108 ()
1 2 23.105.12.173 ()
1 34.120.107.143 ()
976 128
1    104.20.60.209 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
4    142.250.31.95 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net
fonts.googleapis.com
34    104.26.13.6 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
10    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    142.251.111.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
4    172.253.122.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f105.1e100.net
www.google.com
6    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
www.gstatic.com
72    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
25    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
cks.connatix.com
ck.connatix.com
1    99.84.252.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-252-87.mia3.r.cloudfront.net
ecdn.analysis.fi
1    13.249.98.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-98-27.mia3.r.cloudfront.net
ecdn.firstimpression.io
7    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
fonts.gstatic.com
39    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
3    34.110.189.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.189.110.34.bc.googleusercontent.com
functionalfeather.com
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
3    18.173.166.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-166-7.mia3.r.cloudfront.net
sb.scorecardresearch.com
5    172.253.122.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f101.1e100.net
www.google-analytics.com
1    18.64.174.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-174-3.mia3.r.cloudfront.net
static.adsafeprotected.com
11    142.251.16.149 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f149.1e100.net
ad.doubleclick.net
1    23.204.77.79 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-77-79.deploy.static.akamaitechnologies.com
widgets.outbrain.com
25    142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
bid.g.doubleclick.net
ade.googlesyndication.com
2    172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    104.26.9.50 (None, )

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    13.249.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-98-32.mia3.r.cloudfront.net
cdn.firstimpression.io
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    104.22.53.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
3    108.157.168.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-168-203.mia3.r.cloudfront.net
c.amazon-adsystem.com
2    13.32.87.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-87-78.mia3.r.cloudfront.net
tags.crwdcntrl.net
1    34.102.146.192 (None, )

ASN- ()
oa.openxcdn.net
1    34.96.70.87 (None, )

ASN- ()
invstatic101.creativecdn.com
2    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    151.101.129.229 (None, )

ASN- ()
cdn.jsdelivr.net
1    18.64.174.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-174-91.mia3.r.cloudfront.net
api.intentiq.com
2    18.239.225.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-225-7.mia3.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
23    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    54.152.0.153 (None, )

ASN- ()
match.prod.bidr.io
21    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
16    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
10    68.67.161.208 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
26    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
19    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    23.105.12.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
3    23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.62.165.176 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-165-176.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
22    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
4    67.202.105.31 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
8    23.204.76.201 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-76-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    198.148.27.131 (None, )

ASN- ()
bh.contextweb.com
8    35.214.142.250 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 250.142.214.35.bc.googleusercontent.com
csync.loopme.me
5    52.204.91.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-91-144.compute-1.amazonaws.com
ads.yieldmo.com
1    54.163.157.65 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-157-65.compute-1.amazonaws.com
connatix-supply-partners.tremorhub.com
3    63.251.28.134 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
9    34.203.113.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-113-223.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
2    54.80.204.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-204-71.compute-1.amazonaws.com
vop.sundaysky.com
1    159.203.147.11 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
2    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    52.71.125.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-125-247.compute-1.amazonaws.com
match.sharethrough.com
1    142.234.204.77 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
xsync.iqzone.com
11    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    23.215.200.26 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-200-26.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
39    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
cm.g.doubleclick.net
1    3.131.10.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-10-225.us-east-2.compute.amazonaws.com
tag.escalated.io
1    108.157.162.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-162-92.mia3.r.cloudfront.net
config.aps.amazon-adsystem.com
1    23.43.238.38 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-238-38.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
47    142.251.167.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
tpc.googlesyndication.com
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
16    142.251.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net
www.googletagservices.com
2    3.226.158.19 (None, )

ASN- ()
bcp.crwdcntrl.net
16    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
p.ad.gt
ids.ad.gt
1    192.184.68.166 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
1    23.194.228.145 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-194-228-145.deploy.static.akamaitechnologies.com
s.ntv.io
2    13.249.96.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-96-211.mia3.r.cloudfront.net
aax.amazon-adsystem.com
11    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    172.240.127.130 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
12    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
11    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
14    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
11    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
16    142.250.31.156 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
www.googleadservices.com
3    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
11    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
2    18.235.26.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-26-124.compute-1.amazonaws.com
cs.yellowblue.io
20    68.67.160.132 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    23.220.120.23 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-120-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.62.230.196 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-230-196.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
2    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    18.173.166.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-166-107.mia3.r.cloudfront.net
cdn.browsiprod.com
2    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
1    34.95.113.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.113.95.34.bc.googleusercontent.com
ox-rtb-us-east4.openx.net
3    104.16.119.60 (None, )

ASN13335 (CLOUDFLARENET, US)
static.polarcdn.com
1    23.212.251.26 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-251-26.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    69.175.41.32 (Park Ridge, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
vap3ord1.lijit.com
3    54.147.254.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-254-41.compute-1.amazonaws.com
protected-by.clarium.io
1    209.204.232.140 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a1008.casalemedia.com
6    23.222.5.74 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-74.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
2    34.238.95.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-95-105.compute-1.amazonaws.com
reports.intentiq.com
2    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
20    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    104.96.165.48 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-165-48.deploy.static.akamaitechnologies.com
sync.teads.tv
1    3.81.176.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-176-252.compute-1.amazonaws.com
partners.tremorhub.com
3    104.18.127.192 (None, )

ASN13335 (CLOUDFLARENET, US)
polarcdn-terrax.com
1    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    54.89.198.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-198-103.compute-1.amazonaws.com
aorta.clickagy.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
8    142.251.167.149 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f149.1e100.net
s0.2mdn.net
5    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    192.184.68.134 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
1    162.248.18.36 (United States)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
3    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
8    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    20.237.30.240 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.temu.com
8    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
1    104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    23.204.76.188 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-76-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    44.215.192.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-192-137.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
1    23.40.207.42 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-42.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    52.23.23.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-23-251.compute-1.amazonaws.com
ads.creative-serving.com
5    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
6    173.231.178.115 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
44    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    52.5.202.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-202-159.compute-1.amazonaws.com
pm.w55c.net
5    54.146.92.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-92-239.compute-1.amazonaws.com
sync.srv.stackadapt.com
12    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
9    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
6    216.34.207.201 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: ric11-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
5    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    54.90.95.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-95-251.compute-1.amazonaws.com
i.liadm.com
6    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    44.215.45.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-45-69.compute-1.amazonaws.com
um4.eqads.com
1    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
6    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    104.16.201.63 (None, )

ASN13335 (CLOUDFLARENET, US)
polarcdn-pentos.com
9    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
1    108.157.162.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-162-29.mia3.r.cloudfront.net
api-2-0.spot.im
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
2    34.193.251.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-251-250.compute-1.amazonaws.com
jadserve.postrelease.com
1    216.219.92.22 (United States)

ASN19318 (IS-AS-1, US)
inv-nets.admixer.net
4    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
5    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
6    23.58.232.192 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-232-192.deploy.static.akamaitechnologies.com
px.owneriq.net
6    34.199.242.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-242-225.compute-1.amazonaws.com
thrtle.com
3    54.90.34.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-34-250.compute-1.amazonaws.com
crb.kargo.com
3    52.3.191.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-191-88.compute-1.amazonaws.com
sync.bfmio.com
3    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    13.32.87.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-87-86.mia3.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
2    104.16.94.114 (None, )

ASN13335 (CLOUDFLARENET, US)
customer-pp0t2fahc1hu8o6o.cloudflarestream.com
2    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    52.40.119.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-119-126.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    18.239.225.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-225-17.mia3.r.cloudfront.net
yield-manager.browsiprod.com
1    18.64.174.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-174-54.mia3.r.cloudfront.net
rules.quantcount.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    172.240.155.108 (None, )

ASN- ()
sync.colossusssp.com
2    23.105.12.173 (None, )

ASN- ()
sync.smartadserver.com
1    34.120.107.143 (None, )

ASN- ()
oajs.openx.net
Apex Domain
Subdomains		 Transfer
98 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 360
2 MB
96 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 199
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
bid.g.doubleclick.net — Cisco Umbrella Rank: 1354
560 KB
75 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 811
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
image6.pubmatic.com — Cisco Umbrella Rank: 1215
image8.pubmatic.com Failed
st.pubmatic.com — Cisco Umbrella Rank: 1676
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
image2.pubmatic.com Failed
image4.pubmatic.com — Cisco Umbrella Rank: 2201
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
126 KB
49 pub.network
a.pub.network — Cisco Umbrella Rank: 7078
d.pub.network — Cisco Umbrella Rank: 7325
c.pub.network — Cisco Umbrella Rank: 7082
392 KB
44 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 5110
cds.connatix.com — Cisco Umbrella Rank: 5665
capi.connatix.com — Cisco Umbrella Rank: 1732
ins.connatix.com Failed
cks.connatix.com — Cisco Umbrella Rank: 9729
ck.connatix.com — Cisco Umbrella Rank: 53155
vid.connatix.com Failed
377 KB
37 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
eus.rubiconproject.com — Cisco Umbrella Rank: 951
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2989
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
69 KB
34 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
events-ssc.33across.com — Cisco Umbrella Rank: 2724
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 10658
14 KB
34 bleepstatic.com
www.bleepstatic.com — Cisco Umbrella Rank: 257560
622 KB
31 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356 Failed
acdn.adnxs.com — Cisco Umbrella Rank: 957
51 KB
25 casalemedia.com
ssum.casalemedia.com
a1008.casalemedia.com — Cisco Umbrella Rank: 372657
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
18 KB
21 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
9 KB
18 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
10 KB
17 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
c2shb.pubgw.yahoo.com Failed
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
6 KB
17 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
a.ad.gt — Cisco Umbrella Rank: 2414
p.ad.gt — Cisco Umbrella Rank: 2978
ids.ad.gt — Cisco Umbrella Rank: 2233
74 KB
16 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
pxdrop.lijit.com — Cisco Umbrella Rank: 5655
vap3ord1.lijit.com — Cisco Umbrella Rank: 50457
19 KB
16 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
16 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
840 KB
16 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
tlx.3lift.com Failed
7 KB
15 openx.net
us-u.openx.net — Cisco Umbrella Rank: 930
rtb.openx.net — Cisco Umbrella Rank: 1007 Failed
ox-rtb-us-east4.openx.net — Cisco Umbrella Rank: 8030
u.openx.net — Cisco Umbrella Rank: 1108
oajs.openx.net
3 KB
14 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 726
rtb0.doubleverify.com — Cisco Umbrella Rank: 1489
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 5325
tps.doubleverify.com — Cisco Umbrella Rank: 815
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 3051
152 KB
14 t13.io
s2s.t13.io — Cisco Umbrella Rank: 3010
64 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
146 KB
12 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
3 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
5 KB
11 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3407
cs.yellowblue.io — Cisco Umbrella Rank: 2654
6 KB
9 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 28696
4 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
639 KB
8 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
2 KB
8 ctnsnet.com
i.ctnsnet.com Failed
ius.ctnsnet.com — Cisco Umbrella Rank: 14785
cm.ctnsnet.com — Cisco Umbrella Rank: 6228
ipac.ctnsnet.com — Cisco Umbrella Rank: 7580
2 KB
8 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
4 KB
6 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
2 KB
6 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3952
4 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
4 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
4 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
4 KB
6 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
3 KB
6 dotomi.com
33across-match.dotomi.com Failed
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
casale-match.dotomi.com — Cisco Umbrella Rank: 6434
2 KB
6 media.net
cs.media.net — Cisco Umbrella Rank: 1972
prebid.media.net — Cisco Umbrella Rank: 1682 Failed
contextual.media.net — Cisco Umbrella Rank: 1093
hbx.media.net — Cisco Umbrella Rank: 1982
18 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923 Failed
79 KB
5 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 12362
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
3 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
5 KB
5 criteo.com
gum.criteo.com Failed
bidder.criteo.com Failed
dis.criteo.com — Cisco Umbrella Rank: 943
2 KB
5 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
2 KB
5 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2042
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com — Cisco Umbrella Rank: 2959
reports.intentiq.com — Cisco Umbrella Rank: 7127
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
4 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8481
1 KB
4 browsiprod.com
cdn.browsiprod.com — Cisco Umbrella Rank: 10701
events.browsiprod.com — Cisco Umbrella Rank: 9291
yield-manager.browsiprod.com — Cisco Umbrella Rank: 10295
85 KB
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2424
hde.tynt.com — Cisco Umbrella Rank: 4884
10 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
58 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net
25 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1738
api.btloader.com — Cisco Umbrella Rank: 1905
96 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 6
385 B
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
imasdk.googleapis.com Failed
4 KB
3 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435
2 KB
3 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
1 KB
3 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1708
1 KB
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2278
2 KB
3 polarcdn-terrax.com
polarcdn-terrax.com — Cisco Umbrella Rank: 16700
8 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2370
730 B
3 polarcdn.com
static.polarcdn.com — Cisco Umbrella Rank: 22359
403 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
btlr.sharethrough.com Failed
780 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
2 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
sync.smartadserver.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
3 KB
3 functionalfeather.com
functionalfeather.com — Cisco Umbrella Rank: 67480
24 KB
2 cloudflarestream.com
customer-pp0t2fahc1hu8o6o.cloudflarestream.com — Cisco Umbrella Rank: 46864
67 KB
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
1 KB
2 polarcdn-pentos.com
polarcdn-pentos.com — Cisco Umbrella Rank: 22120
896 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 8090
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com Failed
2 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1758
1 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 3736
617 B
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 8039
5 KB
2 teads.tv
a.teads.tv Failed
sync.teads.tv — Cisco Umbrella Rank: 2019
628 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
62 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2456
2 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
cms.quantserve.com — Cisco Umbrella Rank: 1348
10 KB
2 iqzone.com
xsync.iqzone.com — Cisco Umbrella Rank: 11888
cs.iqzone.com — Cisco Umbrella Rank: 8877
851 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
1 KB
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 5077
1 KB
2 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 24267
partners.tremorhub.com — Cisco Umbrella Rank: 2179
600 B
2 bidr.io
match.prod.bidr.io
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1774
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2295
103 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 8134
6 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 33918
cdn.firstimpression.io — Cisco Umbrella Rank: 32291
101 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
143 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
284 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5299
200 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2711
577 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2147
770 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3351
455 B
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 4643
271 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
650 B
1 temu.com
www.temu.com — Cisco Umbrella Rank: 3942
512 B
1 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932 Failed
291 B
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 18203
233 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4580
588 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 3645
428 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3016
296 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 5818
175 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 43533
31 KB
1 colossusssp.com
sync.colossusssp.com Failed
176 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 4209
418 B
1 contextweb.com
bh.contextweb.com
860 B
1 jsdelivr.net
cdn.jsdelivr.net
897 B
1 creativecdn.com
invstatic101.creativecdn.com
creativecdn.com Failed
1 KB
1 openxcdn.net
oa.openxcdn.net
8 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2313
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 11609
447 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2247
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 988
481 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 39298
2 KB
1 bleepingcomputer.com
www.bleepingcomputer.com — Cisco Umbrella Rank: 85367
16 KB
0 linksynergy.com Failed
tags.rd.linksynergy.com Failed
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 4814 Failed
0 company-target.com Failed
s.company-target.com Failed
0 mxptint.net Failed
pmp.mxptint.net Failed
0 adentifi.com Failed
rtb.adentifi.com Failed
0 antigena.com Failed
us01.z.antigena.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 clickcertain.com Failed
a.clickcertain.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 adingo.jp Failed
cc.adingo.jp Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 a-mo.net Failed
prebid.a-mo.net Failed
0 polarcdn-engine.com Failed
polarcdn-engine.com Failed
0 atdmt.com Failed
ad.atdmt.com Failed
0 moatads.com Failed
z.moatads.com Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
0 rlcdn.com Failed
id.rlcdn.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
976 144
Domain Requested by
50 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
bid.g.doubleclick.net
s0.2mdn.net
44 simage2.pubmatic.com ads.pubmatic.com
ce.lijit.com
44 tpc.googlesyndication.com googleads.g.doubleclick.net
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
www.bleepingcomputer.com
ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
39 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
www.bleepingcomputer.com
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
eb2.3lift.com
ads.yieldmo.com
blank
34 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
26 c.pub.network a.pub.network
22 ssc-cms.33across.com 22 redirects
22 capi.connatix.com 2 redirects www.bleepingcomputer.com
cds.connatix.com
hde.tynt.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
22 googleads.g.doubleclick.net 8 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bleepingcomputer.com
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
21 match.adsrvr.org 19 redirects a.pub.network
20 ib.adnxs.com a.pub.network
googleads.g.doubleclick.net
eb2.3lift.com
acdn.adnxs.com
19 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
www.bleepingcomputer.com
www.googletagservices.com
cds.connatix.com
18 sync.1rx.io 17 redirects www.bleepingcomputer.com
16 www.googleadservices.com www.bleepingcomputer.com
16 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
www.googletagservices.com
www.bleepingcomputer.com
ad.doubleclick.net
16 eb2.3lift.com 7 redirects a.pub.network
eb2.3lift.com
ads.pubmatic.com
15 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
15 cks.connatix.com 1 redirects blank
www.bleepingcomputer.com
14 s2s.t13.io a.pub.network
blank
www.bleepingcomputer.com
ce.lijit.com
ssum-sec.casalemedia.com
visitor.omnitagjs.com
de.tynt.com
13 d.pub.network www.bleepingcomputer.com
a.pub.network
12 pixel.tapad.com 8 redirects ads.pubmatic.com
ads.yieldmo.com
ce.lijit.com
11 ce.lijit.com 1 redirects a.pub.network
ce.lijit.com
www.bleepingcomputer.com
ads.pubmatic.com
11 image6.pubmatic.com 2 redirects ads.pubmatic.com
11 ups.analytics.yahoo.com 11 redirects
11 x.bidswitch.net 10 redirects blank
11 us-u.openx.net 2 redirects www.bleepingcomputer.com
googleads.g.doubleclick.net
ads.pubmatic.com
de.tynt.com
11 ad.doubleclick.net 2 redirects www.bleepingcomputer.com
www.googletagservices.com
10 token.rubiconproject.com 7 redirects eus.rubiconproject.com
10 pixel.rubiconproject.com 6 redirects googleads.g.doubleclick.net
www.bleepingcomputer.com
10 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
de.tynt.com
10 secure.adnxs.com 10 redirects
10 a.pub.network www.bleepingcomputer.com
a.pub.network
securepubads.g.doubleclick.net
8 s0.2mdn.net ce.lijit.com
ad.doubleclick.net
www.bleepingcomputer.com
s0.2mdn.net
8 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
8 cs-server-s2s.yellowblue.io cds.connatix.com
cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
8 csync.loopme.me 8 redirects
8 ads.pubmatic.com cds.connatix.com
hde.tynt.com
ce.lijit.com
www.bleepingcomputer.com
a.pub.network
ads.pubmatic.com
8 eus.rubiconproject.com cds.connatix.com
hde.tynt.com
cs-server-s2s.yellowblue.io
eus.rubiconproject.com
a.pub.network
visitor.omnitagjs.com
8 sync.targeting.unrulymedia.com 8 redirects
7 ids.ad.gt 1 redirects www.bleepingcomputer.com
blank
7 simage4.pubmatic.com ads.pubmatic.com
7 fonts.gstatic.com fonts.googleapis.com
6 thrtle.com 3 redirects ads.pubmatic.com
ce.lijit.com
6 px.owneriq.net 6 redirects ads.pubmatic.com
6 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
de.tynt.com
6 sync.mathtag.com 6 redirects
6 um.simpli.fi 6 redirects
6 pm.w55c.net 6 redirects
6 cm.adgrx.com 6 redirects
6 ssum-sec.casalemedia.com 2 redirects www.bleepingcomputer.com
ssum-sec.casalemedia.com
a.pub.network
js-sec.indexww.com
6 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
6 cdn.doubleverify.com www.bleepingcomputer.com
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
cdn.doubleverify.com
s0.2mdn.net
6 www.gstatic.com www.bleepingcomputer.com
googleads.g.doubleclick.net
5 matching.truffle.bid ads.pubmatic.com
5 ipac.ctnsnet.com ads.pubmatic.com
5 c1.adform.net 5 redirects
5 sync.srv.stackadapt.com 5 redirects
5 dis.criteo.com eb2.3lift.com
ads.pubmatic.com
ssum-sec.casalemedia.com
visitor.omnitagjs.com
5 pixel-us-east.rubiconproject.com 5 redirects
5 ads.yieldmo.com 2 redirects a.pub.network
ads.yieldmo.com
5 ad.turn.com 5 redirects ssum-sec.casalemedia.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 cds.connatix.com cd.connatix.com
cds.connatix.com
4 core.iprom.net ads.pubmatic.com
4 tpsc-ue1.doubleverify.com cdn.doubleverify.com
4 pubmatic-match.dotomi.com 4 redirects
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 www.google.com 2 redirects 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
4 fonts.googleapis.com www.bleepingcomputer.com
googleads.g.doubleclick.net
3 match.adsby.bidtheatre.com 3 redirects
3 sync.bfmio.com ads.pubmatic.com
3 crb.kargo.com ads.pubmatic.com
3 visitor.omnitagjs.com a.pub.network
visitor.omnitagjs.com
3 ums.acuityplatform.com 3 redirects
3 polarcdn-terrax.com static.polarcdn.com
www.bleepingcomputer.com
3 protected-by.clarium.io www.bleepingcomputer.com
3 static.polarcdn.com www.bleepingcomputer.com
static.polarcdn.com
3 cs.yellowblue.io cs-server-s2s.yellowblue.io
eus.rubiconproject.com
3 ap.lijit.com 2 redirects visitor.omnitagjs.com
3 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid.media.net a.pub.network
3 match.sharethrough.com 2 redirects www.bleepingcomputer.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 de.tynt.com 1 redirects visitor.omnitagjs.com
a.pub.network
3 secure-assets.rubiconproject.com 3 redirects
3 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
3 api.btloader.com freestar-io.videoplayerhub.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
3 functionalfeather.com a.pub.network
functionalfeather.com
2 sync.smartadserver.com 1 redirects blank
2 cms-xch-chicago.33across.com de.tynt.com
2 id5-sync.com cdn.id5-sync.com
2 customer-pp0t2fahc1hu8o6o.cloudflarestream.com www.bleepingcomputer.com
2 jadserve.postrelease.com 1 redirects s.ntv.io
2 polarcdn-pentos.com static.polarcdn.com
2 casale-match.dotomi.com 2 redirects
2 cm.ctnsnet.com 2 redirects
2 i.liadm.com 2 redirects www.bleepingcomputer.com
2 image4.pubmatic.com ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 px.ads.linkedin.com www.bleepingcomputer.com
eb2.3lift.com
2 js-sec.indexww.com a.pub.network
ssum-sec.casalemedia.com
2 rtb0.doubleverify.com www.bleepingcomputer.com
cdn.doubleverify.com
2 t.adx.opera.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 cs.lkqd.net googleads.g.doubleclick.net
2 reports.intentiq.com a.pub.network
2 api.floors.dev a.pub.network
2 cdn.browsiprod.com a.pub.network
cdn.browsiprod.com
2 static.criteo.net a.pub.network
static.criteo.net
2 hbopenbid.pubmatic.com a.pub.network
2 ads.betweendigital.com 2 redirects
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
ce.lijit.com
2 sync.go.sonobi.com 2 redirects
2 vop.sundaysky.com 2 redirects
2 match.prod.bidr.io 2 redirects www.bleepingcomputer.com
ads.pubmatic.com
ssum-sec.casalemedia.com
visitor.omnitagjs.com
2 ssum.casalemedia.com 2 redirects
2 cdn.id5-sync.com securepubads.g.doubleclick.net
www.bleepingcomputer.com
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
cds.connatix.com
2 ad-delivery.net www.bleepingcomputer.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
2 www.googletagmanager.com www.bleepingcomputer.com
www.googletagmanager.com
1 oajs.openx.net oa.openxcdn.net
1 p.ad.gt a.ad.gt
1 rules.quantcount.com secure.quantserve.com
1 yield-manager.browsiprod.com cdn.browsiprod.com
1 events.browsiprod.com cdn.browsiprod.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 ade.googlesyndication.com 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
cds.connatix.com
1 synchroscript.deliveryengine.adswizz.com ce.lijit.com
1 inv-nets.admixer.net 1 redirects
1 sync.adotmob.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 hbx.media.net 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 um4.eqads.com 1 redirects
1 tps.doubleverify.com cdn.doubleverify.com
1 hb.yahoo.net www.bleepingcomputer.com
1 u.openx.net a.pub.network
1 acdn.adnxs.com a.pub.network
1 ck.connatix.com 1 redirects
1 bid.g.doubleclick.net cdn.doubleverify.com
1 rtbc-ue1.doubleverify.com cdn.doubleverify.com
1 a.ad.gt cdn.hadronid.net
1 www.temu.com 1 redirects
1 ius.ctnsnet.com 1 redirects
1 rtb.mfadsrvr.com www.bleepingcomputer.com
1 rtb2-useast.e-volution.ai 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
1 st.pubmatic.com www.bleepingcomputer.com
1 cs.iqzone.com ce.lijit.com
1 cs.krushmedia.com 1 redirects
1 cms.quantserve.com 1 redirects ssum-sec.casalemedia.com
1 aorta.clickagy.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 a1008.casalemedia.com www.bleepingcomputer.com
1 vap3ord1.lijit.com www.bleepingcomputer.com
1 pxdrop.lijit.com www.bleepingcomputer.com
1 ox-rtb-us-east4.openx.net www.bleepingcomputer.com
1 qsearch-a.akamaihd.net www.bleepingcomputer.com
1 contextual.media.net cs-server-s2s.yellowblue.io
1 rtb.openx.net a.pub.network
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 secure.cdn.fastclick.net www.bleepingcomputer.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 tag.escalated.io ecdn.firstimpression.io
1 sync.colossusssp.com www.bleepingcomputer.com
1 cs.media.net 1 redirects
1 xsync.iqzone.com cds.connatix.com
1 sync.resetdigital.co 1 redirects
1 connatix-supply-partners.tremorhub.com 1 redirects
1 bh.contextweb.com 1 redirects
1 hde.tynt.com cds.connatix.com
1 ssbsync.smartadserver.com 1 redirects ssum-sec.casalemedia.com
visitor.omnitagjs.com
1 sync1.intentiq.com www.bleepingcomputer.com
1 sync.intentiq.com 1 redirects www.bleepingcomputer.com
1 api.intentiq.com a.pub.network
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.hadronid.net a.pub.network
1 cdn.firstimpression.io ecdn.firstimpression.io
1 btloader.com www.bleepingcomputer.com
1 freestar-io.videoplayerhub.com 1 redirects
1 widgets.outbrain.com www.bleepingcomputer.com
1 static.adsafeprotected.com www.bleepingcomputer.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cd.connatix.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 vid.connatix.com Failed cds.connatix.com
0 imasdk.googleapis.com Failed cds.connatix.com
0 tags.rd.linksynergy.com Failed ce.lijit.com
0 sync-dmp.mobtrakk.com Failed visitor.omnitagjs.com
0 cdn.indexww.com Failed ssum-sec.casalemedia.com
0 s.company-target.com Failed ssum-sec.casalemedia.com
0 pmp.mxptint.net Failed ads.pubmatic.com
0 rtb.adentifi.com Failed ads.pubmatic.com
0 us01.z.antigena.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 p.rfihub.com Failed ads.pubmatic.com
0 creativecdn.com Failed ads.pubmatic.com
ssum-sec.casalemedia.com
visitor.omnitagjs.com
0 beacon.lynx.cognitivlabs.com Failed ads.pubmatic.com
0 image2.pubmatic.com Failed ads.pubmatic.com
www.bleepingcomputer.com
0 a.clickcertain.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 cc.adingo.jp Failed 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
0 b1sync.zemanta.com Failed 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
visitor.omnitagjs.com
0 prebid.a-mo.net Failed www.bleepingcomputer.com
0 aax-eu.amazon-adsystem.com Failed www.bleepingcomputer.com
0 polarcdn-engine.com Failed static.polarcdn.com
0 ad.atdmt.com Failed www.bleepingcomputer.com
0 z.moatads.com Failed www.bleepingcomputer.com
0 a.teads.tv Failed a.pub.network
0 onetag-sys.com Failed cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
0 image8.pubmatic.com Failed cs-server-s2s.yellowblue.io
ads.yieldmo.com
visitor.omnitagjs.com
0 s.amazon-adsystem.com Failed c.amazon-adsystem.com
www.bleepingcomputer.com
ads.pubmatic.com
ssum-sec.casalemedia.com
0 g2.gumgum.com Failed a.pub.network
0 tlx.3lift.com Failed a.pub.network
0 bidder.criteo.com Failed a.pub.network
0 btlr.sharethrough.com Failed a.pub.network
0 c2shb.pubgw.yahoo.com Failed a.pub.network
0 33across-match.dotomi.com Failed hde.tynt.com
0 gum.criteo.com Failed a.pub.network
0 id.rlcdn.com Failed www.bleepingcomputer.com
visitor.omnitagjs.com
0 sync.ipredictive.com Failed cds.connatix.com
www.bleepingcomputer.com
ads.pubmatic.com
0 pixel-sync.sitescout.com Failed cds.connatix.com
ce.lijit.com
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
ads.pubmatic.com
ssum-sec.casalemedia.com
de.tynt.com
0 i.ctnsnet.com Failed cds.connatix.com
0 ins.connatix.com Failed cds.connatix.com
976 234

This site contains no links.

Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-04 -
2024-05-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
connatix.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-31		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2023-11-28 -
2024-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
d.pub.network
GTS CA 1D4		 2023-12-03 -
2024-03-02		 3 months crt.sh
functionalfeather.com
R3		 2023-12-28 -
2024-03-27		 3 months crt.sh
optimise.net
GTS CA 1D4		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.escalated.io
Amazon RSA 2048 M01		 2023-04-24 -
2024-05-22		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
s2s.t13.io
GTS CA 1D4		 2024-01-11 -
2024-04-10		 3 months crt.sh
c.pub.network
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.browsiprod.com
Amazon RSA 2048 M03		 2023-12-15 -
2025-01-12		 a year crt.sh
api.floors.dev
GTS CA 1D4		 2024-01-08 -
2024-04-07		 3 months crt.sh
cert2-prod.aut.a24365.net
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2023-10-31 -
2024-12-01		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.lkqd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-07-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2023-10-25 -
2024-11-24		 a year crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-12		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.gobrowsi.com
Amazon RSA 2048 M02		 2023-12-20 -
2025-01-16		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh

This page contains 159 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Frame ID: 314E2548CF3222362C4B3DADDDCCF1A8
Requests: 297 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: 8EA9799FC779137C849473586156FD9B
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 0CAE70120985798C61D6A2A1FFBD2FD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Frame ID: 0E626E9385C1D146B2FC8DF45CDE96DF
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1704990948&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291703&bpp=2&bdt=412&idt=304&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4854219360770&frm=20&pv=1&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=322
Frame ID: 46482AFBCBE10AA828B1283A21F512BF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: 154AEB10D2A6753E760AB18D76DEC8A4
Requests: 20 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Frame ID: EDB1FEC7FD37D28F0D2645BBAAFB5096
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Frame ID: C4EDC7A43EA1E569C9CF381B5FA49D19
Requests: 20 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: B60A0EF9B921598F855FE137373A32F3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0B84851A16BC7C0D935C6BF3970F672F
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 6D81757F10ECC46B52A1A8F0F1211B1A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: BD674E13C32B725E2B0F7C57A37FF0B6
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B500ACE1D684C45E4E34D1678AA4FEE7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF3695B50EB3ABA42EA7AA42FEEAC3CF
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Ogury_rx_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift_n-Outbrain
Frame ID: 2F6B89B502DE45E3CE58D76A2BBAA671
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: E36120B6E46BBFF5AE1F9E2CF401E9AC
Requests: 1 HTTP requests in this frame

Frame: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6AAE2A8A2F88EEF17A69BD51E1252CC0
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Frame ID: 5A57452F52DF555B59B2829861C26239
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 62A1B9A790E64CE3B5A0817AC94A4379
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: DEFD68001D75EE06535B6E6018CCECEC
Requests: 4 HTTP requests in this frame

Frame: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C44F501F87319C34A49B433D5EB608F
Requests: 13 HTTP requests in this frame

Frame: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 092B8F7258F16DB8D827E751266D949D
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDSkNSWLhTlQ4vkMmv-EjYXXpq8bBkAdjWPaQnQQX7esswT0wy16NwcR-5svl7SY42213pui1JRYZXAZEPOsjiGD7QXUpxzm3uYHm2-1zuKrqzBnxo3zs8kYVLdKMaYC2_ZBonmo7W96Xh-X4Tfk6d6m7qFeAeT0Gf2j6qOWPR8jSu-hZv-GOijbh3jcsQZKEzuiXMkDDjEzNC4WIFcaGOLQqOPVxyzL4Z4_QiGGiCBJqvnO1W7d7MqbhEUxXcdlzIp8uUJ8D56QDHv20X9ZA6RBN7MZUC1IIQBsQgG5xq96519gk2DjXpihIe0ct-xFX-V2JZFXz793YFAP1o3Be4cgVOBRlgS6YKt3s8nuLVCPAKCHq-NKakf_GFE2oMTpUkS9-0wmWat6yRKhRmz-VzcMV67gJP78SHMAXkxEOdiVzPBFU&sai=AMfl-YS1tqvJsNry3vRjmk0ortZuekjwodvqeh8mDbBpakvcSKkS0plGtyEhuvHjl0sZDFmqMxqWgVQUM6F9WZ7fE_QD92jtVgWDM6Fk3dOHE1_hqxxZmUoOIqz-DJrE7OE&sig=Cg0ArKJSzKzf1hoJpEGpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9B18E0EC5AEF363FB25B93EBBEC4A994
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvATSG8GxDs4mOuWkmW027KhvwFaLUJe0_rujn0GSlyOrdWrHZhn8SgM3gjU2WfrPpWhaR6BICX18ePTKzTyrtqFfNuidQySmWNpCEq5nfPYV9BlOYznpAWGw-akrZ7hgEI-6tQ8XEtLfXvIEERHAq-HV2TIHgyGsxyWpCDKJ5uFEDsGhT7Etibjm5P7_rEocdUGrjOvyymGHEmYMZR6Wn-dAJXkPZQwzXA1Ff2ZIuFgWYnYyTMyUiPzv39Gwd8naI4ofK5qyJ-qzbfV-lY7YzZxe_xplaj6cXLegfsItj2YuJIFwOqFl4MAjHxmWGyP85DeO_687ugCaxL8JHJQTz4uZefr6s8OKJgBv7Kxm7Poccpqp3tv00KJOqpJ2CFqvE7VK-SNXzrVfdSFmGzoVXY7Qv0_dA7dEWc3zy0-xt0fa1xSu8&sai=AMfl-YRtcXaIJKUXFcxlmxyGKfsj9IZ16vFr7XgFa3Q9FX4bSAplG_hkDJIJ02HpphXg_FCZ-ObIb39UI5gkjYwmhWS6oOYU1dgaG06ZMjZ7NP_nc0rgm4LbIbRgyuU_XsM&sig=Cg0ArKJSzDVASXudUnHrEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 776ECA80C97AF885A8C95B8EB4C36142
Requests: 29 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOtaKRPt5wmwxsLJ1JEihByrHEvnFL1KlwV1UPA9i4yuNai_RwV53hBUrjFPVKd4H-E4JQW7Fvok7Ut7C3qJ-Y6b-tB_ZtF_ULWOapUhyTS34Gh-5zUrGXh6aVl4xThJDFCUbiGP2CRk_5ITZdGIkTXFJRu5cq2_Ph7BQbwCwPiifNjyZJbJD5nvYC6IoTcGjCqWTKazey3mqImVVuvMVe43VVmFVQIiZQKQOwOub25ZtIzBQZyapYAwmx67AK1RmZtXuBzAfw4SPFqHzgg2D92tsSCP0WUkMgWa0D5DCTxH3McGLZiBiQwowRslj8hpf5ivSvG3Nu2tsQQa6VZHEkNg7UBHyyQ3UV-6OE6PGU8pSDIiEW3LEHi0m7OUeQEQA1UjI1ugM7kJZVrdHt1nJ91n5d9WnKTW4oHWMttK0Q2VpLXwg&sai=AMfl-YQ5y27LaXU34wG1qYeYpTRaiYYYKbtF5Y5gN2K9Ke9aBK_M5Qx7iEAABcTpRamLfiuL6AonEnPEotJj0iT6Vhk-f3KWI7Ppbs1cDK7DZnrCjYykH9rfXDUcGb9pnco&sig=Cg0ArKJSzCwatI3fE84yEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8101DF9E6BA76A31BB2C857E9337EC7A
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGPyouIMCMAE&v=APEucNXUGCxVD73vwxjCpTnGdgKhwvW10wX6e-RC2LzCJzx-zGdQUepkcLwOsQNWC66adwTM-CsSvckh-gKdrXWK84YjSnz001j_IlTzvOaRJhCgQEnjwuY
Frame ID: 0DEDAC88B9511FB814207652C81AFFE6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRCM6XEY3JC4-AEwAQ&v=APEucNUrWlCcK8Xk1wgnLG5YaTLDufvjsolweFXjfRBR5xZcPHi0Anx3144P8bkLavG1JbtY0bWH8jA4MzAvIMB2Pb6nebY6Gw
Frame ID: 96035CC24F92E8AE0E64F7B1E17720F5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGNKfuIMCMAE&v=APEucNXKqT3GYq3IWKrt5RSo3PtSV4xtylcMtId4ZGJBt2nV-IN5jhnp3fYphJBDZfNzYG8C-G7d5v051K7hozcFGCLmd-E7wA
Frame ID: B6F1E00E92EE9C96E0DA33CFEFD0362E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRC-4HEY7dHM-AEwAQ&v=APEucNWkO8yQu8ZI8gXULC3o7j719SuLeeABnOjAvNJgN5XpYUuGqYMOYJdJFILYka5tWPNTzePn6hGx7KUCKHtPlWqU2qI91Q
Frame ID: E43BA6AE418B4D2260C41828947B6A4C
Requests: 4 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Frame ID: 19ECEB0ECBA6B17F07CA412EF7F0A4DD
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E76C76F07C970F887E6D384035F01BD9
Requests: 9 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=21f03281-5b83-4670-a0e0-dc15f7542014
Frame ID: 7A69FD4B1D5BC45830D708D5E2830406
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 3B1BCBD07EBAA4B9BD99E96BC3020B92
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: D72C48CBC6427BF6B9AC91E0E42FEC53
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7C760D88282646E854F2E04D7F6A9D25
Requests: 4 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=4682884&imprId=10D0B30C-72B6-4342-9B02-78993E4D3D47&cksum=C429AD2B2C0A6E69&adType=10&adServerId=243&kefact=1.866201&kaxefact=1.866201&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1704995293&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=2.638118&dcId=2&tldId=0&passback=0&svr=BIDNYC30592TD&adsver=_2517529617&adsabzcid=3&cls=BID&i0=0x3100000000000000&ekefact=3SmgZZBLCwCxw0arQ9KrDaLlGiNX8zhQiEIXpxSElDX_99x3&ekaxefact=3SmgZahLCwAZWBTcz_UYMmr-DlmHMAbeC2GMXh4R5ANOR4ZH&ekpbmtpfact=3SmgZb9LCwBSvqKO0R1UkRGDK0ROx57Dne4ZvgKOvjwqDA6L&enpp=3SmgZedLCwDHiJU1bMkXZuHrlGupBjfx_5ZzuBdxxT6x34aI&pfi=1&domId=7543222089094626466&dc=NYC3&pubBuyId=2626&crID=544083922&lpu=bmo.com&ucrid=1137787727744961165&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=236831&wDspId=80&wbId=1&wrId=0&wAdvID=7510&wDspCampId=20704411829&isRTB=1&rtbId=8A4D284D-0945-49D0-ADEA-AAD175FE9B0DB&pmr_m=3SmgZQhMCwC71CQiCiWveIbsCrIg7ZkInj5onsiflSXjDGSW&mdsp=3SmgZR1MCwAysfqE1R7KNXpk4zUbHIlPfPMiRKmT82G9akGw&ver=16&dateHr=2024011117&usrgen=0&usryob=0&layeringebl=1&oid=10D0B30C-72B6-4342-9B02-78993E4D3D47&country=CA&cntryId=40&domain=bleepingcomputer.com&sec=1&pAuSt=3&wops=0&sURL=bleepingcomputer.com&BrID=5
Frame ID: AE0C9460AFCE19F4A4DE637FDCEE4A51
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AFE1F677CA0C674963EA00618E67FC68
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 993600CD87AB19400EEA608D29616CFE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F6188B0B02DBFDA83F2B2D39B393EC23
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 898B7FDC60C023D841B1793ABD41FB77
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1A445BB020EFE00FF3AD736F0EE272C6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: 4DEEDBF80208529D128D1E21BBC6DD19
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 436C6E20F9234D90AC34EE04102D7538
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9D3AF48C406948C13F18E27C2E2841B0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 54BDE5E9D0B7F879DCC5BF5F395B27BB
Requests: 27 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 4107E9ACD877C48701496BCDB53C0011
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5B9F467D19133F803BBC201695395469
Requests: 11 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 2B508A9F0A0E39ABDB585B83EDEFC99C
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D0DDC229DAEC9ED19F45AC08D220AE91
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 118CBBA4DDDE2072F898C580A6EBFBCC
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
Frame ID: BCDDCB1EEC6CA7C95E5E2644D30071F6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Frame ID: 73A3604A3C9DBB56C7E8BC7C173B594D
Requests: 10 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5226.js
Frame ID: 750C58059BE4F6547337187E17ADD42F
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=009A3FEC-B73C-4EC7-A044-95E0090D878D&redir=true&gdpr=0&gdpr_consent=
Frame ID: E02E090FD1913BDDABEC21D10B9D8657
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
Frame ID: 846B808276098814C5529E456858332E
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 7BDE2E394227EF21EA85A5E122F2A3E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7793210899005664620&gdpr=0&gdpr_consent=
Frame ID: 33B2EAA0AC6134398437E05123F91E7C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: D376A466765BDC8201C464F94A915928
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 177C40850999B093CBE1366C6C22B042
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Frame ID: 5C23B7E341DFC88E62D6950546F61FA8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
Frame ID: 40CED46F1BF3C1B44F0291F106804387
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dbHm8zTB1RnZac5&gdpr=0&gdpr_consent=
Frame ID: F7159EAFB064232C4D333808B160BF79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
Frame ID: CFE96CD5E7F4E960F0739E5149CC3C2E
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 302270B48DC6C7BCECDD85C43B147755
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
Frame ID: ECF92A8FEA981C6F913D0E109CB66F52
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7CBF19098EB8F57E4BE6A0200C61D1DD
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 9D57254D48F13E80833C0622FB4CFAA0
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 304183AF678FB1C376CC289C5E89DBA2
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9D54313E1383224D149515C6203F086E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582884
Frame ID: ACF50BA929EAC27079EE5DB351D93239
Requests: 1 HTTP requests in this frame

Frame: https://capi.connatix.com/core/us?DemandPartner=2&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=Pubmatic&tier=2&DemandPartnerUserId=009A3FEC-B73C-4EC7-A044-95E0090D878D
Frame ID: 10FF503E361220BF79EBECA15415343F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=F3FBC320-45DC-436D-B9CD-920A7D846725&redir=true&gdpr=0&gdpr_consent=
Frame ID: 436735E1CCD6D3B9F3A50C57A6DA9E3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
Frame ID: 36C150AF399FE431FAD21DB6437C4722
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 35FECBD93F4D875A104B9BFBC36565BF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1442814614381177322&gdpr=0&gdpr_consent=
Frame ID: 54876587F164D186B00A51A0A79A9365
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: AB2B4DD7E276791A22A3FF4D1B7F5B30
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: F035CBBC24AEE3DF708F208657E5628A
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 3D51CC278C4DC69EE72122086403828A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
Frame ID: F895402067432F83DDB25FBDD2764AE8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Kc9avzQX1RnZac5&gdpr=0&gdpr_consent=
Frame ID: 7BF7E6BC43D4575B0719F86CCAF05D10
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
Frame ID: 12DE89F37185606E9896F5FB97E3CFFA
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 3D0515935803822A4938938782587CD0
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
Frame ID: 5D99B3CF83C690093CCDC965209D2F79
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8527337DE29E5840BE22DDE23CD7A81F
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 08E990ED2B84714AF32644F0FA229905
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 0F9205B2E5850F3EF077079DBCD3EFBD
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 71B8113533804815C8818CC8FFD57246
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582904
Frame ID: 2916C4A65AFC9A8C2FC8D51C5E022F1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9A934035179D3D2326CC771990D0274F
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 73BF853FEFB8BC33CADE1A8904274619
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: 144C47B36E5814894CA84780E0B5F31F
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1cbbcdce-331f-4816-9363-5122770f6354&expiration=1712857698
Frame ID: 9DF359968B49D9CD2D670AF90423BF54
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 654D19DC0B684C5E17B140544AA0E924
Requests: 10 HTTP requests in this frame

Frame: https://static.polarcdn.com/deck/deck.js
Frame ID: 800956056844C768C4B5BFE1FDC2AED4
Requests: 9 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Frame ID: 3B87B289A0394CCEFFF271662EE04C3F
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 094724F09B146C166E72A8B8B94B10A9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: C63098FDF1A070F20281FF39FA7E4001
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 61AAE8FFA898AD1BA9A8486AB4A3BC60
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: E6A7251B8CC377D9639A7D3ABD06CBE0
Requests: 7 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 002C09213B93633C3FBE50C5484BB15D
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Frame ID: C24BC81672B1BA10C8B96A0241E5538D
Requests: 7 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Frame ID: FEADAFFE009FCB26BB8CAAF25630BF8B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: DC54C1C0565A2B5BF08BBC541768C809
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4ed165a0-29ea-4700-bb4f-08ea52a9f0aa&gdpr=0&gdpr_consent=
Frame ID: F6256F70306BE506148CE0C03AB37B12
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-RMeC_llBMu0knnG6CmgZQ
Frame ID: E63367D55D0F1953593C10F7423F890B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Frame ID: 117BF0D965CAFE6453D1B072A8E2342A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D8970D3DEF9F6B4008C27F6144D43D5D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 819C0DD233B57BA2EC1EFF3D41CBE47F
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 4A708EADCDDE52F8B8363464D77DC0A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:23462B3CBAF04524AD9AA3CE86103432&gdpr=0&gdpr_consent=
Frame ID: 0F000E614DB908AB22462CE07DE58039
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817042087204529
Frame ID: 2462A8270C9B8A7CE4A86EC7A218BF22
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Frame ID: EF8958520D456F2EE0E6F5D7912F1567
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: FC72F5F930028B5713042B04DC20FD51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b1a65a0-29ea-4f00-9f66-cead3803449e&gdpr=0&gdpr_consent=
Frame ID: 732558BB5AFB26391BB34605B4CB378B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3faMmfx6ADmUE0p46CmgZQ
Frame ID: 93C74CDF263CE4ADD79A198E09597A5D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Frame ID: F4C0D10AD9DFE0A1E736DCB9BC10AD57
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 947FA197BD305D462193B1D4697B14AA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 9873F90EECBCA85E4D435E5BA1B4E42C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 98F6E90438F3B0F93BFCAA338BCAEE70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817051425115104
Frame ID: E864A1E74EA99AFEB58D30D62B74D998
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7BD62B91F2D940F7840C91E37B722CEE&gdpr=0&gdpr_consent=
Frame ID: 5F5DCB153A48E9E2B28C7E768AD5CB9C
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Frame ID: 41BCA038517A842F9A88F3DCA963C73E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Frame ID: E688E4656A7A70193009480D633C6BCB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: E3F0513ACA24ACD33A42AFDD505C122F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92e265a0-29e9-4500-8c51-497ee4e83fdb&gdpr=0&gdpr_consent=
Frame ID: 2ABD3E53734B72235BDAF23917F07696
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YTfzp79iB_2oQy096CmgZQ
Frame ID: 50A5D8B9164FFF42C16A7AE1FC558265
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Frame ID: 73A6A3F5D1F123DF32B809FD10A01CB3
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7D5663767B658395673158247B415EB5
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: CDEF54C4C0A5870C11264232B7243BC2
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 24BF7C160A67DE930674BFA862B3BD6E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2ACF2DB04BF94E848D798C75A4DD2C60&gdpr=0&gdpr_consent=
Frame ID: 6A2FFF966F5996F7C20F9913060C8325
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817051181789827&uid=Q7582817051181789827&ref=%2Fepm
Frame ID: 1E49B934F9AF87B814E34873FBE1597A
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Frame ID: 67D3D8C5E6CFA97ED7511B184DCCB985
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Frame ID: 45CAC2E3BA8DB063593BD27D682BA5C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A4D38473C961E8AF75487B6EC8F29839
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8dfd65a0-29e9-4800-b66d-7b5fb8fa6c49&gdpr=0&gdpr_consent=
Frame ID: CA7EB49C318257029EC6D600B500B6E9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O3nBDap-AJSuicTm6CmgZQ
Frame ID: 6C57C42997758AE2861DE2BD683A379F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Frame ID: 65E41FD7B0D1EA283DEF6D8189A2EBCA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7537F6D0FB72642DA9248A3A175EBFCE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A6A5B2CE664A081566F1AA2B33A9A0DA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3DD683F86BF2D53F88764C398E32AC19
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EEF89568BE40E69630D5569492F6C0&gdpr=0&gdpr_consent=
Frame ID: 5881C62F7356F769F0EC65327C9EEEBF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817062113318029
Frame ID: 1DE747D21AB8D894B951C8EF7B89794B
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Frame ID: 8801822142DF687973A8D0B64F92B163
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Frame ID: ADC73304D9CAE59954D1C5089F47F4BB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2F6E199CF9D511DB271FEE6957B5407A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:22bd65a0-29ea-4c00-a972-deb98de33ff1&gdpr=0&gdpr_consent=
Frame ID: A5FE7FBC9CF64E7B089028A9C9DAD8BA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t6cRicX4DU658x8J6CmgZQ
Frame ID: A24827AB9317110F743749C2087081AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Frame ID: 07853F19817B1A332BE9FA4E628F3B36
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D3E5EA69648E8F7268727F492E465F45
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: AEB1C56E36CC7C8205E92F7EFD634848
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E019B876E6D1A23433CA84B7C7166B8B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:91288307E87944BCA975396031B8E9C2&gdpr=0&gdpr_consent=
Frame ID: 89263F12EB3EFE75FBA67800A2554FC6
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817071542122437&uid=Q7582817071542122437&ref=%2Fepm
Frame ID: B3D1BE4AD086E204BFACD83CC8894C07
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Frame ID: 4F87641FD4118119ABCBC5BA10702DB6
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 2D7404E8D36CCA10E4A23D4790B00C8E
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 734EAC977AD2A122BEB963A46AD003A8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssg0BHhqlc8dPwz3YFVLQnqTWfllGEuVPNGIOY1p24hnGG157nT21QItVZ6BifarMb6ET45yTaIAGdNs2HQ6MO1k7nIojUmh-s1X3XmrzKUCuqqnAZD9EAqrKoo15HiCpVUlkNLea3puBPy9pcdGXxDVgpvbKTN4roSyqTsunLiNX6EvxDyqAQGFLoqkBl9_MEyI_ZiZUOij6VsbaOMvNp950FAnfD5YIxUgwRGafz5we66Oy2RvH9yl_-G7-QbnBXwWqb312xxPCe_6XT3O4f8HT1FvjfY4-hrr3cDGlsck_ylJ3nnt5clE6xkfm8sg-DR-7jiUwZ--4D08UadkMYnYo1MDeoq750Ftlfvuwb1okiVAyufOG6qm8cZ7rBgEg2Novxpkx2Sk02GSmhKgcLtLGp8GLuiiNM3jPXaB-50WOmBIxppkzh4ZUbeGcXLGOg&sai=AMfl-YSHB1PFMkSNChQoGPTvGB5L5TzW0PGqQ0pJTrKVFITxkk0aDdhSZgv83MCtVmzI-ZTt0YUVcWSPws04sRkoy8n-Txs7IPRbklR0n6NquyEVpoJeW6DMfAbRnOrpYy8&sig=Cg0ArKJSzEZ9yiU9xTMuEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F683DC53C16A39EA1451AB4241C026AA
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2vQ-3UUuqz51M1ZVNNsV_hxgFeHemynrrBL28bfBQYcppge6HuJsQ04RqhV1NLOu_fH2uj79vpegEgG1i5zgfo_yyew9c1p_U5aGkE3qrdf74POBfYM4vSdNQU7EJJMWWEKmGaHJJo_J0ZgCYrksMxfFwBnEUEeXbHGCvkjK8WfaKiVKaSJ8otULdy4YN6dvOBFkTVcseawRSex0LjhJ955WeyL-1Hn7-3Jy1z9d-_gd__05krufBBv56XBRlX0fo__4crpmx6-HlPFsH_U0eM9sKLfVeo_xdrnBtbzKNR118ZjNA-HHybkcHK-kl2_uYscVkgNzSoaKLX5EpAfLPj2eaTEoort8PE1Qu1D8QwtLyYFQYQkKIoeR3lHcUcQTYWLuh9PlldmSTW_MvRkK-2zroVXNWPAaElZR89BuudECaVOapozVBTBR8c8mwx48&sai=AMfl-YTrvl_fFjLQ2PIk1DIQ68xxxH5QFe4d3B_lb5eHotHZ5x9joftK7Ti8SVBBAnHsIlglgpAPZsViRR8wkiNgSTLGedckRit4BdrRFdH9sFm9BSk7vd-mUcnJtkI1HRo&sig=Cg0ArKJSzDpuU-OyXqqtEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: FB485B364AC3E22DECC97B1ED55225BC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

976
Requests

57 %
HTTPS

0 %
IPv6

144
Domains

234
Subdomains

128
IPs

12
Countries

7538 kB
Transfer

19093 kB
Size

177
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 66
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 71
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704995292003&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&c8=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704995292003&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&c8=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&c9=
Request Chain 82
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Request Chain 96
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=347314&iiqidtype=2&iiqpcid=97f01ead-4653-47f1-b2a4-de53630b3547&iiqpciddate=1704995292303&tsrnd=525_1704995292304&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=347314&iiqidtype=2&iiqpcid=97f01ead-4653-47f1-b2a4-de53630b3547&iiqpciddate=1704995292303&tsrnd=525_1704995292304&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=FFcbJQcctd&nc=false&trid=1631195540
Request Chain 99
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Index&api-tier=2&uid=ZaAp.4kmNvbmyzCr7hNeGQAA%261252
Request Chain 100
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Beeswax&api-tier=2&uid=AACVf07LQFQAABPIwTSZ5g&gdpr=0
Request Chain 101
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=138f948b-8a30-4e0d-950b-1c32400031db&ttl=1707587292
Request Chain 102
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Amobee&api-tier=2&uid=7015515884507246864
Request Chain 103
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=TripleLift&api-tier=2&uid=1659511742632576896244
Request Chain 104
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D46a0c9ae7afa44739d3ed7a9bacd8f25%2526pname%253DAppNexus%2526api-tier%253D2%2526uid%253D%2524UID%3D%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=AppNexus&api-tier=2&uid=9107686382435366279=&gdpr=0
Request Chain 105
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&cb=1704995294202 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8169231287 HTTP 302
  • https://sync.1rx.io/usersync/turn/7015515884507246864?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005%26pId%3D44 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
Request Chain 106
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null HTTP 302
  • https://capi.connatix.com/us/pixel?puid=1693987427671510040&pId=40&gdpr=0&gdpr_consent=
Request Chain 107
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Request Chain 108
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0 HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Request Chain 110
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=PulsePoint&api-tier=2&uid=isAvePNEAFDv
Request Chain 112
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=LoopMe&api-tier=2&uid=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&pubid=11186&gdpr=0
Request Chain 114
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=YieldMo&api-tier=2&uid=VEF7sqqnn7qb8OH3EekL&gdpr=0
Request Chain 115
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=46a0c9ae7afa44739d3ed7a9bacd8f25&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DTelaria%26api-tier%3D2%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Telaria&api-tier=2&uid=80607689d5304054a4ca1613b2e4fdb9
Request Chain 116
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=c49495f9991e88aeb616a9625e85cb39&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 119
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=SundaySky&api-tier=2&uid=d6.3a423d9d15914479b103dbb2981c7ed6
Request Chain 120
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=ResetDigital&api-tier=2&uid=00000128123BA352
Request Chain 121
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Sonobi&api-tier=2&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
Request Chain 122
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dSharethrough%26api-tier%3d2%26uid%3d%7BUSER_ID%7D HTTP 302
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0&gdpr_consent=null
Request Chain 126
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DMediaNet%26tier%3D2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3479968939030167000V10
Request Chain 128
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NDZhMGM5YWU3YWZhNDQ3MzlkM2VkN2E5YmFjZDhmMjU&extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix.com%2fus%2fgoogle%2freport HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NDZhMGM5YWU3YWZhNDQ3MzlkM2VkN2E5YmFjZDhmMjU&extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0&google_redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fgoogle%2Freport&google_tc= HTTP 302
  • https://capi.connatix.com/us/google/report?extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0
Request Chain 172
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 173
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995292828.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 174
  • https://ssc-cms.33across.com/ps/?_=1704995292828.&ri=0015a00002y7TWTAA2&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=37&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=_33Across&tier=2&DemandPartnerUserId=212416160174736
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1&rts=4709301584779732234 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a3e064a2-744e-530b-90de-7274f57e5ba9&ssp=the33across&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=243ab276-5ae4-4fe2-ab14-44d4a1348492 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=243ab276-5ae4-4fe2-ab14-44d4a1348492&ts=1704995293&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 176
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-qQc0gidE2uF.7QM44W9oEC9GksyEIGlq~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-qQc0gidE2uF.7QM44W9oEC9GksyEIGlq%7EA&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 178
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=1659511742632576896244 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1659511742632576896244&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 188
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 223
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CGDeS3CmgZcb9AYXFrr4P9MCliA6X6aeUdduftvSREuiOyILcCBABIMeD_AEoCGD9oJmB6AOgAf6XiJ8DyAEGqAMByAMCqgTdAk_QJ1wuzj35s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4IYWJ_vsCspXPkwHxv2jAVPl704ZGTsg4bUzghnLIXC4mnYYMN7_qCGASDKchJFOdIioQm9iPOcDP18pHgGNeQFPV0CtTveVldYpiKIt3H_WUJSNdX5IX6KvwA0JkzrZEzPcosLuOA7ylMfrpZ2iht5OEOKfHm7EuBZffsLldbyJmtX25VuhElVmCaLHuSfM5tbGV3kMUx0ATLHiSewEWz7o5Aiqm9MK7tVgkXjQieaIUuH4MST0Ogw-MeaID75iaM3ZMScLK5VZDMnFS4pCtD0IiO0ofJgD5hYB-Ucon2AVIUky_a8rsu2sHfHVQ88wfPklMYLM87fQUxg7hPXCsHW98tYagsr3DuPiwDdQS7hL0sLHbVVmrROqzvawdumRRyQ8Nv0BiQ139wvfR3Ow9WgHg7UWK6xhcLABMyrvvLJBIgFicec6k2SBQQIBBgBkgUECAUYBKAGN4AH6uf3YKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENiXD9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY5cXmtfLVgwOaCR9odHRwczovL2dvLmN5bmV0LmNvbS9mcmVlLXRyaWFsgAoByAsBogwIKgYKBKy6sQLaDBEKCxCQzsut3fuFydkBEgIBA9gTAogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=N9Nz8mi9R0g&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xef5127df4cccf8930000000000000000%22,%222%22:%220xda74707d048eae680000000000000000%22,%223%22:%220x77d15d3889d3e2520000000000000000%22,%224%22:%220xf4337813ff32a6880000000000000000%22,%225%22:%220xb4aef92930f493910000000000000000%22},%22debug_key%22:%2217661735414640202332%22,%22debug_reporting%22:true,%22destination%22:%22https://cynet.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22870452222%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211184886640279445473%22}&andc=true
Request Chain 224
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKDVd3CmgZcb9AYXFrr4P9MCliA7qzf6rZvSVm5KjD4r8_MrZDRACIMeD_AEoCGD9oJmB6AOgAYXO7cICyAEGqQJC8dk2Et1JPqgDAcgDAqoE3gJP0Fo7tZokw4owGfjI1qe2E71qnW3DMMFc5-acmGvRPynVQDVVo16g5LdnZFn52sR385AFS5T0LWQ87IPfmMABZzmcxett1GLefv-xkV1txnBQBDLAJv1Vq47lmxfgcfI-GSLrHyAZWKMowksJGq9pxrtw_1JERWyL7ydojahIYzlb9iYFymqBVfD9M9ZQGbOHd8NffnsPn3xsuRr4BdJ5CFQU8e-hoamYWT2jvnnBZvV2CN1w46C3D-qWnurQI3nRsRNsvxJmoSpvTN5NVkKF47fRmSFBjRUykNDoEC0xmSA--XxVNGTEnNlYVmQzJ-DYKwvQ9dbVt6HyYPpuWwflHFeLg1SFJD4Av67LtkWBxFUPPDQF55TGC8Y43EFMYBvl1ArJ3hctjBk4_4E9kzx4ZwgsLCdLS4f_7JhO58gPAhEwcRANNm0Z1S0GNdPIwQZf7Vnjgh4AwpCSh4c81sAEl8PYts8CiAWA3IG_IZIFBAgEGAGSBQQIBRgEoAY3gAfjsZK9AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENiXD9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY5cXmtfLVgwOaCVBodHRwczovL3d3dy5tYW5hZ2VlbmdpbmUuY29tL3Byb2R1Y3RzL2Rlc2t0b3AtY2VudHJhbC9zZWN1cmUteW91ci1lbmRwb2ludHMuaHRtbIAKAcgLAaIMCCoGCgSsurEC2gwRCgsQgJrjn-OejIOBARICAQPYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItMDkyMDg5OTMwMDM5NzgyMxgA&sigh=co9M_nkn1Qg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfc600f4b526b809f0000000000000000%22,%222%22:%220x92f610b573f295bd0000000000000000%22,%223%22:%220x788a3674ebe885c70000000000000000%22,%224%22:%220x23e796e5427a80cd0000000000000000%22,%225%22:%220x6afbda786b86964a0000000000000000%22},%22debug_key%22:%2210065837031781339065%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22677078789%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22666395034222913713%22}&andc=true
Request Chain 225
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CCAo13CmgZcb9AYXFrr4P9MCliA6Tl4nxdOqYqpmHEr_1xPGvDxADIMeD_AEoCGD9oJmB6AOgAciy8vACyAEGqAMByAMCqgThAk_QEzFgzj_5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4IYWJ_vsCspXPkwHxv2jAVPl704ZGTsg4bUzghnLIXC4mnYYMN7_qCGASDKchJFOdIioQm9iPOcDP18pHgGNeQFPV0CtTveVldYpiKIt3H_WUJSNdX5IX6KvwA0JkzrZEzPcosLuOA7ylMfrpZ2iht5OEOKfHm7EuBZBfgL1dbyLmux2Q5xN22ZY8tg_3Bx2Anm87Zc66af2tEqf8W35G-9VpPmX2zM3rhVt0bjdySa1EKHFc2TJesQDcS61T35fKA3kcec2a1VkTAn4C0o_9P01yC1VPFg-ptY8uYcV36AoYYkPvW8W8i2RXTHoAw8NPDkYcULxs3ftE9gGxDX_8rWF8WKCZvkipf8OmTQcJZlJYZDh7920vblds9obI2ilbYtAJ98Cwzl2ubZquh8fi8yny_uiAdJaXBmNJzPwATW2ri5twSIBcmy-M9MkgUECAQYAZIFBAgFGASgBjeAB6DNjY8BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ2JcP0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljlxea18tWDA5oJpQFodHRwczovL2dpZnRzLmdldGNvbnN1bWVyY2hvaWNlLmNvbS8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9pZD0yMDU2ODc0MjIxNyZ1dG1fY29udGVudD0xNTIzMjMzNzAzMjYmdXRtX3Rlcm09JmNyZWF0aXZlSWQ9Njc2NzU3NzM3ODEzJmdjbGlkPXtnY2xpZH2ACgHICwGiDAgqBgoErLqxAtoMEAoKEID06crUmaG4dRICAQPYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMDkyMDg5OTMwMDM5NzgyMxgA&sigh=p46Fnc2mUEg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x199c79956f957c190000000000000000%22,%222%22:%220x498eec80fb576d6c0000000000000000%22,%223%22:%220xd74a6d5e6adcb6290000000000000000%22,%224%22:%220x6d99959ecb18b11c0000000000000000%22,%225%22:%220x32cb4f51484bf7ac0000000000000000%22},%22debug_key%22:%223184347219651403443%22,%22debug_reporting%22:true,%22destination%22:%22https://getconsumerchoice.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773626184%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222332558389369514433%22}&andc=true
Request Chain 226
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CImMa3CmgZcb9AYXFrr4P9MCliA7-9dKldYiI6ea8EtzZHhAEIMeD_AEoCGD9oJmB6AOgAcbw6M8DyAEGqAMByAMCqgTcAk_QbBl9zjn5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4IYWJ_vsCspXPkwHxv2jAVPl704ZGTsg4bUzghnLIXC4mnYYMN7_qCGASDKchJFOdIioQm9iPOcDP18pHgGNeQFPV0CtTveVldYpiKIt3H_WUJSNdX5IX6KvwA0JkzrZEzPcosLuOA7ylMfrpZ2iht5OEOKfHm7EuBZffsLldbvJmsc38JJh0lVmCaLHuSfM5tbGV3kMUx0ATLHiSewEWz7o5Aiqm9MK7tVgkXjQieaIUuH4MST0Ogw-MeaID75iaM3ZMScLK5VZDMnFS4pCtD0IiO0ofJgD5hYB-Ucon2AVIUky_a8rsu2sHfHVQ88wfPklMYLM87fQUxg7hPXCsHW98sQZm563DuPiwDdQS71Mf10HbVUmoVz1SnewezaQAyQ8ATfJCQ5ywVyVl5LzvegEBgtHI-hW8AE7anqwMIEiAWf1relTZIFBAgEGAGSBQQIBRgEoAY3gAeij5cwqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ2JcP0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljlxea18tWDA5oJIWh0dHBzOi8vd3d3LmJsdWVzY2FwZS5haS9nZW5lcmF0ZYAKAcgLAaIMCCoGCgSsurEC2gwQCgoQwKjSuYfJ27F4EgIBA9gTDIgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=pIOLgrBr0qM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x29a18871b9250cd10000000000000000%22,%222%22:%220xdbc78b193fd79f460000000000000000%22,%223%22:%220x334084eba39b0cc10000000000000000%22,%224%22:%220x78d2d0001d2a2b6c0000000000000000%22,%225%22:%220x2218202b76ef9e180000000000000000%22},%22debug_key%22:%2217119923229865807664%22,%22debug_reporting%22:true,%22destination%22:%22https://bluescape.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972699718%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226182099742007446193%22}&andc=true
Request Chain 227
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ck3G53CmgZcb9AYXFrr4P9MCliA7OieX6c5zT0d6GEY-9nt6SDhAFIMeD_AEoCGD9oJmB6AOgAbz7hO8DyAEGqQJojtwVwh-pPqgDAcgDAqoE3AJP0BIEYs44-bODquGn1qfvX7NjnXjaN8hY6-SBnWrAKHWYTDeCGFif77ArKVz5MB8b9owFT5e9OGRk7IOG1M4IZyyFwuJp2GDDe_6ghgEgynISRTnSIqEJvYjznAz9fKR4BjXkBT1dArU73lZXWKYiiLdx_1lCUjXV-SF-ir8ANCZM62RMz3KLC7jgO8pTH66WdoobeThDinx5uxLgWX37C5XW4SZrX9HrjHaitH_LYIxzcdgj4vO2P-umn-PWN38mshEoSlUToqpvud24lUJFFrQkmitBchbHk9DI5Q7EmiA-DH-gN2TEadqtVWQz0uMsKArRANQgtKHylfmbWAfl6VR-gFSF0T31vK7LQ0Z0x1UPyTfw5JTG_sXN30FMlRgQ1wLJNhEbGRmMqjvAw7-OGoS9zVd00Y2cfhzDZO7V9FC62xyYl0wE3yQkOctVTgBESs73oBAYSi-E9GvABLaelrqnBIgFzNW1jkuSBQQIBBgBkgUECAUYBKAGN4AHrIT7EKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENiXD9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY5cXmtfLVgwOaCUFodHRwczovL3d3dy50YXhwYXllci5jb20vcGV0aXRpb25zL3NjcmFwLXRoZS1ndW4tYmFuLWFuZC1idXktYmFja4AKAcgLAaIMCCoGCgSsurEC2gwQCgoQkI-Xvom3w7NpEgIBA9gTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=JrWiNlmGKuM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x735eabb172b263ba0000000000000000%22,%222%22:%220xa87da0a7a86e1dca0000000000000000%22,%223%22:%220xd854f2446940a1f40000000000000000%22,%224%22:%220x9c4a70c0bb1966d00000000000000000%22,%225%22:%220x6e705b85e61fc9a20000000000000000%22},%22debug_key%22:%2215805324081394677614%22,%22debug_reporting%22:true,%22destination%22:%22https://taxpayer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221038171580%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226268665263466326673%22}&andc=true
Request Chain 228
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQ3el3CmgZcb9AYXFrr4P9MCliA7D5o7HdOz07a6UEdzZHhAGIMeD_AEoCGD9oJmB6AOgAbPoi8QoyAEGqAMByAMCqgTgAk_QZAtzzjr5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4IYWJ_vsCspXPkwHxv2jAVPl704ZGTsg4bUzghnLIXC4mnYYMN7_qCGASDKchJFOdIioQm9iPOcDP18pHgGNeQFPV0CtTveVldYpiKIt3H_WUJSNdX5IX6KvwA0JkzrZEzPcosLuOA7ylMfrpZ2iht5OEOKfHm7EuBZBfgL1dbyLmuv2Q5NanfFY8tg_3Bx2Anm87Zc66af2tEqf8W35G-9VpPmX2zM3rhVt0bjdySa1EKHFc2TJesQDcS61T35fKA3kcec2a1VkTAn4C0o_9P01yC1VPFg-ptY8uYcV36AoYYkPvW8W8i2RXTHoAw8NPDkYcULxs3ftE9gGxDX_8rWF8WKCZv8we3VOGTQcJZlJYZDAhvlrfbld88ccauRqrZGKMoQCgw88cTZpvydHDBNMCLMiAlfmVxNdFnABIGTi7GhBIgFqofQ6EmSBQQIBBgBkgUECAUYBKAGN4AHs6DcowOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDYlw_SCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WOXF5rXy1YMDmgmeAWh0dHBzOi8vbmV3c2l0ZS5zY2hyb2Rpbmdlci5jb20vbGlmZS1zY2llbmNlL2xlYXJuL2VkdWNhdGlvbi9jb3Vyc2VzP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249ZWR1LXNvYy1scy1nZW5lcmFsJnV0bV9jb250ZW50PWltYWdlK2FkgAoByAsBogwIKgYKBKy6sQLaDBEKCxCAyYi2ku_t1-wBEgIBA9gTDYgUBtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=vHlcoGcap-Q&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf9a3d9124babf2bd0000000000000000%22,%222%22:%220x4850fe81694f1e7e0000000000000000%22,%223%22:%220x76cf6ab84dafec6d0000000000000000%22,%224%22:%220xad1115f6d5f83960000000000000000%22,%225%22:%220xc8fe94376fd2872d0000000000000000%22},%22debug_key%22:%2216194911444297934710%22,%22debug_reporting%22:true,%22destination%22:%22https://schrodinger.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880218163%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212286350631410063617%22}&andc=true
Request Chain 229
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C8MIh3CmgZcb9AYXFrr4P9MCliA7x19mQdYGNk9bwDdzZHhAHIMeD_AEoCGD9oJmB6AOgAf3w0sgDyAEGqAMByAMCqgTcAk_QKAxizjv5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4IYWJ_vsCspXPkwHxv2jAVPl704ZGTsg4bUzghnLIXC4mnYYMN7_qCGASDKchJFOdIioQm9iPOcDP18pHgGNeQFPV0CtTveVldYpiKIt3H_WUJSNdX5IX6KvwA0JkzrZEzPcosLuOA7ylMfrpZ2iht5OEOKfHm7EuBZffsLldb1JmtI0bRwhElVmCaLHuSfM5tbGV3kMUx0ATLHiSewEWz7o5Aiqm9MK7tVgkXjQieaIUuH4MST0Ogw-MeaID75iaM3ZMScLK5VZDMnFS4pCtD0IiO0ofJgD5hYB-Ucon2AVIUky_a8rsu2sHfHVQ88wfPklMYLM87fQUxg7hPXCsHW98t1VW1O3DuPiwDdQS7hL0sLHbVUmrMSuVnbwczDTh-Q8ATfJCQ5yxMsTnJLzvegEBgtOvXuXsAE0rXlhZsDiAXS3t-KKpIFBAgEGAGSBQQIBRgEoAY3gAeztMEDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ2JcP0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljlxea18tWDA5oJnQFodHRwczovL2dvMi50ZWsuY29tL2FtLXQtZWR1LWMtdGJzMTAwMGMtZWR1Y2F0aW9uLWxwLXdjLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPXRlay0xayZ1dG1fY29udGVudD1yZXNwb25zaXZlYWRzP3V0bV90ZXJtPWlubWFya2V0gAoByAsBogwIKgYKBKy6sQLaDBAKChCwjO3Bt9Pn6jUSAgED2BMNiBQF0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=QSteWSpEpso&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xacf57c0f9f5c4720000000000000000%22,%222%22:%220x4f2ec3201ebb0cd60000000000000000%22,%223%22:%220x34795eeffd756d220000000000000000%22,%224%22:%220x6365eed8330a23b30000000000000000%22,%225%22:%220x72503f9dc3cfeea80000000000000000%22},%22debug_key%22:%221003504921086942426%22,%22debug_reporting%22:true,%22destination%22:%22https://tek.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22957659261%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221988174952176124257%22}&andc=true
Request Chain 230
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C1_yh3CmgZcb9AYXFrr4P9MCliA7ln-KWddualKymEtzZHhAIIMeD_AEoCGD9oJmB6AOgAZ3HlfopyAEGqAMByAMCqgTuAk_QYTVzzjT5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4IYWJ_vsCspXPkwHxv2jAVPl704ZGTsg4bUzghnLIXC4mnYYMN7_qCGASDKchJFOdIioQm9iPOcDP18pHgGNeQFPV0CtTveVldYpiKIt3H_WUJSNdX5IX6KvwA0JkzrZEzPcosLuOA7ylMfrpZ2iht5OEOKfHm7EuBZffsLldbhJmteus0yhElVmCaLHuSfM5tbGV3kMUx0ATLHiSewEWz7o5Aiqm9MK7tVgkXjQieaIUuH4MST0Ogw-MeaID75iaM3ZMScLK5VZDMnFS4pCtD0IiO0ofJgD5hYB-Ucon2AVIUky_a8rsu2sHfHVQ88wfPklMYLM87fQUxg7hPXCsHW98tfdnrCOdx0xzRThuvpL0tLxyV8oWQzvV8-7S3ZVC8v9w1Ayemb_Oxdo8Zk7P64tuhVGChlcezHjPILsbIAwcSjklG4DW4qWsAEooTL3bgEiAXd3oD4TZIFBAgEGAGSBQQIBRgEoAY3gAed_-XZBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENiXD9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY5cXmtfLVgwOaCRVodHRwczovL3N0YXJzaHVudC5haS-ACgHICwGiDAgqBgoErLqxAtoMEQoLEJCz06y3ga2zqAESAgED2BMNiBQB0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=4ZPanQ8XKOc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&template_id=492&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd01a8505653d4d250000000000000000%22,%222%22:%220x376ee0a0ed075de90000000000000000%22,%223%22:%220x2cdef98e31473ab00000000000000000%22,%224%22:%220x551730ff4953a37b0000000000000000%22,%225%22:%220x1d5d5e4450c93bef0000000000000000%22},%22debug_key%22:%2211332973063677519081%22,%22debug_reporting%22:true,%22destination%22:%22https://starshunt.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211262059421%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228273358258363429041%22}&andc=true
Request Chain 236
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 301
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Request Chain 245
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&gdpr_consent=null&gdpr=0
Request Chain 246
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
Request Chain 247
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=72ba6168-a3b7-49a2-a186-a5eb680c72fe
Request Chain 248
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Request Chain 249
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212416160174736
Request Chain 251
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1704995294202 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1698328354 HTTP 302
  • https://sync.1rx.io/usersync/turn/7015515884507246864?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005%26pId%3D44 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
Request Chain 252
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=8afe63777b95c6c18ea6533a12e5437&gdpr_consent=&gdpr=0
Request Chain 253
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0
Request Chain 254
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcs-server-s2s.yellowblue.io%252Fcs%253Faid%253D11596%2526id%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5817253177479791002&gdpr=0&gdpr_consent=
Request Chain 256
  • https://cks.connatix.com/cks?pid=24&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=IronSource&api-tier=2&uid=CrPh8Cg-Cp_s&direct=1 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=CrPh8Cg-Cp_s&UserId=&tier=2
Request Chain 258
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 326
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKtVkTMeSS0tMP5jL-eRgNE&gdpr=0&google_cver=1
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1&gdpr=0&C=1
Request Chain 369
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaAp4OT30KaT8BN13UvvzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBVzyI6EdQqGQAxZAe2A-uM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBVzyI6EdQqGQAxZAe2A-uM%26google_cver%3D1
Request Chain 389
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4MzgzMjc5MTQ1Mzg2Nzc4Ng%3D%3D
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
Request Chain 391
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 395
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MjQzYWIyNzYtNWFlNC00ZmUyLWFiMTQtNDRkNGExMzQ4NDky
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNNjpJ_jZBfg7sEsMv5IcQ&google_cver=1
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBsRWS2IHHICAATG2OnATmY&google_cver=1
Request Chain 402
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjY5ZWUzODktMjViYi00NzkxLWEzMDctNzE2YzY2MjlmZDI4
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEIBh2a2itntPTMo8d1K11bc&google_cver=1
Request Chain 420
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385367412;dc_trk_aid=576121694;dc_trk_cid=202444796;ord=1704995293671772;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529532644752 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385367412;dc_pre=CJz9sbfy1YMDFWEoiAkdtnEIrQ;dc_trk_aid=576121694;dc_trk_cid=202444796;ord=1704995293671772;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529532644752
Request Chain 425
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LR9I6E4X-N-5Z4I&gdpr=0
Request Chain 426
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H-YMjTZH1GTxRA4NTu6VhOUq&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:cc55153a871c385da363984f8a60da22
Request Chain 427
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU93a389850d0f496d8f8bd1d1fc25d9e5&gdpr=0&gdpr_consent=&pid=103
Request Chain 428
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SC1ZTWpUWkgxR1R4UkE0TlR1NlZoT1Vx&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 429
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR9I6E2J-1H-345A&gdpr=0
Request Chain 430
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=tCO3G7AvsxqvJrVJ5CD7GLQltUivI-Ab4CGQL32S
Request Chain 431
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=0b0d3463-e0c3-50be-9a86-96445368d063&redir=[RED]
Request Chain 446
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385096202;dc_trk_aid=576121697;dc_trk_cid=202444796;ord=1704995293635543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529565080752 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385096202;dc_pre=CNq5xbfy1YMDFaksiAkd1DoEJw;dc_trk_aid=576121697;dc_trk_cid=202444796;ord=1704995293635543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529565080752
Request Chain 453
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEF7sqqnn7qb8OH3EekL&gdpr=&gdpr_consent=&us_privacy=
Request Chain 463
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENzDJlrtAJP3OXAJWsckZn8&google_cver=1&google_push=AXcoOmSqDAZDOOcDgWKU0KJxrpcojlgghzBROLgXAULK7q9DafLwgtn9rjY-IY7dsp7_Qdj-9wD-veapwyuHvye56499QW-_VNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=875782531506&us_privacy=1---
Request Chain 464
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOWroVigzgUDZCJybYJGcIA&google_cver=1&google_push=AXcoOmTULEH4uWUI9UEqxwy4PqwwFWBhX-l13Nk085NXEl8M8VJyJmH3Bt54DBFygs9fLY2j43sbIYKmvw86X9GTsRgLXtsW06k HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTULEH4uWUI9UEqxwy4PqwwFWBhX-l13Nk085NXEl8M8VJyJmH3Bt54DBFygs9fLY2j43sbIYKmvw86X9GTsRgLXtsW06k%26google_hm%3DBczKVi9MlUtgr3tw7O7Kt8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTULEH4uWUI9UEqxwy4PqwwFWBhX-l13Nk085NXEl8M8VJyJmH3Bt54DBFygs9fLY2j43sbIYKmvw86X9GTsRgLXtsW06k&google_hm=BczKVi9MlUtgr3tw7O7Kt8A
Request Chain 466
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAKukKfouTcwqKLqrvouAPs&google_cver=1&google_push=AXcoOmQhfK6nBRVARKKTePRBljIe2LENa93A-I0Oa4ftddKHnChYEQy8NjrgeYEyjMl7Jcwoj4DQgAe7F8TfKY8fXVrZQw4lwTUV HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAKukKfouTcwqKLqrvouAPs&google_cver=1&google_push=AXcoOmQhfK6nBRVARKKTePRBljIe2LENa93A-I0Oa4ftddKHnChYEQy8NjrgeYEyjMl7Jcwoj4DQgAe7F8TfKY8fXVrZQw4lwTUV
Request Chain 467
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMvSg0VQhvgDHajGkTMgMg8&google_cver=1&google_push=AXcoOmQLOJVfENazkkiqbceuWbAn1ZSliwZYhCW4EOabUXMfi_b8gkRG7CI2PIMslMqEFubvUWcawmqyx0Pw2whm_neYwafFtKBD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQLOJVfENazkkiqbceuWbAn1ZSliwZYhCW4EOabUXMfi_b8gkRG7CI2PIMslMqEFubvUWcawmqyx0Pw2whm_neYwafFtKBD&google_hm=hH3pZJUCRzCHRy1rBOYaSp0
Request Chain 468
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEOE-lOLxPOo_2cx5pRnKoeQ&google_cver=1&google_push=AXcoOmSJKop1jLIEa5WMg9LOMAe2Dgh-7_yBxDYIbmVY6emlYTdrUiH2pbof0d8ISxK0V4K-N_N_o3feRGx74vawLh9khvjDMaAz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSJKop1jLIEa5WMg9LOMAe2Dgh-7_yBxDYIbmVY6emlYTdrUiH2pbof0d8ISxK0V4K-N_N_o3feRGx74vawLh9khvjDMaAz
Request Chain 515
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&gdpr=0&gdpr=0&khaos=LR9I6EKP-B-JADY HTTP 302
  • https://ck.connatix.com/cks?pid=11&uid=LR9I6ECV-6-CY2O&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=LR9I6ECV-6-CY2O&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25
Request Chain 523
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=243ab276-5ae4-4fe2-ab14-44d4a1348492&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=c43e51ad-deb1-45e6-b233-ed165521eb63&ssp=themediagrid
Request Chain 524
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LR9I6ECV-6-CY2O HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LR9I6ECV-6-CY2O HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LR9I6ECV-6-CY2O&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 525
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LR9I6ECV-6-CY2O HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LR9I6ECV-6-CY2O
Request Chain 526
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LR9I6ECV-6-CY2O
Request Chain 530
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR9I6ECV-6-CY2O&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 531
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Request Chain 532
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI5STZFQ1YtNi1DWTJP&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEB7_sy6YQTJ4oIWAxYvJvoY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=&gdpr=0
Request Chain 533
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9I6ECV-6-CY2O&gdpr=0
Request Chain 534
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
Request Chain 535
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdjYWRhZGI4N2QwODA2YzU1MTRhNjBiODFkNTRlYjY0NjdlZDBjZg&gdpr=0
Request Chain 536
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/AUe9wKTLMoU7s_HG6x7NpQ?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LNKshT1E2oJLGG7e_62QunEtHEDxjH9SAsIfZw--~A
Request Chain 537
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=&expires=30
Request Chain 539
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR9I6ECV-6-CY2O&gdpr=0
Request Chain 541
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR9I6ECV-6-CY2O&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
Request Chain 542
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LR9I6ECV-6-CY2O&gdpr=0
Request Chain 543
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9I6ECV-6-CY2O&gdpr=0
Request Chain 544
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR9I6ECV-6-CY2O&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR9I6ECV-6-CY2O&redir=true&gdpr=0&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR9I6ECV-6-CY2O&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sZ0tCcWJORTJ1RlhWNUhKTGtZTWYxcF9iMG9JLklsQ35B&gdpr=0&ovsid=LR9I6ECV-6-CY2O&dpid=58160
Request Chain 549
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGWMJFiIwmoed1qxGNtTX-c&google_cver=1&google_push=AXcoOmTcflRsysYx4ZC-ZV9AisyXNrsAeKmJng4s8ENcAcaSJN7t-HCWaJFUsm6kdAJ19vW_p48gl61qqw1kRMxW8PN1ZhBn4BY HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGWMJFiIwmoed1qxGNtTX-c&google_cver=1&google_push=AXcoOmTcflRsysYx4ZC-ZV9AisyXNrsAeKmJng4s8ENcAcaSJN7t-HCWaJFUsm6kdAJ19vW_p48gl61qqw1kRMxW8PN1ZhBn4BY&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AJo_7Lc8TsegRJXgCQ2HjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTcflRsysYx4ZC-ZV9AisyXNrsAeKmJng4s8ENcAcaSJN7t-HCWaJFUsm6kdAJ19vW_p48gl61qqw1kRMxW8PN1ZhBn4BY
Request Chain 550
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB7_sy6YQTJ4oIWAxYvJvoY&google_cver=1&google_push=AXcoOmQC3d2_wnm2NKs8KAVoF0qcCUZVwnjQUtM0bW68q5fJwHJo14g4QoQMWk9Hg8z5PgkjxMX010eJAywFuvFeZySE89By-qU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=AXcoOmQC3d2_wnm2NKs8KAVoF0qcCUZVwnjQUtM0bW68q5fJwHJo14g4QoQMWk9Hg8z5PgkjxMX010eJAywFuvFeZySE89By-qU
Request Chain 551
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMq32Fet__8zx5hwQ7VQgUw&google_cver=1&google_push=AXcoOmS3NU2L6idwj2UBFdBcvmhgJdZVz9RR-7RzVPwWOl6lmLHjA2ZVcwIlprymMGTHX9MdH5t4TBDFmkYNTakg_LobLxcw6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D&google_push=AXcoOmS3NU2L6idwj2UBFdBcvmhgJdZVz9RR-7RzVPwWOl6lmLHjA2ZVcwIlprymMGTHX9MdH5t4TBDFmkYNTakg_LobLxcw6w
Request Chain 553
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQQCFrwiYzMeuRjlw7h_O-Ble27zBHl6IrPLPAZeSaU_3uFrsT4o8Q05Pq7OT7YveSfygpwqZd6AHZpC9XE4HhY_4K69DdQ&google_gid=CAESEDpCcNB6Z9EFDws3AQfdftI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDpCcNB6Z9EFDws3AQfdftI&google_hm=T1BVOTNhMzg5ODUwZDBmNDk2ZDhmOGJkMWQxZmMyNWQ5ZTU&google_nid=opera_norway_as&google_push=AXcoOmQQCFrwiYzMeuRjlw7h_O-Ble27zBHl6IrPLPAZeSaU_3uFrsT4o8Q05Pq7OT7YveSfygpwqZd6AHZpC9XE4HhY_4K69DdQ
Request Chain 554
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMCH_jU3_RTXK2wYNIpcQmg&google_cver=1&google_push=AXcoOmTE3nsYm1ah1abN6szTcZhBwsxswqThhp5kJPcWfaImzMnrENT_xo4PnViaw_pAEuncCseV2RhRb3JLjAVTokgTSIkd2AVs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=243ab276-5ae4-4fe2-ab14-44d4a1348492&%%GOOGLE_PUSH_PAIR%%
Request Chain 560
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=138f948b-8a30-4e0d-950b-1c32400031db&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 561
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 562
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMetDcnhvWkJj_GfeCIBKUc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 563
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D
Request Chain 565
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1659511742632576896244?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Kr5owJNE2oQR_DMrkyIK.X8tWv.Bw9mPLO6eL8CSrw--~A&dongle=0883
Request Chain 566
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1659511742632576896244&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=243ab276-5ae4-4fe2-ab14-44d4a1348492&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=243ab276-5ae4-4fe2-ab14-44d4a1348492&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=34124dd9-d2af-4023-bab1-8b876a6c7394&ssp=triplelift&expires=30&user_group=5&bsw_param=243ab276-5ae4-4fe2-ab14-44d4a1348492 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=243ab276-5ae4-4fe2-ab14-44d4a1348492&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 568
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3360464478994624864&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 584
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
Request Chain 586
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7793210899005664620&gdpr=0&gdpr_consent=
Request Chain 589
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Request Chain 590
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
Request Chain 591
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dbHm8zTB1RnZac5&gdpr=0&gdpr_consent=
Request Chain 592
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
Request Chain 599
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582884
Request Chain 601
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AJo_7Lc8TsegRJXgCQ2HjQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 602
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=009A3FEC-B73C-4EC7-A044-95E0090D878D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=009A3FEC-B73C-4EC7-A044-95E0090D878D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
Request Chain 605
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDA5QTNGRUMtQjczQy00RUM3LUEwNDQtOTVFMDA5MEQ4NzhE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 606
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLKNLRNIoMiKa9CR4D0xRE&google_cver=1
Request Chain 607
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:322EA64EEBF542918DEB5120DC7B8982
Request Chain 608
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
Request Chain 610
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
Request Chain 612
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=50d3b56eb86604f8&is_secure=true&networkId=17100&version=1&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABw-5zBrIYtQNihm9aAAAAAAA&expiration=1705081701&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 615
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 617
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4138458503621837899
Request Chain 618
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLKNLRNIoMiKa9CR4D0xRE&google_cver=1
Request Chain 619
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8655C5B6C3374A6381394AEA34A93C41
Request Chain 620
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
Request Chain 622
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
Request Chain 624
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1442814614381177322&gdpr=0&gdpr_consent=
Request Chain 628
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 629
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
Request Chain 632
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Kc9avzQX1RnZac5&gdpr=0&gdpr_consent=
Request Chain 633
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 634
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
Request Chain 642
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7744353088706261032
Request Chain 643
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582904
Request Chain 644
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8_vDIEXcQ225zZIKfYRnJQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 645
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=F3FBC320-45DC-436D-B9CD-920A7D846725 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=F3FBC320-45DC-436D-B9CD-920A7D846725 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
Request Chain 648
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjNGQkMzMjAtNDVEQy00MzZELUI5Q0QtOTIwQTdEODQ2NzI1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 650
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F3FBC320-45DC-436D-B9CD-920A7D846725&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F3FBC320-45DC-436D-B9CD-920A7D846725&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
Request Chain 651
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=77f076d519ef2338&is_secure=true&networkId=17100&version=1&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMu6QcsR2PeQMBdximAAAAAAA&expiration=1705081701&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 653
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaAp4OT30KaT8BN13UvvzwAA%263838&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaAp4OT30KaT8BN13UvvzwAA%263838&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8ad416282bd147698fe3c5a11940e4bc HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 654
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLSNTJlTsrx9pQNJanS7VM&google_cver=1
Request Chain 655
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db&expiration=1707587297&gdpr=0&gdpr_consent=
Request Chain 656
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
Request Chain 657
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YML5kxHZ1RnZac5
Request Chain 659
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4138458503621837899&expiration=1706204897
Request Chain 665
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 671
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LR9I6ECV-6-CY2O
Request Chain 672
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEF7aqqnn7qxrOoqwXDY HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=VEF7aqqnn7qxrOoqwXDY HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
Request Chain 673
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VEF7aqqnn7qxrOoqwXDY HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=138f948b-8a30-4e0d-950b-1c32400031db
Request Chain 682
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9107686382435366279
Request Chain 684
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB
Request Chain 686
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CFE6577F4E63416F8D5515A5B968D3A7
Request Chain 687
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9af340be-b0a9-11ee-b4f5-5307866aad86
Request Chain 690
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1cbbcdce-331f-4816-9363-5122770f6354&expiration=1712857698
Request Chain 693
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 697
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5d190c386dfa2338&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMu6QcsR2QGAMfYL57AAAAAAA&expiration=1705081707&is_secure=true
Request Chain 700
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=388b65a0-29ea-4200-b8b7-81ea8f58fb38&gdpr=&gdpr_consent=
Request Chain 701
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
Request Chain 709
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3479968939030167000V10
Request Chain 718
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor-usa02.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%252B-%252BBanner%2526ttl%253D720%2526uid%253D75d56568a11564bfb79a01d2fa9fdb29%2526visitor%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=8840859491470346474&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 719
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor-usa02.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%2526ttl%253D720%2526uid%253D48d5713d5c563cba2049f505b2d944b6%2526visitor%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=9107686382435366279&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 723
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adyoulike&bsw=243ab276-5ae4-4fe2-ab14-44d4a1348492 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=adyoulike&bsw=243ab276-5ae4-4fe2-ab14-44d4a1348492&chk=1
Request Chain 725
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=138f948b-8a30-4e0d-950b-1c32400031db&name=THE_TRADE_DESK
Request Chain 726
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55%20&gdpr_consent=null&gdpr=0
Request Chain 730
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0622040020cf49b74725fd&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 731
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-32e412c7-3edc-5f78-7def-fdb0868d5377$ip$86.48.15.157&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 732
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=5ca428c9-85cf-440e-9b99-d27e793fd798&gdpr=0&gdpr_consent=
Request Chain 734
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1f0b40c19d084a74a891b7901b0efda3&gdpr=0&gdpr_consent=
Request Chain 737
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=afa9d49b-c70e-426b-a900-dd582d537399&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 738
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 740
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 741
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Request Chain 744
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Request Chain 749
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Request Chain 750
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 751
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4ed165a0-29ea-4700-bb4f-08ea52a9f0aa&gdpr=0&gdpr_consent=
Request Chain 752
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-RMeC_llBMu0knnG6CmgZQ
Request Chain 753
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6221664910 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Request Chain 757
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:23462B3CBAF04524AD9AA3CE86103432&gdpr=0&gdpr_consent=
Request Chain 758
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817042087204529&uid=Q7582817042087204529&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817042087204529
Request Chain 759
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=46616087-0c0f-4688-be30-2e9b7418ccd7
Request Chain 763
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2fd0f783-1697-4859-bbd5-adc742a2c4ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 764
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e59653d5-8a35-4c96-a109-9988975f2268
Request Chain 768
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Request Chain 769
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 770
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b1a65a0-29ea-4f00-9f66-cead3803449e&gdpr=0&gdpr_consent=
Request Chain 771
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3faMmfx6ADmUE0p46CmgZQ
Request Chain 772
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=249397562 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Request Chain 776
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817051425115104&uid=Q7582817051425115104&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817051425115104
Request Chain 777
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7BD62B91F2D940F7840C91E37B722CEE&gdpr=0&gdpr_consent=
Request Chain 778
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:abb3bad7-7728-4a3f-9c13-637241a3de83&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 780
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Request Chain 781
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 782
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92e265a0-29e9-4500-8c51-497ee4e83fdb&gdpr=0&gdpr_consent=
Request Chain 783
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YTfzp79iB_2oQy096CmgZQ
Request Chain 784
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2027425317 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Request Chain 788
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2ACF2DB04BF94E848D798C75A4DD2C60&gdpr=0&gdpr_consent=
Request Chain 789
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817051181789827&uid=Q7582817051181789827&ref=%2Fepm
Request Chain 791
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=8531ddff-aed5-4d92-b956-ee84a7deb16d
Request Chain 795
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Request Chain 796
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 797
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8dfd65a0-29e9-4800-b66d-7b5fb8fa6c49&gdpr=0&gdpr_consent=
Request Chain 798
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O3nBDap-AJSuicTm6CmgZQ
Request Chain 799
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2066450724 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Request Chain 803
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EEF89568BE40E69630D5569492F6C0&gdpr=0&gdpr_consent=
Request Chain 804
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817062113318029&uid=Q7582817062113318029&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817062113318029
Request Chain 805
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa885aaa-dd61-4324-946e-e0a6841f5de5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 807
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Request Chain 808
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 809
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:22bd65a0-29ea-4c00-a972-deb98de33ff1&gdpr=0&gdpr_consent=
Request Chain 810
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t6cRicX4DU658x8J6CmgZQ
Request Chain 811
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5387949350 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Request Chain 815
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:91288307E87944BCA975396031B8E9C2&gdpr=0&gdpr_consent=
Request Chain 816
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817071542122437&uid=Q7582817071542122437&ref=%2Fepm
Request Chain 828
  • https://idsync.rlcdn.com/712188.gif?partner_uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDAwOUEzRkVDLUI3M0MtNEVDNy1BMDQ0LTk1RTAwOTBEODc4RBAAGg0I7NOArQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6b05cf4fb000754d269f16677a7cf8e6e35879d71595386ba89fa9ec3f91b37e791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2YjA1Y2Y0ZmIwMDA3NTRkMjY5ZjE2Njc3YTdjZjhlNmUzNTg3OWQ3MTU5NTM4NmJhODlmYTllYzNmOTFiMzdlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7dOArQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2YjA1Y2Y0ZmIwMDA3NTRkMjY5ZjE2Njc3YTdjZjhlNmUzNTg3OWQ3MTU5NTM4NmJhODlmYTllYzNmOTFiMzdlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7dOArQYSBAgCEABCAEoA&google_gid=CAESEOW4FT3aQ4J9bdGjhP_pmTw&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Request Chain 845
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308575.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 846
  • https://ssc-cms.33across.com/ps/?_=1704995308575.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=212416160174736
Request Chain 847
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707587309%26external_user_id%3D138f948b-8a30-4e0d-950b-1c32400031db HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
Request Chain 848
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308575.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
Request Chain 850
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=MuQSxz7cX3h97_2who1Td1YwD50 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 851
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308575.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
Request Chain 852
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707587309%26external_user_id%3D138f948b-8a30-4e0d-950b-1c32400031db HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
Request Chain 854
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308578.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 855
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=MuQSxz7cX3h97_2who1Td1YwD50 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 856
  • https://ssc-cms.33across.com/ps/?_=1704995308578.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212416160174736&gdpr=0&gdpr_consent=
Request Chain 857
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308578.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
Request Chain 858
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308578.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
Request Chain 937
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&adnxs_id=$UID&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&adnxs_id=9107686382435366279&gdpr=0
Request Chain 938
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704995312-C58PAGSQ-A6ZH&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=138f948b-8a30-4e0d-950b-1c32400031db&id=AU1D-0100-001704995312-C58PAGSQ-A6ZH
Request Chain 940
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704995312-C58PAGSQ-A6ZH&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&rub=LR9I6ECV-6-CY2O&gdpr=0
Request Chain 941
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704995312-C58PAGSQ-A6ZH%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5e7dc5a8-b403-4def-beab-c9401343ad17%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001704995312-C58PAGSQ-A6ZH%252526tapad_id%25253D5e7dc5a8-b403-4def-beab-c9401343ad17%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9107686382435366279&pt=5e7dc5a8-b403-4def-beab-c9401343ad17%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001704995312-C58PAGSQ-A6ZH%2526tapad_id%253D5e7dc5a8-b403-4def-beab-c9401343ad17%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&tapad_id=5e7dc5a8-b403-4def-beab-c9401343ad17
Request Chain 942
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704995312-C58PAGSQ-A6ZH HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&google_gid=CAESEFGs3gjBcxRmTOjP0odyttY&google_cver=1&google_ula=450542624,0
Request Chain 943
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDk5NTMxMi1DNThQQUdTUS1BNlpI
Request Chain 946
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001704995312-C58PAGSQ-A6ZH%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&sas_uid=[sas_uid]&gdpr=0&cklb=1

976 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/ 		73 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f747435d860e4c17c69751fd796ed648ff1ddb862b805702cb6380c4a4c5b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
843efd38ccb939f5-YYZ
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:11 GMT
expires
0
last-modified
Thu, 11 Jan 2024 16:35:48 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 17:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 17:48:11 GMT
bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3582
etag
W/"624975547"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER%2Fgp5yOdAFTuGBq51mShdCLMKLhYZDoY7BgsP2insECe7n3paVTgyGDrM3728pDkZj5gT6KAHZv7sLOOi09cpjz1HCXLhV1%2B21w7aA%2BlI2D%2BgUECHBO2FxA9n%2BkL3JOKVAbXIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3aea5739f9-YYZ
expires
Wed, 03 Jan 2024 10:53:46 GMT
main.css
www.bleepstatic.com/css/redesign/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b276cfb3e278b921e5aba3d9c475b977b04dded5324b5d102b3fad66a336fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
594024
cf-polished
origSize=65947
cf-bgj
minify
last-modified
Thu, 04 Jan 2024 20:47:28 GMT
server
cloudflare
etag
W/"4199608392"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuVF4F2wh0i8K%2FKohM%2FphakvMef9r9dZRbufTO0WM9Ey30q3UutGrcsjFMV7LQUOgT88W3ww52tg4PAHNrumgenB80DM6yb79i3vS3FJZrfUpfWfAHuRRGJndWCJv0iB9uQ9sAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3aea5039f9-YYZ
expires
Thu, 08 Feb 2024 20:47:47 GMT
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1846
cf-polished
origSize=15024
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 03:04:07 GMT
server
cloudflare
etag
W/"327631530"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGeu8YpHE7PukPaekFzRuGWpA2qnZ39btJQk9FKEd0J1I0V7CLGUxMyEiHIiqzr%2FS%2F477cyp2wFaWlpk2bR3PoT4Fl6AEGDKcA2hMvE7JkKySDSkeUT0Bk%2Bqd0AISPChQS21kJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3aea5339f9-YYZ
expires
Tue, 02 Jan 2024 07:28:04 GMT
news.css
www.bleepstatic.com/css/redesign/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320afb4599d0c6913c1d0f7ad16609b48bd357898f5a6db56441e9d4bd8ecddf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5994
cf-polished
origSize=35388
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 19:50:03 GMT
server
cloudflare
etag
W/"3051701435"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KW59ibmZ7s%2BPOw2fZaCsYgJd5rN%2BJwrhZp6cMoifvSmUI3%2B%2BhzvNus%2BeeZ%2FkMNWr1Y%2FxHf%2Fbzf8r2zPze9rhWoNTx9Sugt74kgVlA17PEAC2fO%2F65OVFBQ4ko13rEETxj1cvgfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3aea5439f9-YYZ
expires
Fri, 05 Jan 2024 07:07:30 GMT
jquery-3.5.1.min.js
www.bleepstatic.com/js/redesign/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 23:02:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3521
etag
W/"1177690299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbIeAPrSdN9qCjfRbI3U9Jefa7tGEV0vOaO0ruPr2CRYVXFWnweh5EpuIcBGlf4vLQcQQ3hboobbwOzrvSgmFlPj1N4s%2F1bqbuk5xRuTfFBU2Ml%2B3a3lbn5%2BlVUz7t1eR8ibENw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3aea5939f9-YYZ
expires
Thu, 04 Jan 2024 09:24:46 GMT
jquery-migrate-1.4.1.min.js
www.bleepstatic.com/js/redesign/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 May 2016 01:26:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6755
etag
W/"2177127834"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEKiv6LTj%2F5eEtVCwD6z3hFC3ru5bdeQg9RSExj4yXkhPRbqfCiwKuYRhX0jXwCmbXyC1wV52E9HmOlL2V%2FAPgoDQBNU2Sur%2BHUQA0s6jH9QTRLmgBcD6PkXHt4FrUJWkGfzFk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3aea5839f9-YYZ
expires
Tue, 09 Jan 2024 14:40:12 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2627
cf-polished
origSize=247
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOdSAEebE9Sfd4W8oXUb0agu6vQfERMlnxhIlVE68oUSm%2FBJjRylW%2BedX0FQ0xuQO5I%2Bi2ulGLIIHGfLPTaEmPI1ZBZmhQ5w5iZkmlux798MTb%2BrKNBpyHMPAG3usLyVq%2F88sU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3bcbef39f9-YYZ
expires
Wed, 03 Jan 2024 11:00:43 GMT
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2020
x-guploader-uploadid
ABPtcPoN-8keNt5jWlVzVI_0vkxtpJij0Rr7102z3serkBu2ZCPyKKME-Mi5te2voMi-L6AIl88
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 28 Oct 2022 14:36:10 GMT
server
cloudflare
etag
W/"816783146b3907e634d0e822ca759864"
vary
Accept-Encoding
x-goog-hash
crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation
1666967770269941
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
2096
cf-ray
843efd3aecec36d1-YYZ
expires
Thu, 11 Jan 2024 18:48:11 GMT
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215cec71325fdcd1acd71c902d3b4487b72b206c6edcb2b1b76be8a6b8435292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74037
x-guploader-uploadid
ABPtcPrNkL0VNdm0DRZI6EDbcs449_A8k9Dab_KOp380el6QKz_v4DAS627YhYVLGzrmEOU5cF4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 10 Jan 2024 21:03:34 GMT
server
cloudflare
etag
W/"3098b1f432d470aa5e35eedeb1ed2d35"
vary
Accept-Encoding
x-goog-generation
1704920614595406
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=kK/V8Q==, md5=MJix9DLUcKpeNe7ese0tNQ==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
53387
cf-ray
843efd3bce2d36d1-YYZ
link
<https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Thu, 11 Jan 2024 18:18:11 GMT
js
www.googletagmanager.com/gtag/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
5a1cf6259640742cd17cfecd298cf47e838bb4889d9b2f0f6f8825294fa9a096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51745
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 17:48:11 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86346
cf-polished
origFmt=png, origSize=1882
content-disposition
inline; filename="logo.webp"
content-length
1152
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1XF4svdlbVmOeWkvt%2BNlwfiSL3gn9WCl0EVddNF3CgQgmHJDQ%2FuC%2FOvLilLJdEATHbcppKxJXzAn8Qz6rCR7qk1TdkzdnuOQFqV2yqXjIirqPta%2BjAdzWYaTe%2BeHJHbFHD6mlU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcbf139f9-YYZ
expires
Fri, 09 Feb 2024 17:49:05 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 22:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 11 Jan 2024 22:46:53 GMT

Redirect headers

date
Thu, 11 Jan 2024 17:28:28 GMT
x-content-type-options
nosniff
server
sffe
age
1183
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:58:28 GMT
Ivanti_headpic.jpg
www.bleepstatic.com/content/hl-images/2023/07/24/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2023/07/24/Ivanti_headpic.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb7cd073065a3b1f01b4467f80251ea7d85ffc6c2e7b3283e84d83fad83bbd83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82425
cf-polished
qual=85, origFmt=jpeg, origSize=203861
content-disposition
inline; filename="Ivanti_headpic.webp"
content-length
22860
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jul 2023 18:51:17 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8muYKvTwqyMZONrzHmsqNCwEmiBweZ4zgAkZV8w0U6JOXRT46m4liUoSkdbO1WoQDwhFfkPq1hkGvDGhqnK4C5AsOI8d18SMpbU%2FLcYYmlDgqTT5MRoQ001MUNQ%2BQs3AyhOxEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3b1aa539f9-YYZ
expires
Fri, 09 Feb 2024 18:54:26 GMT
Volexity_Ivanti_tweet.png
www.bleepstatic.com/images/news/u/1109292/2024/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/news/u/1109292/2024/Volexity_Ivanti_tweet.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e910af5525a7583bf6017bcb284684759653ab1a230faca211b5d42336c95d9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78787
cf-polished
origFmt=png, origSize=142169
content-disposition
inline; filename="Volexity_Ivanti_tweet.webp"
content-length
44330
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Jan 2024 19:20:08 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=io5MLAg1FJUevZmtjaGLpUQgnMPAMp2kse78y7flm6oqiDlmm2Dan9zDVoKKi%2FNAC8H0XWwgUuTrQ3agKA%2BXKEE5uqmXN6ke8gZt%2FRDk3W4eOtf1iRa%2Fl7KxnDbuMMj%2FNAWlaMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3b1aaa39f9-YYZ
expires
Fri, 09 Feb 2024 19:55:04 GMT
Internet-exposed%20Connect%20Secure%20and%20Policy%20Secure%20gateways.jpg
www.bleepstatic.com/images/news/u/1109292/2024/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/news/u/1109292/2024/Internet-exposed%20Connect%20Secure%20and%20Policy%20Secure%20gateways.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a2b11d6b7ee8a043ed03c34d84257e967968b11c7781c1a590f19f6ca9aece

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82425
cf-polished
origSize=155895, status=webp_bigger
content-length
148398
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Jan 2024 18:35:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHklWxz6M44iNLYg4ggccDlibrffldmbBjA0LaOaH672%2BiWw44nVO6%2Bfgp2U%2F7d%2FPe3Y9aLeqoFcs7eFGlNbCXfGgxaHdwuQsK7KTQ6LMpj54IEj%2Feqi1of0tT3Jt0LXiP5fjsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3b8b8839f9-YYZ
expires
Fri, 09 Feb 2024 18:54:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9936db31f973b0e45eb34c65cd0c6c87b8dc687dc602ca3721c4f9329fa23bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51492
x-xss-protection
0
server
cafe
etag
15414877897089044271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 11 Jan 2024 17:48:11 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81180
cf-polished
origFmt=png, origSize=475
content-disposition
inline; filename="twitter.webp"
content-length
282
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMOHIB6P9rTjmDdIdfPlTIZ8eUvdnXtlCu81LsxaOUCNz99RT0CYV3ODtasmlIkllpeWOgFesodzQlfcvcpUw1%2BVTYy6TTA3dzXrX3aqtPjoFV5cT%2F7sU6GsKt0BXIgGvGOP1m0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcbf539f9-YYZ
expires
Fri, 09 Feb 2024 19:15:11 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/bootstrap/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6755
cf-polished
origSize=75484
cf-bgj
minify
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"984724076"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1iqExPfvfbHeyeCAqx4CcjzXJVDn4Kv1Z6MaxEeqyTi5N%2FDpaMS%2FGT0QRlAEAIViKhBNg4nglGiaVI5lxMQ0AHDxnXA8CRD1jzoodhRN8z8HnaEYNtRS36graV7Q%2F%2BVmX5ayrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3bcbf739f9-YYZ
expires
Wed, 03 Jan 2024 10:35:04 GMT
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3521
etag
W/"753357888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOT85x1y2YE1NuR9aCv0vLo5OoDdB61%2BSK3JIcTQBN7SuzU%2BEmWjwDb6PCp4bWZip6Gp%2F4bywJvY5Tpvjc2QGzOQunCzyo5XiKJ2QL1V1CNZSY77NxDrL%2FPgytlpB1uUguWKGF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3b8b8939f9-YYZ
expires
Tue, 02 Jan 2024 09:23:31 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4921
cf-polished
origSize=3600
cf-bgj
minify
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIt%2B5wSTi%2BUOdnaRF8JqeidJ%2Fi7J0ZunMMjmjuFmeMQnzlaq70Hi8CWdzNfZcLyyi11VhkI5RmkTvneuP4VS60LuUjjSyGwp5mCGquHEVn0EFBcJ9QsKAokAxYyOBpCn77oGQUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3bcbfb39f9-YYZ
expires
Tue, 02 Jan 2024 12:27:33 GMT
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1846
cf-polished
origSize=48706
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Df%2BDTUJcAOHIEIcM9uIZE4cDYb7tOCdMf85akkbCfY1dGcX5bw2smE41L3VKB2tCKCnCdWMiJNzNVi5P9RXQtF8Ey83%2BlZaP%2B0C0HeAmpv8Em2qzIbYvq0gIBTXt0vtqpWsm5bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3bcbfd39f9-YYZ
expires
Thu, 04 Jan 2024 07:24:52 GMT
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7031
etag
W/"1740214911"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbghIMSPPHvLDxYoRWog%2FTLZf2J7ySU6MWXxwrIfq%2BXIs8MAqmy6c8hVAkR1TYFqtPZtWYCs1lH%2BRonXVzOTEv9f0EFkL%2B%2FffIr1TXFyuqrD2df0gSa9VX6ROwKpuQhUowL9Ajg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3bcbec39f9-YYZ
expires
Wed, 03 Jan 2024 07:42:38 GMT
connatix.playspace.js
cd.connatix.com/ Frame 8EA9 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
467b5616b4b6c9ea667313934635fbe5d618dc44f6640e68924bbe0670c0cb5e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd3c0c08a222-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.252.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-252-87.mia3.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:32:31 GMT
content-encoding
gzip
via
1.1 ac14fcc863a89fac74e34ba2c00bfef4.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P6
age
941
x-cache
Hit from cloudfront
content-length
1696
last-modified
Mon, 07 Aug 2023 11:07:01 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-602533ee4ff40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
zuTfPlbgz6P5vMDDkiQVAIkdsLpDnNj-ILwCik-6HL_2-UL0d5Am1Q==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.98.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-98-27.mia3.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
39701757b0e1dd58ec88add57b1be1a36c5652f5ed12ce3fe3c1e042271ed5eb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:40:36 GMT
Content-Encoding
br
Via
1.1 e1c42f7e378e3bdce50f3034fd2550f4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MIA3-P5
Age
455
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Thu,11 Jan 2024 17:40:36 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"1136f54da3dbac4d6a749881149ef1f5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
Q7x_PICgtZWMR7Dpf6MXfmsJSjE1o7ZsaRhTEDy3dCrQcC_NnKm1MQ==
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84572
cf-polished
origFmt=png, origSize=187
content-disposition
inline; filename="login_bg.webp"
content-length
126
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARRDyxze5Slqu1RZQ1Z1FPReELytGLeh%2FLknaBDYYhYfCdfVHtEzlsdzumuw5P7prrU%2B7L1B0%2FB13p3w9BfHWjNQ4U%2B34NzWzK0sowxL4QOjHMnpTCRCQf0JJi9ey3yNPVsFekg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcc0c39f9-YYZ
expires
Fri, 09 Feb 2024 18:18:38 GMT
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79863
cf-polished
origFmt=png, origSize=83
content-disposition
inline; filename="nav_bg.webp"
content-length
72
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saj5JyyZWsHvfL25sgO4wdI4%2FCf5xh9lO9PNnNScSqVw35tzzuCKzYFJ5yKgFsdpqtoTJSUvrJy2baMzgofMWNm6dKdio298svIR22j6mcs6sE9uK24D4h80MUEOYlK94UbwLtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcc0f39f9-YYZ
expires
Fri, 09 Feb 2024 19:37:08 GMT
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2412970
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
cf-bgj
imgq:85,h2pri
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRRIsGrTrPHkHGy3cOBxUNLjXnnYSXDZ72OV2By6fTaN0MBM5qOiP8uR7IEplfO8mRw3uuis7SYclRtdKAApJP5NmgaIkJR6Poihr%2Bjnh4iuxDjUAbJnIFTsJ0ttG%2Bf3ZgkM07k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcc1339f9-YYZ
expires
Sat, 13 Jan 2024 19:32:00 GMT
calendar.png
www.bleepstatic.com/images/site/ 		86 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78948
cf-polished
origFmt=png, origSize=129
content-disposition
inline; filename="calendar.webp"
content-length
86
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2OqfzzKaP6C3wWhC%2F6j9wFa3sk8rq6zdAS%2BcdCdwbVAFdioZsWQzUbVDmZA9CMaDpADhugLK%2BMUyu6Fk2QlewrXmJ7L7xFmkwohvGWginEPPGyVWZOwem5fW6vwvmaMp2G3FPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcc1739f9-YYZ
expires
Fri, 09 Feb 2024 19:52:23 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84819
cf-polished
origFmt=png, origSize=1316
content-disposition
inline; filename="clock.webp"
content-length
252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10OZI5PSdHVaZfTKvsJdq4QFnrteTtkvKlKXRXI8tfQhNY6o1p42swzy%2FSxht86%2Fa4DWMPrTD8G6mCT04AuontKGU%2FbvluT9JDykWTk6o0hJBs6Brv3H8pxb2ARj4rvvO9XyKzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcc1839f9-YYZ
expires
Fri, 09 Feb 2024 18:14:32 GMT
comment-light.png
www.bleepstatic.com/images/site/ 		94 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81106
cf-polished
origFmt=png, origSize=1034
content-disposition
inline; filename="comment-light.webp"
content-length
94
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P5UFQr93r1OVwQlDLVOhisCkZfRLJnkm%2F1oHH3t2cPefQZhKziSFJWBURb%2BAbMgK3YDeSu35MnoQxTBvPtRV7NDl2D48SetsTnkHEKpPpm69k949mqAutEkxgg0PRKw4v1XPJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcc1b39f9-YYZ
expires
Fri, 09 Feb 2024 19:16:25 GMT
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78270
cf-polished
origFmt=png, origSize=618
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6h98IqOAXS00%2BxvjdOwYb1zLUxQ%2BJ5zwJrGdJTwwFX4lBSGanqFAuxAtJXthbcw%2FTa%2BNgjXV2xU5wLy%2FF%2FVeY7LYr4kLWgJCe6DyeT5JgFU1okPDbiyConXKBs8XdzVoddZ%2BHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bcc1c39f9-YYZ
expires
Fri, 09 Feb 2024 20:03:41 GMT
71f54ec34151fbdfe89e478d7b6e5ddf.jpg
www.bleepstatic.com/author/photos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/71f54ec34151fbdfe89e478d7b6e5ddf.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ad0b9df7515fa3306e9d7be329bc2668e04dda4e0a454b0fc842468697ed82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2222
cf-polished
degrade=85, origSize=6170, status=webp_bigger
content-length
5932
cf-bgj
imgq:85,h2pri
last-modified
Wed, 02 Jan 2019 02:04:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4%2BXVVXZy5gc15mTH5nOfNS4UQViJTUy5t1JqIwrE%2Fp0bgVOn0ZN5D7XycEYaz5s3NTOUoS5fJbu71poIJW1McXVROKaZbLA5IssdTlVuswq0xii8n0hmzf3tOWbWXkvxJJPBSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bdc1e39f9-YYZ
expires
Sat, 30 Dec 2023 09:43:01 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=01.04.24.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81152
cf-polished
origFmt=png, origSize=72
content-disposition
inline; filename="h4-bg.webp"
content-length
38
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uClT60%2FJmI4RciCxODbsy3lKiYa90%2FA%2FbM6cyqJ68xDE6Io1uafQKtcZTw%2F7Lpl7Xe9eUvfUt0mYxpHzFrUNQZXJltG0QyzL2M0pliRMIUkZCgPJzZxc70YvOawkh3sHl3fMvZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3bdc2039f9-YYZ
expires
Fri, 09 Feb 2024 19:15:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 21:14:16 GMT
x-content-type-options
nosniff
age
74035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 21:14:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:59:13 GMT
x-content-type-options
nosniff
age
118138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:59:13 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:54:08 GMT
x-content-type-options
nosniff
age
118443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:54:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:01:39 GMT
x-content-type-options
nosniff
age
117992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:01:39 GMT
configs
d.pub.network/v2/sites/bleepingcomputer-com/ 		74 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fc4a0832bbaf61390180d330873598b0993d78ad92ee5ba3a56c3f947f3b7229

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6025
cf-polished
origSize=4895
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j63AZyybqQhIw%2B5ZUDPdIgTkm0%2Bs8CfJCfIxKrQyU2bQMGjMDpTniDxI55%2BX49HewErTdErO5CM8SFwiT%2Bo3zZ5fXDEZH2PgoVgeCl4qxOwKjUrKpFqceWHDdQPCwxXfjWJwZE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3c3cdc39f9-YYZ
expires
Tue, 02 Jan 2024 09:47:41 GMT
fontawesome.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		79 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/fontawesome.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:35:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
45
etag
W/"2038534161"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcc7QY4cTp2AYHDDKgDpatKreMRjBI8u%2BsyZM5jr6v0Hl7NG05gtasR3e8mCaEaKXj1VxI0moGmSykyPREPaJ5GrWk6KwMUfu2MsZG%2FddxoR%2BjFPf68w79L6BXOxElvTYVBWFTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3c3ce139f9-YYZ
expires
Tue, 02 Jan 2024 12:01:43 GMT
brands.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:34:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1128
etag
W/"2013745295"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeHEko%2F8BngMfQEGfoRoMd%2F%2BbX7pe7ZNcGctFN6IsocRkOZhpS2ClfR8eI1o6sGA14QvnhETUSFdqmolNkrL5MNdqin8YcfmMHYU9A0PIteR2z7VJDvTb3yoRUyLiNpSuwCFKTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3c3ce339f9-YYZ
expires
Tue, 02 Jan 2024 07:39:31 GMT
solid.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		572 B
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:34:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3582
etag
W/"508050520"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtsdN9sFe1Z3Do%2BX4rlz1ZsxwYVMdYsLH3Y2vGZ2GhDrV%2BSR1XLfurDRJqMqd0yBXVgWlAt%2B0hfSddGEg2FPJDFXygQDoiqGCwqDIx%2BFxNVE6yNDFCi9XRYYehszxRjinHX6aIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
843efd3c3ce539f9-YYZ
expires
Tue, 02 Jan 2024 12:27:36 GMT
c58d18b3b4993393a2e9c50ba277842087f6c6.min.js
functionalfeather.com/chunks/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/chunks/c58d18b3b4993393a2e9c50ba277842087f6c6.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
e72ba23c3e939cf75cfcd6892a5b560da5510b2bb422b5ce99a5e156f6fbe4a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 11 Jan 2024 17:48:11 GMT
x-datacenter
gce-us-central1
etag
"f291d31a688b6b15165e6d589d2485a8f1d32178a4ec09a92fa4d2de59afedf2"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-central1-test-z21h
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
292x176_Windows.jpg
www.bleepstatic.com/content/hl-images/2022/07/05/thumb/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2022/07/05/thumb/292x176_Windows.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd942f13d3ea0b62269c35726f2d4ce75993d4fb8dd0e3f3a9e708d13b374a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78832
cf-polished
degrade=85, origSize=46511, status=webp_bigger
content-length
9182
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Jul 2022 14:28:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kL2%2FTayKiM0PbgZcOgzwqZ8wFs8%2BwspyIfhucRuBOfO3g0S3gXIRnVIxeQAPaUZFx0qEaDqrXth539N%2FT8znC9JEI3Anl%2FtIxgKqo5GC4PdPBFJpLYrTAtbSrq1oETJrTW61Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3c7d4739f9-YYZ
expires
Fri, 09 Feb 2024 19:54:19 GMT
292x176_patch-tuesday-header.jpg
www.bleepstatic.com/content/hl-images/2022/12/13/thumb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2022/12/13/thumb/292x176_patch-tuesday-header.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c61f67b1b1399af6d07e49e904a0e5ed88698441a36e5aaae5d35deb90b35e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87829
cf-polished
qual=85, origFmt=jpeg, origSize=23401
content-disposition
inline; filename="292x176_patch-tuesday-header.webp"
content-length
2460
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Dec 2022 22:16:19 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmO%2Fpp3SQ7u3A8kXIwHyonbK1LA4cqctz9QzuyMBWYM4m5KLzE61szIkDgP1b97wvrxkY6QqaR3L116dAa%2F72AqOIaxaQBH%2BSGQNfgoMZvYQERs6TG0twpn1FKVaBtwbmQSYQJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
843efd3c7d4c39f9-YYZ
expires
Fri, 09 Feb 2024 17:24:22 GMT
connatix.playspace.js
cds.connatix.com/p/407440/ Frame 8EA9 		1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407440/connatix.playspace.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0dc1487247c5693cb0a467b83d37c45f24da2838e142627529a05c862588a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
x-amz-version-id
lP5GMkEhN1ikyV_g_4Wz2XhFfjM4_PJI
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 11:29:44 GMT
server
cloudflare
etag
W/"6cabed7f7888e1bf8a23b4f9bd77f0f0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843efd3cad0ba222-YYZ
access-control-allow-headers
range
expires
Fri, 10 Jan 2025 17:48:11 GMT
fa-solid-900.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-solid-900.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:33:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3845
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3UxBAp77tSJo89t5c%2F%2F9ELOnajTOxIUq2AHPA7UctDreaRjMrJY2KVRhYv9783YurKl%2BzXUqGhps4wbbHmSs4bFh1ioT7vRb7FSu1AtLzucXgtFbhTXGj7Xi7vgnBcy6SD5wL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
843efd3ccafcab3b-YYZ
content-length
150472
fa-brands-400.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-brands-400.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4897
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=md9Vt3YD2ehVXGsdWDDvi9Y3qYZ077U0j8HNmxMG9VQLqI0rCSdTnzFiVODZQGpQwMQlDa4eg8PH0YpWfT4%2FPZARafNQngzRljXHYajqaJNcwsb7AOBjgkPbJt8O88VwMbtyuIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
843efd3ccafdab3b-YYZ
content-length
107460
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 17:48:11 GMT
expires
0
fs-client-rtt
1
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=bleepingcomputer.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
2c0495a57663c420645febd01e4ce37cc62c6512df6732d06880d74f0e1761a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 11 Jan 2024 17:48:09 GMT
fs-client-rtt
17
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6541
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.166.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-166-7.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:38:36 GMT
content-encoding
gzip
via
1.1 a6d85ea59bcdf706b41bccb78ec2f8f2.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
MIA3-P7
age
29376
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ea1HAY8t6z1DyciElRA0jpQfCnS6k5U7_7J3sXptpzg_v9Erd9SEUQ==
pubfig.engine.js
a.pub.network/core/pubfig/5.33.0/ 		323 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b1d3fec510908a7eb6e4baf8dd34e15b0762c9003e639a46a79ef56fd6fdf1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74040
x-guploader-uploadid
ABPtcPr2wIawst9RDJJNMYIVLIiMg41qWbxD-ZHI7-YQNaa9g-rz2BhGSbx9HiKCKFcPIPj5LH8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 10 Jan 2024 20:12:10 GMT
server
cloudflare
etag
W/"3380857a1c2cf04a1bc3a1e935abc8d8"
vary
Accept-Encoding
x-goog-hash
crc32c=7B7rJg==, md5=M4CFehws8Eobw6HpNavI2A==
x-goog-generation
1704917530590041
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
330269
cf-ray
843efd3cc81136d1-YYZ
expires
Thu, 11 Jan 2024 18:48:11 GMT
js
www.googletagmanager.com/gtag/ 		279 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ff2053e2a175a8cae7780c8f03f2283ab845d9b7994d6658e54ce54d25b6761e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94124
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 17:48:11 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 17:39:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
502
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 11 Jan 2024 19:39:49 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 		403 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
b7f0075bb5495ed04ea33f2843bcaad18a45c187fd35c20169b53033cd7fb76b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139401
x-xss-protection
0
server
cafe
etag
13368157776238595982
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:11 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 0CAE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
67309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 23:06:22 GMT
etag
9219409622527106327
expires
Wed, 24 Jan 2024 23:06:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=6922349_advertisement_
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.174.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-174-3.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:43 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 d6605453ddfd18c81ca7f231a465f2ae.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P4
age
2679509
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
oZDwR17ZOEQwST8cZqTJBxcmn9bw1K16oEQ9nn7-0DJqEeOyn5Ju7w==
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 21:26:30 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.77.79 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-77-79.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 10 Feb 2024 17:48:11 GMT
date
Thu, 11 Jan 2024 17:48:11 GMT
last-modified
Tue, 05 Dec 2023 07:28:21 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
f81a2d7e788e2bf34a2216b6f4b3078f83f4d5f9b5ad54bc56806506630e0a0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29802
x-xss-protection
0
server
cafe
etag
298 / 19733 / 31080328 / config-hash: 12547216135074222120
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:11 GMT
prebid-analytics-8.27.0.js
a.pub.network/core/ 		687 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-8.27.0.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f5acbeaf7ccddc8ce13c49068b369302a2911e785fccba112eacb95524d90c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74040
x-guploader-uploadid
ABPtcPp4pw2SQnXGrphTjevRGV0PJ-TdNHllw8HfFSbAYUSGSzm5gJjyeIByHyh3FWSskPDjIS4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 14 Dec 2023 17:02:40 GMT
server
cloudflare
etag
W/"7e0c4234982f9ce38492007cc357beca"
vary
Accept-Encoding
x-goog-hash
crc32c=meKL5Q==, md5=fgxCNJgvnOOEkgB8w1e+yg==
x-goog-generation
1702573360105265
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
703135
cf-ray
843efd3dd9d536d1-YYZ
expires
Fri, 12 Jan 2024 17:48:11 GMT
collect
www.google-analytics.com/g/ 		0
177 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je4180v878037826&_p=1704995291466&gcd=11l1l1l1l1&dma=0&cid=1419357324.1704995292&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704995291&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&dt=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=916
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61687269a3714cfb62fabe1d82270e03508d2dcbda0fa4fda1dd90f7bc45a936

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 15:54:47 GMT
server
cloudflare
x-amz-request-id
S4NZMB5QVH76J8XA
age
520
etag
W/"b761ac51089d729a3878f294ec708e74"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
843efd3e8b27546d-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1S983o70M7uvylujGnzvfOdGlQJPUiNyhTE5eLHRXPB6uuKGuFzbD5eG0pbM/eAaV3FlcKi0EFI=
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
461 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f90de10b7949670538a5dbe49d28aa63bd5409dd5f0bee249ebdf20f83303f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 17:00:45 GMT
server
cloudflare
age
2831
etag
"a8d7c3b96c5a69f9d31a665fd6192cb1"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
843efd3f1f8e3a09-YYZ
content-length
97864

Redirect headers

date
Thu, 11 Jan 2024 17:48:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsVH7P8o5QrgNmKpILKIDWHOYxbl7YLqIoBuoVIyj5TY3W2IDC0Sv%2FRfWy0dev5Hrb2A13OlDegy1Vrtoox8OtjMa6b8nKhnWRARbEWrjxjRfEHpOu4hy7N%2FMiyEhPskUSg1npd2pKaZCu9Y00B5Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
843efd3e899a3a0b-YYZ
expires
Thu, 11 Jan 2024 18:48:11 GMT
cSyncRemoteEntry.js
cds.connatix.com/p/407440/ Frame 8EA9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407440/cSyncRemoteEntry.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
x-amz-version-id
dLpy.g.uhNbI0ZQcsCpNK1inTws_nBoQ
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 11:29:46 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843efd3ea876a222-YYZ
access-control-allow-headers
range
expires
Fri, 10 Jan 2025 17:48:11 GMT
connatix.playspace.css
cds.connatix.com/p/407440/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407440/connatix.playspace.css
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc5851758ac9f463cdc2fc3f76298fe17e16d607788e6e2bf486f19288413eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:11 GMT
x-amz-version-id
PVyVko0X2C.NGR8dsaeCFFXs9Sm65Xr2
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 11:29:44 GMT
server
cloudflare
etag
W/"82dee560f7efd9da1bab844ae7f14cef"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843efd3ea87ba222-YYZ
access-control-allow-headers
range
expires
Fri, 10 Jan 2025 17:48:11 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1811137004&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ul=en-us&de=UTF-8&dt=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=123175357&gjid=995632560&cid=1419357324.1704995292&tid=UA-91740-1&_gid=853973529.1704995292&_r=1&gtm=457e4180&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1775212016
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0E62 		190 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
688b1ae04781d634c0b8131b2c0ae0bbd676b77b8d531b2c1761ac8ee583dbaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40469
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:12 GMT
expires
Thu, 11 Jan 2024 17:48:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704995292003&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704995292003&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warn...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704995292003&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&c8=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
18.173.166.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-166-7.mia3.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 a6d85ea59bcdf706b41bccb78ec2f8f2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MIA3-P7
x-amz-cf-id
vOcVOffzFyWHqwE090gKRDtiR3aZft4_kEU6XedrmoS-4KCgETVAqg==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 a6d85ea59bcdf706b41bccb78ec2f8f2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MIA3-P7
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704995292003&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&c8=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&c9=
content-length
0
x-amz-cf-id
YLGruOK-H2MezZ2ZiXfHjQbXM8iFofhCnqr-w0fNP-ZmmlM0IV1rfw==
ads
googleads.g.doubleclick.net/pagead/ Frame 4648 		202 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1704990948&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291703&bpp=2&bdt=412&idt=304&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4854219360770&frm=20&pv=1&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=322
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
5ecad8f4fe2cc621b72625c5a14a1c58e3848cefafbac3224c4392bffd7bae44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
55470
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:12 GMT
expires
Thu, 11 Jan 2024 17:48:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&charset=UTF-8&ch=9&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=93437072
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-98-32.mia3.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
199781a53ec8660f226377a7390e95a3e55dcd1404329262bdffe3e9365e0f0c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:12 GMT
Content-Encoding
gzip
Via
1.1 55a2e492c74577abf8547dc740add63e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MIA3-P5
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
7803
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
-lGA2DMDoXGZf4GIFcomfU6x5irIfyaTNCX6LzqThy2HlPcVEYQMUQ==
Expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/ 		437 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
31098
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140670
x-xss-protection
0
server
cafe
etag
10621281385585276585
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 Jan 2025 09:09:54 GMT
952.js
cds.connatix.com/p/407440/ Frame 8EA9 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407440/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
x-amz-version-id
sEvQmAv7S6hDzqjOZC7XjNSxmlE1Xz2P
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 11:29:46 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843efd3fbafb387e-YYZ
access-control-allow-headers
range
expires
Fri, 10 Jan 2025 17:48:12 GMT
402.js
cds.connatix.com/p/407440/ Frame 8EA9 		45 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/407440/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a453ade31af0118629c4b7686eaae4e4248a1768b707e033d8d0f4eaf177c01a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
x-amz-version-id
2xY55y4uFDr4qAHDLoiAKB9VuotDd7vB
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jan 2024 11:29:46 GMT
server
cloudflare
etag
W/"0bfdcab785ef6b9a586feebcbe69419f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
843efd3fbafd387e-YYZ
access-control-allow-headers
range
expires
Fri, 10 Jan 2025 17:48:12 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
0NPZDYNAPG3XRPTK
age
3734057
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
843efd3fbc83546d-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
25EHkAcEglVDdRa6jAEQ9AAPVYN+c7zyFPTsIs1b5wkonftMKCfrobJni1IIccamevhYz7OrqA0=
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
596095
x-guploader-uploadid
ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUSyAfKpnTDyUcnEijR52nugpHFDri35J%2F4qCyoDVcPsiSdSNZ1sSpKSa59mBFakdSUYRlED39h8UiUgTrqQYbTpZd7uBZmxt%2F0yO%2F3AdQ0VKTYS62%2FmqJqaBwU8rUSMqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
843efd402a44a232-YYZ
expires
Thu, 04 Jan 2024 20:16:49 GMT
px.gif
ad-delivery.net/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.35218588044519894
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
596095
x-guploader-uploadid
ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J92x695I7u9usoL0YReQuiF56KhdMRxKJGRPNcZaJER4mmXQVX1Sn%2B4bIDwdxYLS1sAfsHFXWOS%2BrJRqySkMMOYKXskJ5uul%2Fl3YRTCANlt4i4cbnSYwi2wd01RYvQIRmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
843efd402a46a232-YYZ
expires
Thu, 04 Jan 2024 20:16:49 GMT
sync
capi.connatix.com/core/ Frame 8EA9
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc0716b08a37c6b275d9c81ba700edcdf84fafa85a46bffc68e7116124172f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd40cc44a222-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 11 Jan 2024 17:48:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd402b12a222-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
story
capi.connatix.com/core/ Frame 8EA9 		32 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=407440
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56acccb87305824a853252a5ff5a4efef7a04df5f435da955399afa5900cc714

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd402b14a222-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CC8G5F16RM7B26
age
2425
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
843efd540f1ba1ec-YYZ
x-amz-id-2
HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=
IIQUniversalID.js
a.pub.network/core/intentIQ/20230622/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74041
x-guploader-uploadid
ABPtcPq6ec_-5nFeh-99PKLNqvSp_1ZGkuz-4QsVhxDS-OfnW3oN9P9UiVplM2yIAqXIiEnbrAM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Jun 2023 23:15:14 GMT
server
cloudflare
etag
W/"c45a15a8a50c2a275e14695cf631d08d"
vary
Accept-Encoding
x-goog-hash
crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation
1687475714790007
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
56442
cf-ray
843efd40bece36d1-YYZ
expires
Thu, 11 Jan 2024 18:48:12 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.168.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-168-203.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:54:12 GMT
content-encoding
gzip
via
1.1 e685e9e08c2e4b105f4d86b35da50628.cloudfront.net (CloudFront), 1.1 b2d81f0349dd7259d5dfb1b35b379c6c.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, MIA3-P3
age
3241
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
MG6QnyxBrge67YP2lW8AsqYYC32Aj3v2qg_rkNIqqi0Wq-UBH0lsNQ==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.87.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-87-78.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:49:24 GMT
content-encoding
gzip
via
1.1 3f72a8b28c744ea2f627e9f8a8ac8282.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
MIA3-C1
age
3529
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
v4Sv5PF_YV5Jonb0sLq2RGoIdMa_qyDcPeKxIvyDh0X5Ri3thG0Hkw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 22:46:47 GMT
content-encoding
gzip
age
2487716
x-guploader-uploadid
ABPtcPrZNycsIc_V62CFdCp-vemwrcvjuYKrzjTPSBVGPf3mGpyDdCB7zZqyhv0QRzKdP3YLpsNkztL8YIfFlhnjCIiuww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 12 Dec 2024 22:46:47 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:43 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
447a549a1b17aa2313b448c6a1c01e30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
AZZ5KFKDFK5SE2V7
age
1037
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
843efda14ffc39e4-YYZ
x-amz-id-2
ZOhcmNQJLuqNGCWcrYkdgGXf9/hWmGbGDRV/KBH6127A7AsPEdweo9DvCUM5XJWyb7MSXM616w+a0xvjaYb4Yw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 11 Jan 2024 17:48:43 GMT
x-content-type-options
nosniff
content-encoding
br
age
20917
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4529-YYZ
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=45ArMbmYZ&w=5733492711227392&o=5714937848528896&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&sid=L9TLVhQc&pm=true&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 Jan 2024 17:48:12 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
4b943f1e892c6856ba4e0ee87590a6936f6a1954b64605831079f4
functionalfeather.com/0/ 		301 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/0/4b943f1e892c6856ba4e0ee87590a6936f6a1954b64605831079f4
Requested by
Host: functionalfeather.com
URL: https://functionalfeather.com/chunks/c58d18b3b4993393a2e9c50ba277842087f6c6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
c3c05707d186d8fd07bbab644560b59e89342d55427210b3cc25f055b83b17ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-hostname
fen-hoothoot-us-central1-test-z21h
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 11 Jan 2024 17:48:11 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		92 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=97f01ead-4653-47f1-b2a4-de53630b3547&iiqpciddate=1704995292303&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=661_1704995292303&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=www.bleepingcomputer.com&japbjs=true&japs=false
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.174.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-174-91.mia3.r.cloudfront.net
Software
/
Resource Hash
a58f15789e19bd759c2869912cf304895a6efebb6545285f39be7282efd8f943

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
via
1.1 af9b5a8e96971e0d2d7c6fed1b8873b2.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-methods
POST, GET
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
xZfgCgro_sNxi-t9NDHyOelcC4VoH3--WBhEC66dy74kWurfd8aPuQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=347314&iiqidtype=2&iiqpcid=97f01ead-4653-47f1-b2a4-de53630b3547&iiqpciddate=1704995292303&tsr...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=347314&iiqidtype=2&iiqpcid=97f01ead-4653-47f1-b2a4-de53630b3547&iiqpciddate=1704995292303&ts...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=347314&iiqidtype=2&iiqpcid=97f01ead-4653-47f1-b2a4-de53630b3547&iiqpciddate=1704995292303&tsrnd=525_1704995292304&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=FFcbJQcctd&nc=false&trid=1631195540
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
18.239.225.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-225-7.mia3.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 e763a229a66d7c303966816658a2f986.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P8
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
brVJjpWYfZiuC0l8FdMBaKfsJDdjGHEDFBxA1LJDAbAFFxFAgqxLMA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 e763a229a66d7c303966816658a2f986.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=347314&iiqidtype=2&iiqpcid=97f01ead-4653-47f1-b2a4-de53630b3547&iiqpciddate=1704995292303&tsrnd=525_1704995292304&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=FFcbJQcctd&nc=false&trid=1631195540
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
MMubW-msiRBqwCbeQRGRq2UzLkTczuXB0n8iRvViEPqOE4rrlf2dBw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
insights.bin
ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/59e9e597-f604-48fe-a820-4dfb58ab0659/ Frame 8EA9 		0
0
insights.bin
ins.connatix.com/737a22fc7c5afb523946183df66f63f4/ Frame 8EA9 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1
  • https://cks.connatix.com/cks?pid=17&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Index&api-tier=2&uid=ZaAp.4kmNvbmyzCr7hNeGQAA%261252
139 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Index&api-tier=2&uid=ZaAp.4kmNvbmyzCr7hNeGQAA%261252
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d7c7931a82954c6093d8c0f8ad52c5d003740d947e5ad0d9a26c478b155094

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:44 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efe078cb038e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZLky2su%2Fcwe3Ws5IpJesx7VR0zLhlYXgdUWufID0VucOBz3QvhNDvg5xRl%2B9Z2Qw2hRNKoUGFpBSp6TD50sDzUZ%2B5nWPKCOksP104MWcQjJRE6luUfuiYlmYOJPl4YtHf49pLCs"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cks.connatix.com/cks?pid=17&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Index&api-tier=2&uid=ZaAp.4kmNvbmyzCr7hNeGQAA%261252
cache-control
no-cache
cf-ray
843efe072dc0a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Beeswax&api-tier=2&uid=AACVf07LQFQAABPIwTSZ5g&gdpr=0
132 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Beeswax&api-tier=2&uid=AACVf07LQFQAABPIwTSZ5g&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e4b57fee0e36a0fd80e8836284f53bbb5c143f247c4702146b1a25da9f905f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:44 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efe09380938e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Beeswax&api-tier=2&uid=AACVf07LQFQAABPIwTSZ5g&gdpr=0
Date
Thu, 11 Jan 2024 17:48:44 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=138f948b-8a30-4e0d-950b-1c32400031db&ttl=1707587292
146 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=138f948b-8a30-4e0d-950b-1c32400031db&ttl=1707587292
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49341ae4918f989cbb9f7803a89f34f42bbe30973f1d09bdb3493ddf55b12f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd45bcfea222-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=138f948b-8a30-4e0d-950b-1c32400031db&ttl=1707587292
date
Thu, 11 Jan 2024 17:48:12 GMT
server
Kestrel
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Amobee&api-tier=2&uid=7015515884507246864
129 B
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Amobee&api-tier=2&uid=7015515884507246864
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fc0af52e0f57747801c9fce52c542111088c8c9777cdd47eecd2e4c2d65d2b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd43ea1ba222-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Amobee&api-tier=2&uid=7015515884507246864
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DTripleLift%26api-tier%3D2%26uid%...
  • https://cks.connatix.com/cks?pid=25&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=TripleLift&api-tier=2&uid=1659511742632576896244
132 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=TripleLift&api-tier=2&uid=1659511742632576896244
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483355a69c608e93ad24b1ad80d3df5ada39f0b3c919ada3bf13c116f38ac7da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd5c6baa38e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=TripleLift&api-tier=2&uid=1659511742632576896244
date
Thu, 11 Jan 2024 17:48:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D46a0c9ae7afa44739d3ed7a9bacd8f25%2526pname%253DAppNexus%2526api-tier%253D2%2526uid%...
  • https://cks.connatix.com/cks?pid=6&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=AppNexus&api-tier=2&uid=9107686382435366279=&gdpr=0
129 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=AppNexus&api-tier=2&uid=9107686382435366279=&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2a1dec8ebeb25490d007c4d2996ed6102573ef452cc86dc75353d1ec0e3a41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:28 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efda6fd3a38e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
an-x-request-uuid
98268e9a-b08e-458c-aeb6-e50536d1bb32
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=AppNexus&api-tier=2&uid=9107686382435366279=&gdpr=0
x-proxy-origin
86.48.15.157; 86.48.15.157; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
capi.connatix.com/us/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&cb=1704995294202
  • https://ad.turn.com/r/cs?pid=45&rndcb=8169231287
  • https://sync.1rx.io/usersync/turn/7015515884507246864?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005%26pI...
  • https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd4feba87118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
date
Thu, 11 Jan 2024 17:48:14 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXccca562f4c954b60af7b70eceecab7c0005
content-type
text/html
pixel
capi.connatix.com/us/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null
  • https://capi.connatix.com/us/pixel?puid=1693987427671510040&pId=40&gdpr=0&gdpr_consent=
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=1693987427671510040&pId=40&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd514e297118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=1693987427671510040&pId=40&gdpr=0&gdpr_consent=
date
Thu, 11 Jan 2024 17:48:14 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame 154A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 17:48:16 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 11 Jan 2024 17:48:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
server
AkamaiGHost
/
hde.tynt.com/deb/ Frame EDB1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerN...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_3...
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1d03979ff535f8dd6adb4ba8ddc894d78907ed45031e078c2caf5d34338c80d0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1711
content-type
text/html
date
Thu, 11 Jan 2024 17:48:12 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 11 Jan 2024 17:48:12 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C4ED 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122250
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 11 Jan 2024 17:48:13 GMT
expires
Sat, 13 Jan 2024 03:45:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=PulsePoint&api-tier=2&uid=isAvePNEAFDv
122 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=PulsePoint&api-tier=2&uid=isAvePNEAFDv
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7770a49531cec967fd45e976e08174a12fa2d42544cfb017f4373bcc41266b82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:46 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efe172e5738e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://cks.connatix.com/cks?pid=13&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=PulsePoint&api-tier=2&uid=isAvePNEAFDv
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-jfjpv
expires
-1
cm
i.ctnsnet.com/int/ 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=LoopMe&api-tier=2&uid=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&pubid=11186&gdpr=0
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=LoopMe&api-tier=2&uid=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&pubid=11186&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047cb5f8f72e6e81f721ddfb126d8a44fbda19b37edfa45d7680e1e00cb423b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:23 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd88686c38e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=LoopMe&api-tier=2&uid=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&pubid=11186&gdpr=0
date
Thu, 11 Jan 2024 17:48:23 GMT
server
_
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=YieldMo&api-tier=2&uid=VEF7sqqnn7qb8OH3EekL&gdpr=0
130 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=YieldMo&api-tier=2&uid=VEF7sqqnn7qb8OH3EekL&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2386601c167c213ca793afa2b8e27eb95e2c0ae083c95185b41ca4af1e3b347

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd62281e38e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=YieldMo&api-tier=2&uid=VEF7sqqnn7qb8OH3EekL&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=46a0c9ae7afa44739d3ed7a9bacd8f25&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Telaria&api-tier=2&uid=80607689d5304054a4ca1613b2e4fdb9
141 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Telaria&api-tier=2&uid=80607689d5304054a4ca1613b2e4fdb9
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cec64f6b030e332b9d358a6f6196c8d1f387aa516dbf95d29cd7509776022e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:34 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efdcdaec338e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Telaria&api-tier=2&uid=80607689d5304054a4ca1613b2e4fdb9
date
Thu, 11 Jan 2024 17:48:34 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=c49495f9991e88aeb616a9625e85cb39&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=c49495f9991e88aeb616a9625e85cb39&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efdb40f167118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=c49495f9991e88aeb616a9625e85cb39&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704995310683040-308
sync-iframe
cs-server-s2s.yellowblue.io/ Frame B60A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
24a79456bdb426127f89fc99d705236c33c7e54d70a58d0a434445f4ba92b02b

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.bleepingcomputer.com/
content-type
text/html
date
Thu, 11 Jan 2024 17:48:13 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync.min.js
tags.crwdcntrl.net/lt/c/17331/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.87.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-87-78.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:00:09 GMT
content-encoding
gzip
via
1.1 fae059afbeac18143c8bf2780b8d7052.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 10:55:10 GMT
server
AmazonS3
x-amz-cf-pop
MIA3-C1
age
24516
x-amz-server-side-encryption
AES256
etag
W/"24dc2bbea0cff17e96e133440043ddb8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Di7s-yWDUERWm8pZnYO8pYIw55OlylHAwMmum9QXDZ1ub2rryV74kw==
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=SundaySky&api-tier=2&uid=d6.3a423d9d15914479b103dbb2981c7ed6
144 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=SundaySky&api-tier=2&uid=d6.3a423d9d15914479b103dbb2981c7ed6
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2bde4aed9f263d00f47756391f02b34995a80dd79b93e26ddbc5317910744ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:34 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efdcdef2d38e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=SundaySky&api-tier=2&uid=d6.3a423d9d15914479b103dbb2981c7ed6
date
Thu, 11 Jan 2024 17:48:34 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=ResetDigital&api-tier=2&uid=00000128123BA352
126 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=ResetDigital&api-tier=2&uid=00000128123BA352
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8f4b58094b9315a22a444e36163f291be4f2f63514fe0a5dd4107e1aaab4bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:27 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efda109aa38e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=ResetDigital&api-tier=2&uid=00000128123BA352
date
Thu, 11 Jan 2024 17:48:27 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Sonobi&api-tier=2&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Sonobi&api-tier=2&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fdf52c64d6574cbec494064f827750defb0db77f1f5f4ea568bd45629006278

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efe0da92d38e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:45 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-127
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cks.connatix.com/cks?pid=43&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=Sonobi&api-tier=2&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=WIMKYDH0&gdpr=0&gdpr_consent=null&redirectUri=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d45%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3...
  • https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0&gdpr_consent=null
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0&gdpr_consent=null
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f89bf445339a7cc03f7e840a20cfeb41dc537fd8bc5b3437dd1cf72cdd987e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:45 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efe0f3c7738e4-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=45&pname=Sharethrough&api-tier=1&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0&gdpr_consent=null
date
Thu, 11 Jan 2024 17:48:45 GMT
content-length
0
psync
xsync.iqzone.com/ 		42 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.234.204.77 Edison, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:28 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,PUT,HEAD,DELETE,OPTIONS, GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Access-Control-Allow-Headers
content-Type,x-requested-with, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
generic
sync.ipredictive.com/d/sync/cookie/ 		0
0
cm
us-u.openx.net/w/1.0/ Frame 8EA9 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
us
capi.connatix.com/core/ Frame 8EA9
Redirect Chain
  • https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DMediaNet%26tier...
  • https://capi.connatix.com/core/us?DemandPartner=31&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3479968939030167000V10
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=31&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3479968939030167000V10
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efdb4a84a7118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:30 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://capi.connatix.com/core/us?DemandPartner=31&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=MediaNet&tier=2&DemandPartnerUserId=3479968939030167000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Thu, 11 Jan 2024 17:48:30 GMT
712202.gif
id.rlcdn.com/ Frame 8EA9 		0
0
report
capi.connatix.com/us/google/ Frame 8EA9
Redirect Chain
  • https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NDZhMGM5YWU3YWZhNDQ3MzlkM2VkN2E5YmFjZDhmMjU&extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0&google_redir=https%3a%2f%2fcapi.connatix....
  • https://cm.g.doubleclick.net/pixel?google_nid=connatix&google_hm=NDZhMGM5YWU3YWZhNDQ3MzlkM2VkN2E5YmFjZDhmMjU&extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0&google_redir=https%3A%2F%2Fcapi.connatix....
  • https://capi.connatix.com/us/google/report?extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/google/report?extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd42e83e7118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://capi.connatix.com/us/google/report?extra1=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1a1c07e870d45c05896c3f9e9973d4b4.gif
sync.colossusssp.com/ Frame 8EA9 		0
0
/
tag.escalated.io/ 		72 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.131.10.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-10-225.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5be1b370c7bbd106b2ce45c855c570c80b493896aa5cf8958fb8392f3b0fc151

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Sep 2023 15:12:11 GMT
Server
nginx
ETag
W/"6501d14b-1207a"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
3f824269133ed9e0f1db010b8111783634a10868b7daa2d6137afa
functionalfeather.com/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/3f824269133ed9e0f1db010b8111783634a10868b7daa2d6137afa
Requested by
Host: functionalfeather.com
URL: https://functionalfeather.com/chunks/c58d18b3b4993393a2e9c50ba277842087f6c6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.189.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.189.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 11 Jan 2024 17:48:12 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-hostname
fen-hoothoot-us-central1-test-z21h
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 11 Jan 2024 17:48:11 GMT
0ab198dd-b265-462a-ae36-74e163ad6159
config.aps.amazon-adsystem.com/configs/ 		564 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.162.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-162-92.mia3.r.cloudfront.net
Software
CloudFront /
Resource Hash
8a30d7f7abbc1036b2f87d49840af70ac7aa6aa2f62a6553edfa849bc2661714

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:24:07 GMT
via
1.1 b071197ca0cdda2953c667503cd2c778.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MIA3-P3
age
1461
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
EQ-fmJ2NGEMTMgEZsDQq8Sz8hX3vkpGpUxW3ja0UAQ9d5Uyfdw6hUg==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.168.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-168-203.mia3.r.cloudfront.net
Software
Server /
Resource Hash
0eda13bf855220cdec6aaace454f32733f52fcac0bacb575e459b5b081ee9c52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:19:42 GMT
via
1.1 b2d81f0349dd7259d5dfb1b35b379c6c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P3
age
5309
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1054
x-amz-cf-id
cSsoUE_MjNHgbu7ClrLajEpB-aaUQGyXSlNSZQUUeDrdtGdjLztwCQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.168.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-168-203.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 01:45:38 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a601a63bdb6641d664907b6d126e2906.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P3
age
57762
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
FVgUwffXsjDbO6c9Z1sCbyuqtjU6fcgRvAIswM1_t-FG3-28NRPHBA==
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
0018a1cfecc3338c4606d88e26d4fb8ee1b75e46afd4ded845ccc508d3e8a78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56252
x-xss-protection
0
server
cafe
etag
7025732521393332010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:12 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.43.238.38 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-238-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:27 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 11 Jan 2024 18:03:27 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
4HQPM7SPD5AD0NTN
age
1712
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
843efda14ffe39e4-YYZ
x-amz-id-2
TCMIlurN36aevV2k6eQFcYQqK5O20NB6ihWD0UVNBzxUgfC4eqUXfO0YfSDQd6grTtBhmXd20O4=
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 0B84 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
47564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 04:35:28 GMT
etag
9219409622527106327
expires
Thu, 25 Jan 2024 04:35:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 0E62 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Apr 2024 18:02:45 GMT
css
fonts.googleapis.com/ Frame 0E62 		8 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 17:25:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 17:48:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0E62 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
e9e356ec41155b008235c83648cb19be.js
www.gstatic.com/mysidia/ Frame 0E62 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9775
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 01:55:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Apr 2024 18:20:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 0E62 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0E62 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 0E62 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0E62 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:13 GMT
css2
fonts.googleapis.com/ Frame 0B84 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 17:13:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 17:48:12 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0B84 		205 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 15:28:37 GMT
x-content-type-options
nosniff
age
8375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 Jan 2025 15:28:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0B84 		604 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:46:18 GMT
x-content-type-options
nosniff
age
114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 10 Jan 2025 17:46:18 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0B84 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
67383
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:05:09 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0B84 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
67533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:39 GMT
map
bcp.crwdcntrl.net/6/ 		156 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5cea85aed8d98be932532d3523408134ebd08d4e4dd2cbb7c7b052d69e667558

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
x-server
10.40.50.126
access-control-allow-credentials
true
content-length
156
expires
0
14763004658117789537
tpc.googlesyndication.com/simgad/12143348803553361586/ Frame 0E62 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12143348803553361586/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
8c213b0433668a3ae68c1bcd57701995f898bd71659e7d9cc2de9c24deccc763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 08:52:30 GMT
date
Tue, 09 Jan 2024 08:52:30 GMT
x-content-type-options
nosniff
age
204942
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83772
x-xss-protection
0
last-modified
Sun, 07 May 2023 23:11:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/13082891081201222343/ Frame 0E62 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13082891081201222343/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
55624974ea2688b420c9461696f4190f38766674a6a2abfd5e16382847782e35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 11:52:47 GMT
date
Wed, 10 Jan 2024 11:52:47 GMT
x-content-type-options
nosniff
age
107725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24798
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 04:35:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/3032734376342773023/ Frame 0E62 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3032734376342773023/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
cf96848fa9b432bf0ec267c2a614e25174dc8af4a39e6ab5ab654ab22227bd6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 17:57:33 GMT
date
Tue, 09 Jan 2024 17:57:33 GMT
x-content-type-options
nosniff
age
172239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50743
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 19:22:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/16297667146391378119/ Frame 0E62 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16297667146391378119/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
2c14d5026837184e44692d6968e77f376350a3931135d3e905126cbfd7fd4763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 14:34:19 GMT
date
Wed, 10 Jan 2024 14:34:19 GMT
x-content-type-options
nosniff
age
98033
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185077
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:41:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/6257773464069670387/ Frame 0E62 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6257773464069670387/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
471d2c3e827b60f7c780d6baa69020576dd69a51041eea876c8e9ef7913720c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 00:28:12 GMT
date
Wed, 10 Jan 2024 00:28:12 GMT
x-content-type-options
nosniff
age
148800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219019
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:29:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/13699000866183027291/ Frame 0E62 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13699000866183027291/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
d0baf2fda134682e4f9accf13a7ef20a35f7797afbd9fcc2117bea4e07d934e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 11 Jan 2024 17:48:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56440
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 22:01:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Jan 2025 17:48:12 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1164144546980221857/ Frame 0E62 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1164144546980221857/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
3cb2dccfaf1a0f59709c76703bfb2b54c4a7eacd417d478fe4273c73d573b265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 11 Jan 2024 17:48:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177414
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 19:22:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Jan 2025 17:48:12 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/16855757160522305707/ Frame 0E62 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16855757160522305707/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=3369365541&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1704990948&rafmt=9&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704995291686&bpp=4&bdt=395&idt=289&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4854219360770&frm=20&pv=2&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31080264%2C95320868&oid=2&pvsid=515868369306182&tmod=1477177755&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
6cdf3d5e98f778d116d2a9be4de6eff15c99166149e85ddc15e21ba44be0dbcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 11 Jan 2024 17:48:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57912
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 09:44:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Jan 2025 17:48:12 GMT
json
gum.criteo.com/sid/ Frame 		0
0
json
gum.criteo.com/sid/ 		0
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f551ce3f3162a0db0deb76fddc8517a1fff2cd332317326e68d60a134feb29

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
843efd4abb843972-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rid
match.adsrvr.org/track/ 		109 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2cad75bcadab41aa256dfadac5f7fb293a6c3a73ccdf7f48ecb06017c8833144

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 10 Feb 2024 17:48:12 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.166 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:29 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 18 Jan 2024 17:48:29 GMT
load.js
s.ntv.io/serve/ 		654 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.194.228.145 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-194-228-145.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a1d3706fff682b407df7e0ad01ba328b3d9ccca2c6e7c6502c0dd77e0d573966

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:31 GMT
Content-Encoding
gzip
x-amz-request-id
7YG2Y172Y2QGX291
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/mvAmuU9bgIBJHLqS6vaNj8iZpy6lh7r7+rQsOV/qBQ6f796uxl6HOAXggpdZrsXYzDSH0hE6rs=
Last-Modified
Thu, 11 Jan 2024 03:30:03 GMT
Server
AmazonS3
ETag
"667406293f6bae94693476375c54f839"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
bid
aax.amazon-adsystem.com/e/dtb/ 		273 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&pid=n9mNPbtKxe0HM&cb=0&ws=1600x1200&v=23.1211.1645&t=518&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%221x1%22%2C%22300x50%22%2C%22320x50%22%2C%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%22300x100%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.96.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-96-211.mia3.r.cloudfront.net
Software
Server /
Resource Hash
33ecb511db9e2443b8429c7679838882d6ed0c6468204fe46b0535dd34d87899
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 137c4ac061d7fd8e01a6565b9349fdd6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P5
x-amz-rid
YATFZH2APACHAJ2NBA96
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
273
x-amz-cf-id
-Chn-9KfriUSoyNcEBd_wFwAreqdEE90bMTZ6-eLKZXVFCWsDEOD-Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&pid=n9mNPbtKxe0HM&cb=1&ws=1600x1200&v=23.1211.1645&t=518&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22554x312%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22554x312%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.96.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-96-211.mia3.r.cloudfront.net
Software
Server /
Resource Hash
6a20c3f487a7b757f8cdca8b5a6f2b516756fab40edb5c7486270cc010a99358
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 137c4ac061d7fd8e01a6565b9349fdd6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P5
x-amz-rid
YDMYCXGYPMMG2C4XG23N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2884
x-amz-cf-id
X57sg38VGvBafVvPZf1g-yGKTNIbGIJuEU_H6BPhIqRBEjzphiD2mQ==
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2021
x-guploader-uploadid
ABPtcPq46hqotFe0lY8MGQ1sj8eOXfek4FF9NJp5M5glEz-GcjBSwHWoS1ipILhVSzEz9lGByGQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation
1599584677716817
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
cf-ray
843efd446e4336d1-YYZ
expires
Thu, 11 Jan 2024 18:48:12 GMT
analytics.min.js
a.pub.network/core/analytics/1.2.5/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74041
x-guploader-uploadid
ABPtcPoR9DkFdblhOQcIhJAP-Ngr39KI_-IdbE-En492XehAsT7UyiqLD6cg_ffugO1etquiZ6U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 04 Oct 2023 16:03:51 GMT
server
cloudflare
etag
W/"defe674f4bb712938099078798b0a1bc"
vary
Accept-Encoding
x-goog-hash
crc32c=JGNbPw==, md5=3v5nT0u3EpOAmQeHmLChvA==
x-goog-generation
1696435431727744
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
13192
cf-ray
843efd446e5b36d1-YYZ
expires
Thu, 11 Jan 2024 18:48:12 GMT
usync.html
eus.rubiconproject.com/ Frame 6D81
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 17:48:16 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 11 Jan 2024 17:48:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD67
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995292828.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122250
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 11 Jan 2024 17:48:13 GMT
expires
Sat, 13 Jan 2024 03:45:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 17:48:12 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP020
x-33x-status
40000000008200000A
us
capi.connatix.com/core/ Frame EDB1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1704995292828.&ri=0015a00002y7TWTAA2&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0...
  • https://capi.connatix.com/core/us?DemandPartner=37&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=_33Across&tier=2&DemandPartnerUserId=212416160174736
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=37&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=_33Across&tier=2&DemandPartnerUserId=212416160174736
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd44acdd7118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:12 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://capi.connatix.com/core/us?DemandPartner=37&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=_33Across&tier=2&DemandPartnerUserId=212416160174736
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame EDB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthe33across%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a3e064a2-744e-530b-90de-7274f57e5ba9&ssp=the33across&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=243ab276-5ae4-4fe2-ab14-44d4a1348492
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=243ab276-5ae4-4fe2-ab14-44d4a1348492&ts=1704995293&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=243ab276-5ae4-4fe2-ab14-44d4a1348492&ts=1704995293&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:13 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=243ab276-5ae4-4fe2-ab14-44d4a1348492&ts=1704995293&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame EDB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true&verify=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-qQc0gidE2uF.7QM44W9oEC9GksyEIGlq~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-qQc0gidE2uF.7QM44W9oEC9GksyEIGlq%7EA&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-qQc0gidE2uF.7QM44W9oEC9GksyEIGlq%7EA&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:27 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-qQc0gidE2uF.7QM44W9oEC9GksyEIGlq%7EA&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
current
33across-match.dotomi.com/match/bounce/ Frame EDB1 		0
0
match
events-ssc.33across.com/ Frame EDB1
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=1659511742632576896244
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1659511742632576896244&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1659511742632576896244&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1659511742632576896244&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
css
fonts.googleapis.com/ Frame B500 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.95 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 16:31:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 17:48:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B500 		2 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame B500 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CF36 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:01:45 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B500 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B500 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B500 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:13 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame B500 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 21:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Apr 2024 21:26:51 GMT
us
capi.connatix.com/core/ Frame 8EA9 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd44bc3139f5-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
si
googleads.g.doubleclick.net/pagead/drt/ Frame CF36
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:13 GMT
expires
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:12 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hadronid
id.hadron.ad.gt/api/v1/ 		54 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
Content-Type; text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
content-length
55794
cf-ray
843efdb66bc0a208-YYZ
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
cookie_sync
s2s.t13.io/ 		2 KB
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1935a6708f5c1899fdacd54dca1550f2a2477d1eac6a470bf1f710690cda2625

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
674
expires
0
auction
s2s.t13.io/openrtb2/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
cdb
bidder.criteo.com/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
translator
hbopenbid.pubmatic.com/ 		23 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b4c1fe8cd89ab270efbc0050631a2ddaa761834d102cb53a04ff788b0f5c78a4

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:12 GMT
content-encoding
gzip
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
prebid
prebid.media.net/rtb/ 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C4ED 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30085728&p=156592&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7079373474cfa2f6aa159181a4895296e0ca6c233aa3db6b954a6b0b2da18b5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
us
capi.connatix.com/core/ Frame 8EA9 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd45eed239f5-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
iu3
s.amazon-adsystem.com/ Frame 2F6B 		0
0
truncated
/ Frame 0E62 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
402ed8b113fb611ba49968305f66e1fd5d6cef15c1149e3d677653b59d5bf9f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0E62 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:59:13 GMT
x-content-type-options
nosniff
age
118140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:59:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0E62 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:01:39 GMT
x-content-type-options
nosniff
age
117994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:01:39 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0E62 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:54:08 GMT
x-content-type-options
nosniff
age
118445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:54:08 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CGDeS3CmgZcb9AYXFrr4P9MCliA6X6aeUdduftvSREuiOyILcCBABIMeD_AEoCGD9oJmB6AOgAf6XiJ8DyAEGqAMByAMCqgTdAk_QJ1wuzj35s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZh...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xef5127df4cccf8930000000000000000%22,%222%22:%220xda74707d048eae680000000000000000%22,%223%22:%220x77d15d...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xef5127df4cccf8930000000000000000%22,%222%22:%220xda74707d048eae680000000000000000%22,%223%22:%220x77d15d3889d3e2520000000000000000%22,%224%22:%220xf4337813ff32a6880000000000000000%22,%225%22:%220xb4aef92930f493910000000000000000%22},%22debug_key%22:%2217661735414640202332%22,%22debug_reporting%22:true,%22destination%22:%22https://cynet.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22870452222%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211184886640279445473%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xef5127df4cccf8930000000000000000","2":"0xda74707d048eae680000000000000000","3":"0x77d15d3889d3e2520000000000000000","4":"0xf4337813ff32a6880000000000000000","5":"0xb4aef92930f493910000000000000000"},"debug_key":"17661735414640202332","debug_reporting":true,"destination":"https://cynet.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["870452222"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"11184886640279445473"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xef5127df4cccf8930000000000000000","2":"0xda74707d048eae680000000000000000","3":"0x77d15d3889d3e2520000000000000000","4":"0xf4337813ff32a6880000000000000000","5":"0xb4aef92930f493910000000000000000"},"debug_key":"17661735414640202332","debug_reporting":true,"destination":"https://cynet.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["870452222"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"11184886640279445473"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKDVd3CmgZcb9AYXFrr4P9MCliA7qzf6rZvSVm5KjD4r8_MrZDRACIMeD_AEoCGD9oJmB6AOgAYXO7cICyAEGqQJC8dk2Et1JPqgDAcgDAqoE3gJP0Fo7tZokw4owGfjI1qe2E71qnW3DMMF...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfc600f4b526b809f0000000000000000%22,%222%22:%220x92f610b573f295bd0000000000000000%22,%223%22:%220x788a36...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfc600f4b526b809f0000000000000000%22,%222%22:%220x92f610b573f295bd0000000000000000%22,%223%22:%220x788a3674ebe885c70000000000000000%22,%224%22:%220x23e796e5427a80cd0000000000000000%22,%225%22:%220x6afbda786b86964a0000000000000000%22},%22debug_key%22:%2210065837031781339065%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22677078789%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22666395034222913713%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xfc600f4b526b809f0000000000000000","2":"0x92f610b573f295bd0000000000000000","3":"0x788a3674ebe885c70000000000000000","4":"0x23e796e5427a80cd0000000000000000","5":"0x6afbda786b86964a0000000000000000"},"debug_key":"10065837031781339065","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["677078789"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"666395034222913713"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfc600f4b526b809f0000000000000000","2":"0x92f610b573f295bd0000000000000000","3":"0x788a3674ebe885c70000000000000000","4":"0x23e796e5427a80cd0000000000000000","5":"0x6afbda786b86964a0000000000000000"},"debug_key":"10065837031781339065","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["677078789"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"666395034222913713"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CCAo13CmgZcb9AYXFrr4P9MCliA6Tl4nxdOqYqpmHEr_1xPGvDxADIMeD_AEoCGD9oJmB6AOgAciy8vACyAEGqAMByAMCqgThAk_QEzFgzj_5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZh...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x199c79956f957c190000000000000000%22,%222%22:%220x498eec80fb576d6c0000000000000000%22,%223%22:%220xd74a6d...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x199c79956f957c190000000000000000%22,%222%22:%220x498eec80fb576d6c0000000000000000%22,%223%22:%220xd74a6d5e6adcb6290000000000000000%22,%224%22:%220x6d99959ecb18b11c0000000000000000%22,%225%22:%220x32cb4f51484bf7ac0000000000000000%22},%22debug_key%22:%223184347219651403443%22,%22debug_reporting%22:true,%22destination%22:%22https://getconsumerchoice.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773626184%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222332558389369514433%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x199c79956f957c190000000000000000","2":"0x498eec80fb576d6c0000000000000000","3":"0xd74a6d5e6adcb6290000000000000000","4":"0x6d99959ecb18b11c0000000000000000","5":"0x32cb4f51484bf7ac0000000000000000"},"debug_key":"3184347219651403443","debug_reporting":true,"destination":"https://getconsumerchoice.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773626184"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"2332558389369514433"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x199c79956f957c190000000000000000","2":"0x498eec80fb576d6c0000000000000000","3":"0xd74a6d5e6adcb6290000000000000000","4":"0x6d99959ecb18b11c0000000000000000","5":"0x32cb4f51484bf7ac0000000000000000"},"debug_key":"3184347219651403443","debug_reporting":true,"destination":"https://getconsumerchoice.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["773626184"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"2332558389369514433"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CImMa3CmgZcb9AYXFrr4P9MCliA7-9dKldYiI6ea8EtzZHhAEIMeD_AEoCGD9oJmB6AOgAcbw6M8DyAEGqAMByAMCqgTcAk_QbBl9zjn5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4I...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x29a18871b9250cd10000000000000000%22,%222%22:%220xdbc78b193fd79f460000000000000000%22,%223%22:%220x334084...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x29a18871b9250cd10000000000000000%22,%222%22:%220xdbc78b193fd79f460000000000000000%22,%223%22:%220x334084eba39b0cc10000000000000000%22,%224%22:%220x78d2d0001d2a2b6c0000000000000000%22,%225%22:%220x2218202b76ef9e180000000000000000%22},%22debug_key%22:%2217119923229865807664%22,%22debug_reporting%22:true,%22destination%22:%22https://bluescape.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972699718%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226182099742007446193%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x29a18871b9250cd10000000000000000","2":"0xdbc78b193fd79f460000000000000000","3":"0x334084eba39b0cc10000000000000000","4":"0x78d2d0001d2a2b6c0000000000000000","5":"0x2218202b76ef9e180000000000000000"},"debug_key":"17119923229865807664","debug_reporting":true,"destination":"https://bluescape.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972699718"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6182099742007446193"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x29a18871b9250cd10000000000000000","2":"0xdbc78b193fd79f460000000000000000","3":"0x334084eba39b0cc10000000000000000","4":"0x78d2d0001d2a2b6c0000000000000000","5":"0x2218202b76ef9e180000000000000000"},"debug_key":"17119923229865807664","debug_reporting":true,"destination":"https://bluescape.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972699718"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6182099742007446193"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ck3G53CmgZcb9AYXFrr4P9MCliA7OieX6c5zT0d6GEY-9nt6SDhAFIMeD_AEoCGD9oJmB6AOgAbz7hO8DyAEGqQJojtwVwh-pPqgDAcgDAqoE3AJP0BIEYs44-bODquGn1qfvX7NjnXjaN8h...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x735eabb172b263ba0000000000000000%22,%222%22:%220xa87da0a7a86e1dca0000000000000000%22,%223%22:%220xd854f2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x735eabb172b263ba0000000000000000%22,%222%22:%220xa87da0a7a86e1dca0000000000000000%22,%223%22:%220xd854f2446940a1f40000000000000000%22,%224%22:%220x9c4a70c0bb1966d00000000000000000%22,%225%22:%220x6e705b85e61fc9a20000000000000000%22},%22debug_key%22:%2215805324081394677614%22,%22debug_reporting%22:true,%22destination%22:%22https://taxpayer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221038171580%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226268665263466326673%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x735eabb172b263ba0000000000000000","2":"0xa87da0a7a86e1dca0000000000000000","3":"0xd854f2446940a1f40000000000000000","4":"0x9c4a70c0bb1966d00000000000000000","5":"0x6e705b85e61fc9a20000000000000000"},"debug_key":"15805324081394677614","debug_reporting":true,"destination":"https://taxpayer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1038171580"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6268665263466326673"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x735eabb172b263ba0000000000000000","2":"0xa87da0a7a86e1dca0000000000000000","3":"0xd854f2446940a1f40000000000000000","4":"0x9c4a70c0bb1966d00000000000000000","5":"0x6e705b85e61fc9a20000000000000000"},"debug_key":"15805324081394677614","debug_reporting":true,"destination":"https://taxpayer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1038171580"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6268665263466326673"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQ3el3CmgZcb9AYXFrr4P9MCliA7D5o7HdOz07a6UEdzZHhAGIMeD_AEoCGD9oJmB6AOgAbPoi8QoyAEGqAMByAMCqgTgAk_QZAtzzjr5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4I...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf9a3d9124babf2bd0000000000000000%22,%222%22:%220x4850fe81694f1e7e0000000000000000%22,%223%22:%220x76cf6a...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf9a3d9124babf2bd0000000000000000%22,%222%22:%220x4850fe81694f1e7e0000000000000000%22,%223%22:%220x76cf6ab84dafec6d0000000000000000%22,%224%22:%220xad1115f6d5f83960000000000000000%22,%225%22:%220xc8fe94376fd2872d0000000000000000%22},%22debug_key%22:%2216194911444297934710%22,%22debug_reporting%22:true,%22destination%22:%22https://schrodinger.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880218163%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212286350631410063617%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xf9a3d9124babf2bd0000000000000000","2":"0x4850fe81694f1e7e0000000000000000","3":"0x76cf6ab84dafec6d0000000000000000","4":"0xad1115f6d5f83960000000000000000","5":"0xc8fe94376fd2872d0000000000000000"},"debug_key":"16194911444297934710","debug_reporting":true,"destination":"https://schrodinger.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10880218163"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"12286350631410063617"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf9a3d9124babf2bd0000000000000000","2":"0x4850fe81694f1e7e0000000000000000","3":"0x76cf6ab84dafec6d0000000000000000","4":"0xad1115f6d5f83960000000000000000","5":"0xc8fe94376fd2872d0000000000000000"},"debug_key":"16194911444297934710","debug_reporting":true,"destination":"https://schrodinger.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10880218163"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"12286350631410063617"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C8MIh3CmgZcb9AYXFrr4P9MCliA7x19mQdYGNk9bwDdzZHhAHIMeD_AEoCGD9oJmB6AOgAf3w0sgDyAEGqAMByAMCqgTcAk_QKAxizjv5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4I...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xacf57c0f9f5c4720000000000000000%22,%222%22:%220x4f2ec3201ebb0cd60000000000000000%22,%223%22:%220x34795ee...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xacf57c0f9f5c4720000000000000000%22,%222%22:%220x4f2ec3201ebb0cd60000000000000000%22,%223%22:%220x34795eeffd756d220000000000000000%22,%224%22:%220x6365eed8330a23b30000000000000000%22,%225%22:%220x72503f9dc3cfeea80000000000000000%22},%22debug_key%22:%221003504921086942426%22,%22debug_reporting%22:true,%22destination%22:%22https://tek.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22957659261%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221988174952176124257%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xacf57c0f9f5c4720000000000000000","2":"0x4f2ec3201ebb0cd60000000000000000","3":"0x34795eeffd756d220000000000000000","4":"0x6365eed8330a23b30000000000000000","5":"0x72503f9dc3cfeea80000000000000000"},"debug_key":"1003504921086942426","debug_reporting":true,"destination":"https://tek.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["957659261"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"1988174952176124257"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xacf57c0f9f5c4720000000000000000","2":"0x4f2ec3201ebb0cd60000000000000000","3":"0x34795eeffd756d220000000000000000","4":"0x6365eed8330a23b30000000000000000","5":"0x72503f9dc3cfeea80000000000000000"},"debug_key":"1003504921086942426","debug_reporting":true,"destination":"https://tek.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["957659261"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"1988174952176124257"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 0E62
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C1_yh3CmgZcb9AYXFrr4P9MCliA7ln-KWddualKymEtzZHhAIIMeD_AEoCGD9oJmB6AOgAZ3HlfopyAEGqAMByAMCqgTuAk_QYTVzzjT5s4Oq4afWp-9fs2OdeNo3yFjr5IGdasAodZhMN4I...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd01a8505653d4d250000000000000000%22,%222%22:%220x376ee0a0ed075de90000000000000000%22,%223%22:%220x2cdef9...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd01a8505653d4d250000000000000000%22,%222%22:%220x376ee0a0ed075de90000000000000000%22,%223%22:%220x2cdef98e31473ab00000000000000000%22,%224%22:%220x551730ff4953a37b0000000000000000%22,%225%22:%220x1d5d5e4450c93bef0000000000000000%22},%22debug_key%22:%2211332973063677519081%22,%22debug_reporting%22:true,%22destination%22:%22https://starshunt.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211262059421%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228273358258363429041%22}&andc=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd01a8505653d4d250000000000000000","2":"0x376ee0a0ed075de90000000000000000","3":"0x2cdef98e31473ab00000000000000000","4":"0x551730ff4953a37b0000000000000000","5":"0x1d5d5e4450c93bef0000000000000000"},"debug_key":"11332973063677519081","debug_reporting":true,"destination":"https://starshunt.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11262059421"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"8273358258363429041"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd01a8505653d4d250000000000000000","2":"0x376ee0a0ed075de90000000000000000","3":"0x2cdef98e31473ab00000000000000000","4":"0x551730ff4953a37b0000000000000000","5":"0x1d5d5e4450c93bef0000000000000000"},"debug_key":"11332973063677519081","debug_reporting":true,"destination":"https://starshunt.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11262059421"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"8273358258363429041"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame E361 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:50:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
165485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 19:50:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=515868369306182&correlator=4332117015235662&eid=31079925%2C31080290%2C31080328%2C95320512%2C31080117&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd1f2070a49ad6848%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaFtMqY9OWy2WmADKZwuY4ne5b2oA&gpic=UID%3D00000db65bbc46a7%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaUJUPsLNYyi8sk9qxODpF-8vPJfA&abxe=1&dt=1704995293385&lmt=1704990948&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7oiOzc8xSABSAghkEhkKCnB1YmNpZC5vcmcY7oiOzc8xSABSAghkEhcKCHJ0YmhvdXNlGO6Ijs3PMUgAUgIIZBIUCgVvcGVueBjuiI7NzzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO6Ijs3PMUgAUgIIZA..&dlt=1704995291291&idt=952&prev_scp=fsrebid%3D0%26fs_uuid%3D14ab97ff-d3de-494b-bc69-402656440d80%26floors_id%3De2b310%26floors_hour%3D17%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout&cust_params=fsitf%3DYYYYYYYYYY-Y----------------------------%26fs_session_id%3D651698ff-6360-4841-84c4-71a1d46471f3%26fs_pageview_id%3D694e1c785cfe718668203a81fde9ba15%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D220332232231232202112%26fs_testgroup%3Doptimised&adks=1085809260&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
6954a987089c18b6080b8c0cba35621994ef7c4fb975e89519e953272077a5b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22693
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6AAE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:14 GMT
expires
Fri, 10 Jan 2025 17:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:14 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
/
ce.lijit.com/beacon/prebid-server/ Frame 5A57
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
ded5deda2d5981c7202928c4d71e569bf8f9dbcc9b8770b86f4723d54bc2c7ec

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
729
Content-Type
text/html
Date
Thu, 11 Jan 2024 17:48:15 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 11 Jan 2024 17:48:15 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xef5127df4cccf8930000000000000000%22,%222%22:%220xda74707d048eae680000000000000000%22,%223%22:%220x77d15d3889d3e2520000000000000000%22,%224%22:%220xf4337813ff32a6880000000000000000%22,%225%22:%220xb4aef92930f493910000000000000000%22},%22debug_key%22:%2217661735414640202332%22,%22debug_reporting%22:true,%22destination%22:%22https://cynet.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22870452222%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211184886640279445473%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfc600f4b526b809f0000000000000000%22,%222%22:%220x92f610b573f295bd0000000000000000%22,%223%22:%220x788a3674ebe885c70000000000000000%22,%224%22:%220x23e796e5427a80cd0000000000000000%22,%225%22:%220x6afbda786b86964a0000000000000000%22},%22debug_key%22:%2210065837031781339065%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22677078789%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22666395034222913713%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x199c79956f957c190000000000000000%22,%222%22:%220x498eec80fb576d6c0000000000000000%22,%223%22:%220xd74a6d5e6adcb6290000000000000000%22,%224%22:%220x6d99959ecb18b11c0000000000000000%22,%225%22:%220x32cb4f51484bf7ac0000000000000000%22},%22debug_key%22:%223184347219651403443%22,%22debug_reporting%22:true,%22destination%22:%22https://getconsumerchoice.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22773626184%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222332558389369514433%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf9a3d9124babf2bd0000000000000000%22,%222%22:%220x4850fe81694f1e7e0000000000000000%22,%223%22:%220x76cf6ab84dafec6d0000000000000000%22,%224%22:%220xad1115f6d5f83960000000000000000%22,%225%22:%220xc8fe94376fd2872d0000000000000000%22},%22debug_key%22:%2216194911444297934710%22,%22debug_reporting%22:true,%22destination%22:%22https://schrodinger.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210880218163%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212286350631410063617%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x735eabb172b263ba0000000000000000%22,%222%22:%220xa87da0a7a86e1dca0000000000000000%22,%223%22:%220xd854f2446940a1f40000000000000000%22,%224%22:%220x9c4a70c0bb1966d00000000000000000%22,%225%22:%220x6e705b85e61fc9a20000000000000000%22},%22debug_key%22:%2215805324081394677614%22,%22debug_reporting%22:true,%22destination%22:%22https://taxpayer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221038171580%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226268665263466326673%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x29a18871b9250cd10000000000000000%22,%222%22:%220xdbc78b193fd79f460000000000000000%22,%223%22:%220x334084eba39b0cc10000000000000000%22,%224%22:%220x78d2d0001d2a2b6c0000000000000000%22,%225%22:%220x2218202b76ef9e180000000000000000%22},%22debug_key%22:%2217119923229865807664%22,%22debug_reporting%22:true,%22destination%22:%22https://bluescape.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972699718%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226182099742007446193%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd01a8505653d4d250000000000000000%22,%222%22:%220x376ee0a0ed075de90000000000000000%22,%223%22:%220x2cdef98e31473ab00000000000000000%22,%224%22:%220x551730ff4953a37b0000000000000000%22,%225%22:%220x1d5d5e4450c93bef0000000000000000%22},%22debug_key%22:%2211332973063677519081%22,%22debug_reporting%22:true,%22destination%22:%22https://starshunt.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211262059421%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228273358258363429041%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xacf57c0f9f5c4720000000000000000%22,%222%22:%220x4f2ec3201ebb0cd60000000000000000%22,%223%22:%220x34795eeffd756d220000000000000000%22,%224%22:%220x6365eed8330a23b30000000000000000%22,%225%22:%220x72503f9dc3cfeea80000000000000000%22},%22debug_key%22:%221003504921086942426%22,%22debug_reporting%22:true,%22destination%22:%22https://tek.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22957659261%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221988174952176124257%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cs
cs-server-s2s.yellowblue.io/ Frame B60A
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&gdpr_consent=null&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&gdpr_consent=null&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11571&id=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55&gdpr_consent=null&gdpr=0
date
Thu, 11 Jan 2024 17:48:13 GMT
server
_
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame B60A
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:13 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-127
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=02a617af-ef2a-4fe4-8acf-c6dc244beedb
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame B60A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=72ba6168-a3b7-49a2-a186-a5eb680c72fe
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=72ba6168-a3b7-49a2-a186-a5eb680c72fe
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:20 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=72ba6168-a3b7-49a2-a186-a5eb680c72fe
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame B60A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Date
Thu, 11 Jan 2024 17:48:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame B60A
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212416160174736
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212416160174736
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:13 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212416160174736
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame B60A 		0
0
pixel
capi.connatix.com/us/ Frame B60A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings&zcc=1&cb=1704995294202
  • https://ad.turn.com/r/cs?pid=45&rndcb=1698328354
  • https://sync.1rx.io/usersync/turn/7015515884507246864?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005%26pI...
  • https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd4fdb767118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44
date
Thu, 11 Jan 2024 17:48:14 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXccca562f4c954b60af7b70eceecab7c0005
content-type
text/html
cs
cs.yellowblue.io/ Frame B60A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=8afe63777b95c6c18ea6533a12e5437&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=8afe63777b95c6c18ea6533a12e5437&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
18.235.26.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-26-124.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=8afe63777b95c6c18ea6533a12e5437&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704995310621005-117
cs
cs.yellowblue.io/ Frame B60A
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
18.235.26.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-26-124.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:19 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=a84a6b5e-9b64-41f7-b5c4-81c622fcbf85&gdpr=0
date
Thu, 11 Jan 2024 17:48:18 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame B60A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcs-server-s2s.yellowblue.io%252Fcs%253Faid%253D11596%2526id%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5817253177479791002&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5817253177479791002&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:20 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
ed2eed9c-529d-4233-9f1c-4ede1b6d1abc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=5817253177479791002&gdpr=0&gdpr_consent=
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame B60A 		57 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.120.23 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-120-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 17:48:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Thu, 11 Jan 2024 17:48:14 GMT
us
capi.connatix.com/core/ Frame B60A
Redirect Chain
  • https://cks.connatix.com/cks?pid=24&ev=46a0c9ae7afa44739d3ed7a9bacd8f25&pname=IronSource&api-tier=2&uid=CrPh8Cg-Cp_s&direct=1
  • https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=CrPh8Cg-Cp_s&UserId=&tier=2
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=CrPh8Cg-Cp_s&UserId=&tier=2
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd48ac907118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 11 Jan 2024 17:48:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://capi.connatix.com/core/us?DemandPartner=24&DemandPartnerUserId=CrPh8Cg-Cp_s&UserId=&tier=2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd487fd638e4-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
/
onetag-sys.com/usync/ Frame 62A1 		0
0
usync.html
eus.rubiconproject.com/ Frame DEFD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 17:48:16 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 11 Jan 2024 17:48:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=2a8c0cfd-7d7c-4b2f-b220-c153645e95ee&cid=8CUJ8GUQF&crid=315461417&adunit_count=1&dn=www.bleepingcomputer.com&requrl=https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/&istop=true&event=client_timeout&value=1&rd=518
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.230.196 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-230-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:32 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 11 Jan 2024 17:48:32 GMT
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 12 Jan 2024 17:48:35 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
auction
s2s.t13.io/openrtb2/ 		159 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
3f9a07d6fb5cd9c016e0b8cb2a748db84df32cd365060a1e3c75e2c5d9dbfbb1

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/2.3.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52151
expires
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
bid-request
a.teads.tv/hb/ 		0
0
prebid
prebid.media.net/rtb/ 		98 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
0c6f71f769be84f8861a11d0a9d1650906aa45cb31a0ca6ca97f8ae0812cb774

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 17:48:13 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
cdb
bidder.criteo.com/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
translator
hbopenbid.pubmatic.com/ 		21 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c701c6751a1e78dc066557c01c7bf74bab9dd1f84f0ac3fdf8e3db5f43e26684

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:13 GMT
content-encoding
gzip
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
container.html
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:14 GMT
expires
Fri, 10 Jan 2025 17:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.166.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-166-107.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:39:01 GMT
x-amz-version-id
w6Ha68pJacUnuHVEsK5t0V6hDTkI3luf
content-encoding
br
last-modified
Mon, 11 Dec 2023 09:04:28 GMT
server
AmazonS3
via
1.1 a6d85ea59bcdf706b41bccb78ec2f8f2.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P7
etag
W/"a5c7623fd48021f30f35d232712086d5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=3600
age
569
x-amz-cf-id
h_gw0oD_xEOW8oNnrHSojZ_kj0FSwsFNvFj_8craS_6C_IFkyOxskw==
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:14 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ads
securepubads.g.doubleclick.net/gampad/ 		130 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=515868369306182&correlator=4332117015235662&eid=31079925%2C31080290%2C31080328%2C95320512%2C31080117&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%7C970x90%7C728x90%2C320x50%7C554x312%7C728x90%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C320x50%7C970x250%7C970x90%7C554x312%7C728x90&fluid=0%2Cheight%2C0%2C0%2C0%2Cheight&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd1f2070a49ad6848%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaFtMqY9OWy2WmADKZwuY4ne5b2oA&gpic=UID%3D00000db65bbc46a7%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaUJUPsLNYyi8sk9qxODpF-8vPJfA&abxe=1&dt=1704995294094&lmt=1704990948&adxs=315%2C355%2C1082%2C1082%2C1082%2C315&adys=271%2C3842%2C782%2C1943%2C2438%2C5345&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C4&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&tos=~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&vis=1&psz=1170x280%7C834x90%7C306x600%7C306x600%7C306x600%7C1200x250&msz=1170x250%7C834x90%7C306x600%7C306x600%7C306x600%7C1170x250&fws=4%2C4%2C4%2C4%2C516%2C4&ohw=1170%2C834%2C306%2C306%2C306%2C1170&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7oiOzc8xSABSAghkEhkKCnB1YmNpZC5vcmcY7oiOzc8xSABSAghkEhcKCHJ0YmhvdXNlGO6Ijs3PMUgAUgIIZBIUCgVvcGVueBjuiI7NzzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO6Ijs3PMUgAUgIIZA..&dlt=1704995291291&idt=952&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Ddf800a4c-ec24-4d4f-a5f0-051dfa005bc3%26floors_id%3Dc300b1%26floors_hour%3D17%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26amznbid%3D1gu9kw0%26amznp%3D19z1mo0%26fsbid%3D0%26amzniid%3DJKD7uMbkpwGwufPVh0mo_p0AAAGM-aOIaQEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBpPyKC%26amznsz%3D970x250%26amznactt%3DOPEN%26fspbg%3Dfreestar%26hb_auction_id%3D668067f5-1115-4f4b-8967-dc0abcb9208c%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dix_970x250%26hb_format%3Dbanner%26hb_adid%3D243afdd0bf213655%26hb_bidder%3Dix%26hb_size%3D970x250%26hb_pb%3D0.16%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dfbedfd1f-efa0-422c-aba3-953d3b3fbfa2%26floors_id%3D412e67%26floors_hour%3D17%26fs_placementName%3Dbleepingcomputer_728x90_320x50_InContent_1%26fs_ad_product%3Dbanner%26amznbid%3D1yljlds%26amznp%3D19z1mo0%26fsbid%3D0%26amzniid%3DJKLRezo14ks3LeosL9WulmIAAAGM-aOIaQEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDjvtRx%26amznsz%3D728x90%26amznactt%3DOPEN%26fspbg%3Dfreestar%26hb_auction_id%3D668067f5-1115-4f4b-8967-dc0abcb9208c%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dix_728x90%26hb_format%3Dbanner%26hb_adid%3D242fdc774e734b13%26hb_bidder%3Dix%26hb_size%3D728x90%26hb_pb%3D0.13%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D49d51a6d-af76-40bd-a63d-f4670d2b3e5c%26floors_id%3Db30265%26floors_hour%3D17%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_1%26fs_ad_product%3Dbanner%26amznbid%3D1yljlds%26amznp%3D19z1mo0%26fsbid%3D0%26amzniid%3DJM3siiCS0WaMqv0Fy1UydtQAAAGM-aOIagEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBV7_eD%26amznsz%3D300x600%26amznactt%3DOPEN%26fspbg%3Dfreestar%26hb_auction_id%3D668067f5-1115-4f4b-8967-dc0abcb9208c%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dsovrn_300x600%26hb_format%3Dbanner%26hb_adid%3D247a7829f3f95006%26hb_bidder%3Dsovrn%26hb_size%3D300x600%26hb_pb%3D0.74%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D877c47cd-0044-4791-9aef-91d175233506%26floors_id%3Db30265%26floors_hour%3D17%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_2%26fs_ad_product%3Dbanner%26amznbid%3D1yljlds%26amznp%3D19z1mo0%26fsbid%3D0%26amzniid%3DJDJOAACJXkaGXz7v4OVcl4wAAAGM-aOIawEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBN0iG7%26amznsz%3D300x600%26amznactt%3DOPEN%26fspbg%3Dfreestar%26hb_auction_id%3D668067f5-1115-4f4b-8967-dc0abcb9208c%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dix_300x600%26hb_format%3Dbanner%26hb_adid%3D24507ed70743e69b%26hb_bidder%3Dix%26hb_size%3D300x600%26hb_pb%3D0.36%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D4613b1f6-6a53-42ed-afb4-5898ca4833aa%26floors_id%3D21eb07%26floors_hour%3D17%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_3%26fs_ad_product%3Dbanner%26amznbid%3D1yljlds%26amznp%3D19z1mo0%26fsbid%3D0%26amzniid%3DJPp0y6vT9C37csZ-DAnBemkAAAGM-aOIbQEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBhBRff%26amznsz%3D300x600%26amznactt%3DOPEN%26fspbg%3Dfreestar%26hb_auction_id%3D668067f5-1115-4f4b-8967-dc0abcb9208c%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dpubmatic_300x600%26hb_format%3Dbanner%26hb_adid%3D240254e8d905cd2d%26hb_bidder%3Dpubmatic%26hb_size%3D300x600%26hb_pb%3D1.59%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D2f131dd4-3c19-4406-9695-d8924b38406a%26floors_id%3D02bc62%26floors_hour%3D17%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_BTF%26fs_ad_product%3Dbanner%26amznbid%3Dhbpjwg%26amznp%3D19z1mo0%26fsbid%3D0%26amzniid%3DJAkWBEAjutssZpxxtwoVpZcAAAGM-aOIbgEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICA23TFL%26amznsz%3D970x250%26amznactt%3DOPEN%26fspbg%3Dfreestar%26hb_auction_id%3D668067f5-1115-4f4b-8967-dc0abcb9208c%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dix_970x250%26hb_format%3Dbanner%26hb_adid%3D244922f51806a0f6%26hb_bidder%3Dix%26hb_size%3D970x250%26hb_pb%3D0.16&cust_params=fsitf%3DYYYYYYYYYY-Y----------------------------%26fs_session_id%3D651698ff-6360-4841-84c4-71a1d46471f3%26fs_pageview_id%3D694e1c785cfe718668203a81fde9ba15%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D220332232231232202112%26fs_testgroup%3Doptimised&adks=3680082436%2C1460056452%2C1431339665%2C3504722123%2C810916176%2C3772282542&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
5fbf07176fcd04063ca0806230fb9b68a7982e117f4e78f258db7c1cc2dc3cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27809
x-xss-protection
0
google-lineitem-id
-2,-1,5335281347,5334095643,5334116316,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,138307162379,138307164255,138307546609,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:14 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
setuid
s2s.t13.io/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:38 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Location
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Date
Thu, 11 Jan 2024 17:48:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=bleepingcomputer.com&t=desktop&k=1&r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
cache-status
uncacheable
content-length
0
date
Thu, 11 Jan 2024 17:48:30 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=bleepingcomputer.com&t=desktop&k=1&r=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f76f20e03ab2b3d908bb3b083af35f3f4701a6b88d86652e58e5bb12e976a2bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Thu, 11 Jan 2024 16:52:32 GMT
age
3358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5028
pragma
no-cache
cache-status
stale
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
container.html
0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 092B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:14 GMT
expires
Fri, 10 Jan 2025 17:48:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9B18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDSkNSWLhTlQ4vkMmv-EjYXXpq8bBkAdjWPaQnQQX7esswT0wy16NwcR-5svl7SY42213pui1JRYZXAZEPOsjiGD7QXUpxzm3uYHm2-1zuKrqzBnxo3zs8kYVLdKMaYC2_ZBonmo7W96Xh-X4Tfk6d6m7qFeAeT0Gf2j6qOWPR8jSu-hZv-GOijbh3jcsQZKEzuiXMkDDjEzNC4WIFcaGOLQqOPVxyzL4Z4_QiGGiCBJqvnO1W7d7MqbhEUxXcdlzIp8uUJ8D56QDHv20X9ZA6RBN7MZUC1IIQBsQgG5xq96519gk2DjXpihIe0ct-xFX-V2JZFXz793YFAP1o3Be4cgVOBRlgS6YKt3s8nuLVCPAKCHq-NKakf_GFE2oMTpUkS9-0wmWat6yRKhRmz-VzcMV67gJP78SHMAXkxEOdiVzPBFU&sai=AMfl-YS1tqvJsNry3vRjmk0ortZuekjwodvqeh8mDbBpakvcSKkS0plGtyEhuvHjl0sZDFmqMxqWgVQUM6F9WZ7fE_QD92jtVgWDM6Fk3dOHE1_hqxxZmUoOIqz-DJrE7OE&sig=Cg0ArKJSzKzf1hoJpEGpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
a.pub.network/core/ Frame 9B18 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74043
x-guploader-uploadid
ABPtcPoBcTyLZt_ENJ4TMqvKHDD0VoZ-VSZr-VuTDM6t2zb4wQo0IRbdyA2HtSZPeekaORTEtVo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 24 Aug 2022 14:40:55 GMT
server
cloudflare
etag
W/"da99e137f36f9c7c7241641a2ed29609"
vary
Accept-Encoding
x-goog-generation
1661352054877845
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ttmkPQ==, md5=2pnhN/NvnHxyQWQaLtKWCQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
29146
cf-ray
843efd501bdd36d1-YYZ
expires
Fri, 12 Jan 2024 17:48:14 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9B18 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 776E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvATSG8GxDs4mOuWkmW027KhvwFaLUJe0_rujn0GSlyOrdWrHZhn8SgM3gjU2WfrPpWhaR6BICX18ePTKzTyrtqFfNuidQySmWNpCEq5nfPYV9BlOYznpAWGw-akrZ7hgEI-6tQ8XEtLfXvIEERHAq-HV2TIHgyGsxyWpCDKJ5uFEDsGhT7Etibjm5P7_rEocdUGrjOvyymGHEmYMZR6Wn-dAJXkPZQwzXA1Ff2ZIuFgWYnYyTMyUiPzv39Gwd8naI4ofK5qyJ-qzbfV-lY7YzZxe_xplaj6cXLegfsItj2YuJIFwOqFl4MAjHxmWGyP85DeO_687ugCaxL8JHJQTz4uZefr6s8OKJgBv7Kxm7Poccpqp3tv00KJOqpJ2CFqvE7VK-SNXzrVfdSFmGzoVXY7Qv0_dA7dEWc3zy0-xt0fa1xSu8&sai=AMfl-YRtcXaIJKUXFcxlmxyGKfsj9IZ16vFr7XgFa3Q9FX4bSAplG_hkDJIJ02HpphXg_FCZ-ObIb39UI5gkjYwmhWS6oOYU1dgaG06ZMjZ7NP_nc0rgm4LbIbRgyuU_XsM&sig=Cg0ArKJSzDVASXudUnHrEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
a.pub.network/core/ Frame 776E 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74043
x-guploader-uploadid
ABPtcPoBcTyLZt_ENJ4TMqvKHDD0VoZ-VSZr-VuTDM6t2zb4wQo0IRbdyA2HtSZPeekaORTEtVo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 24 Aug 2022 14:40:55 GMT
server
cloudflare
etag
W/"da99e137f36f9c7c7241641a2ed29609"
vary
Accept-Encoding
x-goog-generation
1661352054877845
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ttmkPQ==, md5=2pnhN/NvnHxyQWQaLtKWCQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
29146
cf-ray
843efd502bee36d1-YYZ
expires
Fri, 12 Jan 2024 17:48:14 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 776E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:14 GMT
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:14 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:14 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 8101 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOtaKRPt5wmwxsLJ1JEihByrHEvnFL1KlwV1UPA9i4yuNai_RwV53hBUrjFPVKd4H-E4JQW7Fvok7Ut7C3qJ-Y6b-tB_ZtF_ULWOapUhyTS34Gh-5zUrGXh6aVl4xThJDFCUbiGP2CRk_5ITZdGIkTXFJRu5cq2_Ph7BQbwCwPiifNjyZJbJD5nvYC6IoTcGjCqWTKazey3mqImVVuvMVe43VVmFVQIiZQKQOwOub25ZtIzBQZyapYAwmx67AK1RmZtXuBzAfw4SPFqHzgg2D92tsSCP0WUkMgWa0D5DCTxH3McGLZiBiQwowRslj8hpf5ivSvG3Nu2tsQQa6VZHEkNg7UBHyyQ3UV-6OE6PGU8pSDIiEW3LEHi0m7OUeQEQA1UjI1ugM7kJZVrdHt1nJ91n5d9WnKTW4oHWMttK0Q2VpLXwg&sai=AMfl-YQ5y27LaXU34wG1qYeYpTRaiYYYKbtF5Y5gN2K9Ke9aBK_M5Qx7iEAABcTpRamLfiuL6AonEnPEotJj0iT6Vhk-f3KWI7Ppbs1cDK7DZnrCjYykH9rfXDUcGb9pnco&sig=Cg0ArKJSzCwatI3fE84yEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
a.pub.network/core/ Frame 8101 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-universal-creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
74043
x-guploader-uploadid
ABPtcPoBcTyLZt_ENJ4TMqvKHDD0VoZ-VSZr-VuTDM6t2zb4wQo0IRbdyA2HtSZPeekaORTEtVo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 24 Aug 2022 14:40:55 GMT
server
cloudflare
etag
W/"da99e137f36f9c7c7241641a2ed29609"
vary
Accept-Encoding
x-goog-generation
1661352054877845
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ttmkPQ==, md5=2pnhN/NvnHxyQWQaLtKWCQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
29146
cf-ray
843efd502bfe36d1-YYZ
expires
Fri, 12 Jan 2024 17:48:14 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8101 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:14 GMT
demand-source
d.pub.network/ 		61 B
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
37ca13adfc531c2a4b34ee2d45e2c65c128807ca624531dc89678b087542f37f

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
demand-source
d.pub.network/ 		95 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6338a84d607c6e3440f3e02e5e4b1e1c1001fb1fbe72976175e7d091021e67c6

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0DED 		684 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGPyouIMCMAE&v=APEucNXUGCxVD73vwxjCpTnGdgKhwvW10wX6e-RC2LzCJzx-zGdQUepkcLwOsQNWC66adwTM-CsSvckh-gKdrXWK84YjSnz001j_IlTzvOaRJhCgQEnjwuY
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:14 GMT
expires
Thu, 11 Jan 2024 17:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9B18 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:14 GMT
sovrn
ox-rtb-us-east4.openx.net/win/ Frame 9B18 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-us-east4.openx.net/win/sovrn?p=0.94&t=2DAABBgABAAECAAIBAAsAAgAAAdccGApBTWdSZGpmV3JWHBaOiqL11IGex5oBFrPUrpLZ5uCKyAEAHBaKl5KIqJejyBIWkZe2wP-W_N3pAQAWuqeB2gwVBnkMACwcFQIAHBUCABwVAgAcFQIAABwm-syMggQVBDbOy4yCBBb28_6BBCUCFQKm2A4W2A4W2A4WFBYUFhQWFBaSHQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBae5aKABBbgxfyABBbW7qmABBUYHBSwCRTYBAAVBCaSHRaSHRawHRE1DiawHTQCACwsFpPFlYLuxbizzQEWs9yHguPzn7jVAQAWuqeB2gwGKLzZmIAEFp7looAEFtbuqYAEFuDF_IAEGAk1NDQwODUxMTYWvgwWsB0lBBa6DhgGMjM2ODMxFQKhERgCT1gIfgNydGIAHDUGGA1PWC1YUFQtd0NmcEM2FhRcLBaAsYqku-yDrSoW67K12efigOelAQAAFvLxzZUEFvDxzZUEAByWHhf8qfHSTWKAPwC8GwKIHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQVvdGhlchhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQEdHJ1ZQCsOAdibW8uY29tAAAA&ph=21f03281-5b83-4670-a0e0-dc15f7542014&pmd=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.113.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.113.95.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
via
1.1 google
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B18 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D560s12TWJenI4TKIkZTnRWyBS6eTZdM91VHJZrLeds66bWN1dBxcnJVHeaoRZ87KYPj3ZL9kg6uSF_FS2vpw2-5eDPjPBeEgq0kgLLue3_PxPDpU
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative.js
static.polarcdn.com/creative/ Frame 9B18 		356 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.polarcdn.com/creative/creative.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.119.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651f66033d05c4c874bf7325fc0923e4c5cb0bfc33e4565b2a4c282c2230d4f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
via
1.1 varnish
cf-cache-status
HIT
age
3683
content-length
137258
last-modified
Tue, 09 Jan 2024 22:46:36 GMT
server
cloudflare
etag
W/"659dcccc-58f08"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
CF-IPCountry
cache-control
max-age=10800
access-control-allow-credentials
true
x-varnish
1217130443 1217060131
cf-ipcountry
CA
accept-ranges
bytes
cf-ray
843efd510d9c53dd-YYZ
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:26:55 GMT
moatad.js
z.moatads.com/openxdisplay970503469688/ Frame 9B18 		0
0
t.dhj
pxdrop.lijit.com/1/d/ Frame 9B18 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=bleepingcomputer.com&pn=%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&pubid=FreestarCapital&v0=239429
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.26 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5fba5efef8502b6094d42c832d50d1033983675699aa2406c6121654c7af5da9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1579
Expires
Thu, 11 Jan 2024 18:48:31 GMT
impression
vap3ord1.lijit.com/rtb/ Frame 9B18 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap3ord1.lijit.com/rtb/impression?i_data=R9a8tsEYhHQz4d6T1MgT-SLGXt9yOHVv3jhw5i5AL2Tm95tEAVHvgeoN0T3FTlVSe4Fq3AWzeSs4WLSYXfiQNRjzUgxFa6hoDm1SXf64e3hAuI63O9pUDX_CEq_xPaPc4zHxnC58XIal-nrm9mgONldd4i6ObKk96hpKCTUOoYx6DYy9YfEDjoQTDrS8XvHyUW49OIpgscKyq7bpZ6Sd1_M3zytGWvYohqhBmy7jA3HOW-ZEfP8CNncJbrsQHyE0jxueroHeKe9kLywPJ1iwvbfcr6CKbRWhbgmys8EFbrhnGZJwd1wc8q7s1CEFOm6tDKeCfG0Ka4QKZoCfP8jVWlcYTop_yqfn4nB-KCTaOpf-QA~~&bannerid=182681&campaignid=3377&endpoint=PREBID&prebid=prebid_server&rtb_tid=6a5763e0-7632-4d80-aab6-fb5739d64373&rpid=76&seatid=OpenX&zoneid=563240&tid=a_563240_208642f29b9e4f86ac1990628ab3af26
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.175.41.32 Park Ridge, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:30 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
event
s2s.t13.io/ 		86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/event?t=win&b=a_563240_208642f29b9e4f86ac1990628ab3af26/0948465d-4082-45c5-8b22-07a403f93a37&a=d0cd3243-716f-4f9c-b074-f72637de26f3&p=0.7426000201702118&w=300&h=600&d=bleepingcomputer.com&i=bleepingcomputer_300x250_300x600_160x600_Right_1&aid=8d1f7e32-1939-4cf9-a61c-9545bde0ceeb&ts=1704995293044&bidder=sovrn&f=i&int=amp&pg=%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
expires
0
pixel
protected-by.clarium.io/ Frame 9B18 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL3NvdnJuOjMwMHg2MDA=&v=5&s=v31hjsq73jf&id=eyJwcmViaWQiOnsiYWRJZCI6IjI0N2E3ODI5ZjNmOTUwMDYiLCJjcG0iOjAuNzQyNjAwMDIwMTcwMjExOCwicyI6ImJsZWVwaW5nY29tcHV0ZXJfMzAweDI1MF8zMDB4NjAwXzE2MHg2MDBfUmlnaHRfMSIsInNyYyI6InMycyJ9LCJ0cF9jcmlkIjoiUEI6c292cm47NTQ0MDg1MTE2IiwiYWRvbWFpbiI6ImJtby5jb20ifQ%3D%3D&cb=3094862&h=www.bleepingcomputer.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwzTnZkbkp1T2pNd01IZzJNREE9Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsic292cm4iXSwiaGJfc2l6ZSI6WyIzMDB4NjAwIl19fSwid3IiOjB9
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:31 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9603 		490 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRCM6XEY3JC4-AEwAQ&v=APEucNUrWlCcK8Xk1wgnLG5YaTLDufvjsolweFXjfRBR5xZcPHi0Anx3144P8bkLavG1JbtY0bWH8jA4MzAvIMB2Pb6nebY6Gw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
170
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:14 GMT
expires
Thu, 11 Jan 2024 17:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 776E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:14 GMT
1e073c3e-25fc-41be-bde8-c1f54c2519db
a1008.casalemedia.com/impression/v2/393562/85/cmg2jn8bl7d9jv5v8r1g/ Frame 776E 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1008.casalemedia.com/impression/v2/393562/85/cmg2jn8bl7d9jv5v8r1g/1e073c3e-25fc-41be-bde8-c1f54c2519db?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1704995893&profileIDs=&creativeID=c86174&pubID=184310&format=banner&channel=site
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.204.232.140 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:31 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 776E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dmoxpk_Ro-F5S3gWShXhIn64z3vPjT6lpmpNBKsl8B6Qq-FvBIv7daYEuCzRFy2abKnsStTsx1dl4m25B43yQ1NFnogEiB7yDpbvLRGi9nbrz95qg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 776E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11556288&cmp=30567958&plc=376571972&sid=2742014&dvregion=0&unit=300x600
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-74.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:15 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Dec 2023 15:12:34 GMT
Server
UploadServer
ETag
"a8006a511aee2e57196f5e8bee81dde8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Fri, 12 Jan 2024 17:48:15 GMT
event
s2s.t13.io/ 		86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/event?t=win&b=1e073c3e-25fc-41be-bde8-c1f54c2519db&a=d0cd3243-716f-4f9c-b074-f72637de26f3&p=0.36&w=300&h=600&d=bleepingcomputer.com&i=bleepingcomputer_300x250_300x600_160x600_Right_2&aid=8d1f7e32-1939-4cf9-a61c-9545bde0ceeb&ts=1704995293044&bidder=ix&f=i&int=amp&pg=%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
expires
0
pixel
protected-by.clarium.io/ Frame 776E 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL2l4OjMwMHg2MDA=&v=5&s=v31hjsq73kg&id=eyJwcmViaWQiOnsiYWRJZCI6IjI0NTA3ZWQ3MDc0M2U2OWIiLCJjcG0iOjAuMzYsInMiOiJibGVlcGluZ2NvbXB1dGVyXzMwMHgyNTBfMzAweDYwMF8xNjB4NjAwX1JpZ2h0XzIiLCJzcmMiOiJzMnMifSwidHBfY3JpZCI6IlBCOml4OzEzMTMyMTQ4IiwiYWRvbWFpbiI6InRkY2FuYWRhdHJ1c3QuY29tIn0%3D&cb=7015593&h=www.bleepingcomputer.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwybDRPak13TUhnMk1EQT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJpeCJdLCJoYl9zaXplIjpbIjMwMHg2MDAiXX19LCJ3ciI6MH0=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:31 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
report
reports.intentiq.com/ 		2 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reports.intentiq.com/report?pid=1434517136&mct=2&agid=1704995292301_298&jsver=5.4&vrref=www.bleepingcomputer.com&paucid=%5B%22668067f5-1115-4f4b-8967-dc0abcb9208c%22%2C%22668067f5-1115-4f4b-8967-dc0abcb9208c%22%5D&pa=-2&payload=[%22eyJpbmJibCI6ZmFsc2UsInBianN2ZXIiOiJ2OC4yNy4wIiwiYmlkZGVyQ29kZSI6InNvdnJuIiwiY3BtIjowLjc0MjYwMDAyMDE3MDIxMTgsImN1cnJlbmN5IjoiVVNEIiwib3JpZ2luYWxDcG0iOjAuNzQyNjAwMDIwMTcwMjExOCwib3JpZ2luYWxDdXJyZW5jeSI6IlVTRCIsInN0YXR1cyI6InJlbmRlcmVkIiwicHJlYmlkQXVjdGlvbklkIjoiNjY4MDY3ZjUtMTExNS00ZjRiLTg5NjctZGMwYWJjYjkyMDhjIiwicGxhY2VtZW50SWQiOiJibGVlcGluZ2NvbXB1dGVyXzMwMHgyNTBfMzAweDYwMF8xNjB4NjAwX1JpZ2h0XzEiLCJiaWRkaW5nUGxhdGZvcm1JZCI6MSwicGFydG5lckF1Y3Rpb25JZCI6IjY2ODA2N2Y1LTExMTUtNGY0Yi04OTY3LWRjMGFiY2I5MjA4YyIsImFiUGVyY2VudGFnZSI6OTUsImFiR3JvdXAiOiJBIiwiaXNJblRlc3RHcm91cCI6IkEiLCJlbmhhbmNlUmVxdWVzdHMiOnRydWUsImhhZEVpZHMiOmZhbHNlLCJ1c2VyUGVyY2VudGFnZSI6OTUsIkFCVGVzdGluZ0NvbmZpZ3VyYXRpb25Tb3VyY2UiOiJwZXJjZW50YWdlIiwianN2ZXJzaW9uIjo1LjQsImxhdGVDb25maWd1cmF0aW9uIjpmYWxzZSwiZWlkc05hbWVzIjpbXSwicnR0IjowLCJjbGllbnRUeXBlIjoiIiwiQWRzZXJ2ZXJEZXZpY2VUeXBlIjoiIiwidGVybWluYXRpb25DYXVzZSI6IiIsInByb2ZpbGUiOiIiLCJzaWQiOm51bGwsImFzdCI6MTcwNDk5NTI5MzA0NCwiZWlkdCI6bnVsbCwiYWlkIjoiMTcwNDk5NTI5MjMwMV8yOTgiLCJhZWlkbG4iOi0xLCJ3c3J2Y2xsIjp0cnVlLCJ2cnJlZiI6Ind3dy5ibGVlcGluZ2NvbXB1dGVyLmNvbSIsInBjaWQiOiI5N2YwMWVhZC00NjUzLTQ3ZjEtYjJhNC1kZTUzNjMwYjM1NDciLCJwYXJ0bmVySWQiOjE0MzQ1MTcxMzZ9%22,%22eyJpbmJibCI6ZmFsc2UsInBianN2ZXIiOiJ2OC4yNy4wIiwiYmlkZGVyQ29kZSI6Iml4IiwiY3BtIjowLjM2LCJjdXJyZW5jeSI6IlVTRCIsIm9yaWdpbmFsQ3BtIjowLjM2LCJvcmlnaW5hbEN1cnJlbmN5IjoiVVNEIiwic3RhdHVzIjoicmVuZGVyZWQiLCJwcmViaWRBdWN0aW9uSWQiOiI2NjgwNjdmNS0xMTE1LTRmNGItODk2Ny1kYzBhYmNiOTIwOGMiLCJwbGFjZW1lbnRJZCI6ImJsZWVwaW5nY29tcHV0ZXJfMzAweDI1MF8zMDB4NjAwXzE2MHg2MDBfUmlnaHRfMiIsImJpZGRpbmdQbGF0Zm9ybUlkIjoxLCJwYXJ0bmVyQXVjdGlvbklkIjoiNjY4MDY3ZjUtMTExNS00ZjRiLTg5NjctZGMwYWJjYjkyMDhjIiwiYWJQZXJjZW50YWdlIjo5NSwiYWJHcm91cCI6IkEiLCJpc0luVGVzdEdyb3VwIjoiQSIsImVuaGFuY2VSZXF1ZXN0cyI6dHJ1ZSwiaGFkRWlkcyI6ZmFsc2UsInVzZXJQZXJjZW50YWdlIjo5NSwiQUJUZXN0aW5nQ29uZmlndXJhdGlvblNvdXJjZSI6InBlcmNlbnRhZ2UiLCJqc3ZlcnNpb24iOjUuNCwibGF0ZUNvbmZpZ3VyYXRpb24iOmZhbHNlLCJlaWRzTmFtZXMiOltdLCJydHQiOjAsImNsaWVudFR5cGUiOiIiLCJBZHNlcnZlckRldmljZVR5cGUiOiIiLCJ0ZXJtaW5hdGlvbkNhdXNlIjoiIiwicHJvZmlsZSI6IiIsInNpZCI6bnVsbCwiYXN0IjoxNzA0OTk1MjkzMDQ0LCJlaWR0IjpudWxsLCJhaWQiOiIxNzA0OTk1MjkyMzAxXzI5OCIsImFlaWRsbiI6LTEsIndzcnZjbGwiOnRydWUsInZycmVmIjoid3d3LmJsZWVwaW5nY29tcHV0ZXIuY29tIiwicGNpZCI6Ijk3ZjAxZWFkLTQ2NTMtNDdmMS1iMmE0LWRlNTM2MzBiMzU0NyIsInBhcnRuZXJJZCI6MTQzNDUxNzEzNn0=%22]
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.95.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-95-105.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
x-powered-by
Express
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame B6F1 		560 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGNKfuIMCMAE&v=APEucNXKqT3GYq3IWKrt5RSo3PtSV4xtylcMtId4ZGJBt2nV-IN5jhnp3fYphJBDZfNzYG8C-G7d5v051K7hozcFGCLmd-E7wA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
b5ca18e2886474b70e2a549f345e739dd25b77d0c0203151582a1f7849047768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8101 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8101 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DB4hReV98gYh1yjSOrLA60x46Y9SC4YDqfXL90jz6JVdeUwhH16LjLIC63EbMAHlSHEjgy3LpTePBuN1xRkT17_D7MUthQ5vmoHvSBks_ZdgqntRw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative.js
static.polarcdn.com/creative/ Frame 8101 		356 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.polarcdn.com/creative/creative.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.119.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651f66033d05c4c874bf7325fc0923e4c5cb0bfc33e4565b2a4c282c2230d4f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:14 GMT
content-encoding
gzip
via
1.1 varnish
cf-cache-status
HIT
age
3683
content-length
137258
last-modified
Tue, 09 Jan 2024 22:46:36 GMT
server
cloudflare
etag
W/"659dcccc-58f08"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
CF-IPCountry
cache-control
max-age=10800
access-control-allow-credentials
true
x-varnish
1217130443 1217060131
cf-ipcountry
CA
accept-ranges
bytes
cf-ray
843efd517e2653dd-YYZ
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:26:55 GMT
pixel
protected-by.clarium.io/ Frame 8101 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL3B1Ym1hdGljOjMwMHg2MDA=&v=5&s=v31hjsq73mu&id=eyJwcmViaWQiOnsiYWRJZCI6IjI0MDI1NGU4ZDkwNWNkMmQiLCJjcG0iOjEuNTksInMiOiJibGVlcGluZ2NvbXB1dGVyXzMwMHgyNTBfMzAweDYwMF8xNjB4NjAwX1JpZ2h0XzMiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOnB1Ym1hdGljOzU0NDA4MzkyMiIsImFkb21haW4iOiJibW8uY29tIn0%3D&cb=961693&h=www.bleepingcomputer.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwzQjFZbTFoZEdsak9qTXdNSGcyTURBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInB1Ym1hdGljIl0sImhiX3NpemUiOlsiMzAweDYwMCJdfX0sIndyIjowfQ==
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-254-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:31 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.lkqd.net/ Frame 0DED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKtVkTMeSS0tMP5jL-eRgNE&gdpr=0&google_cver=1
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKtVkTMeSS0tMP5jL-eRgNE&gdpr=0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGPyouIMCMAE&v=APEucNXUGCxVD73vwxjCpTnGdgKhwvW10wX6e-RC2LzCJzx-zGdQUepkcLwOsQNWC66adwTM-CsSvckh-gKdrXWK84YjSnz001j_IlTzvOaRJhCgQEnjwuY
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKtVkTMeSS0tMP5jL-eRgNE&gdpr=0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 0DED 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGPyouIMCMAE&v=APEucNXUGCxVD73vwxjCpTnGdgKhwvW10wX6e-RC2LzCJzx-zGdQUepkcLwOsQNWC66adwTM-CsSvckh-gKdrXWK84YjSnz001j_IlTzvOaRJhCgQEnjwuY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 0DED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1&gdpr=0&C=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGPyouIMCMAE&v=APEucNXUGCxVD73vwxjCpTnGdgKhwvW10wX6e-RC2LzCJzx-zGdQUepkcLwOsQNWC66adwTM-CsSvckh-gKdrXWK84YjSnz001j_IlTzvOaRJhCgQEnjwuY
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xobUgD%2FM%2BXQdJc7B4O%2FlUH%2Be19wfaeyXkTmqavTbsimNVI0FyLqXiI4IkfPVw1I2s41861rjOAOqnvocumQFT4%2BI3PnuIQyIcnrrQzmvcyyxIU2S86sNn8NAjxyf1%2FFAoYGbXrs7J2xgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd5a6ba953fb-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9EuQuZHLcP0w1pymk%2FVab%2FVUQrZvOGsb9FQWCEN0YhKhYTixfA3JNPKLVG7xDxH4dNxQQODsuyG7MHBtQwPDEMQd4xevMDLJAXlusUcYm2N4HVOnQeuVNHbcDsdeBRvkjkf2uGaTA8QXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1&gdpr=0&C=1
cache-control
no-cache
cf-ray
843efd59fb1153fb-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0DED
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaAp4OT30KaT8BN13UvvzwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGPyouIMCMAE&v=APEucNXUGCxVD73vwxjCpTnGdgKhwvW10wX6e-RC2LzCJzx-zGdQUepkcLwOsQNWC66adwTM-CsSvckh-gKdrXWK84YjSnz001j_IlTzvOaRJhCgQEnjwuY
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FaKcyQf4mnh32gE5rX1WsUDXRn2CIsXMeCSaGXEIhmo4BVbf%2FtjycUoJmLVP4GasQkrip4Ud%2BOxeqPzSMpNU%2BxF9Si2QTLgLStsXrfBwpcR7YkyqJJWzq04NTzArs951d74WJZJaqE6Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd5b189da211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC7cjQIfuX73qHb0DbYxz28&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E43B 		441 B
198 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRC-4HEY7dHM-AEwAQ&v=APEucNWkO8yQu8ZI8gXULC3o7j719SuLeeABnOjAvNJgN5XpYUuGqYMOYJdJFILYka5tWPNTzePn6hGx7KUCKHtPlWqU2qI91Q
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 092B 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 092B 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DoQ9T3idqyFlUgukQRQqa19eEBpy5-TnCZnrLVa3W80oz6Q-KdldthAq0-wi-U15vKjlOnS_0DAXKxeTkBDcePur2dV0RRhloWNHJ9TRudF5Yq-GU
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 092B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11556288&cmp=30582322&plc=377163690&sid=6008794&dvregion=0&unit=728x90
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-74.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:15 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Dec 2023 15:12:34 GMT
Server
UploadServer
ETag
"a8006a511aee2e57196f5e8bee81dde8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Fri, 12 Jan 2024 17:48:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 092B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 092B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
l
www.google.com/ads/measurement/ Frame 092B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb7V1KGyeyHI58LYQ2F5XQ1D1PsY4Cw9hsuOVX2uEwHzXHFgYiWQImKquIS83YdDUInggjwZ3q3VoDZBHPWclunKVXjQ
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 092B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:15 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:15 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
dcmads.js
www.googletagservices.com/dcm/ Frame 8C44 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 11 Jan 2024 18:04:34 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8C44 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
67550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14392
x-xss-protection
0
server
cafe
etag
5705098247650313184
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8C44 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8C44 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
l
www.google.com/ads/measurement/ Frame 8C44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTC6eoNznKCtlGMeqVwcyTl0C_8tVA-CikZkw3KGGnqo7UDS1DJKYgtIg9bzyntTOepeFp3XMSeNXK5Cd7codVjgjKrnQ
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8C44 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 8C44 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
report
reports.intentiq.com/ 		2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reports.intentiq.com/report?pid=1434517136&mct=1&agid=1704995292301_298&jsver=5.4&vrref=www.bleepingcomputer.com&paucid=%5B%22668067f5-1115-4f4b-8967-dc0abcb9208c%22%5D&pa=-2&payload=[%22eyJpbmJibCI6ZmFsc2UsInBianN2ZXIiOiJ2OC4yNy4wIiwiYmlkZGVyQ29kZSI6InB1Ym1hdGljIiwiY3BtIjoxLjU5LCJjdXJyZW5jeSI6IlVTRCIsIm9yaWdpbmFsQ3BtIjoxLjU5LCJvcmlnaW5hbEN1cnJlbmN5IjoiVVNEIiwic3RhdHVzIjoicmVuZGVyZWQiLCJwcmViaWRBdWN0aW9uSWQiOiI2NjgwNjdmNS0xMTE1LTRmNGItODk2Ny1kYzBhYmNiOTIwOGMiLCJwbGFjZW1lbnRJZCI6ImJsZWVwaW5nY29tcHV0ZXJfMzAweDI1MF8zMDB4NjAwXzE2MHg2MDBfUmlnaHRfMyIsImJpZGRpbmdQbGF0Zm9ybUlkIjoxLCJwYXJ0bmVyQXVjdGlvbklkIjoiNjY4MDY3ZjUtMTExNS00ZjRiLTg5NjctZGMwYWJjYjkyMDhjIiwiYWJQZXJjZW50YWdlIjo5NSwiYWJHcm91cCI6IkEiLCJpc0luVGVzdEdyb3VwIjoiQSIsImVuaGFuY2VSZXF1ZXN0cyI6dHJ1ZSwiaGFkRWlkcyI6ZmFsc2UsInVzZXJQZXJjZW50YWdlIjo5NSwiQUJUZXN0aW5nQ29uZmlndXJhdGlvblNvdXJjZSI6InBlcmNlbnRhZ2UiLCJqc3ZlcnNpb24iOjUuNCwibGF0ZUNvbmZpZ3VyYXRpb24iOmZhbHNlLCJlaWRzTmFtZXMiOltdLCJydHQiOjAsImNsaWVudFR5cGUiOiIiLCJBZHNlcnZlckRldmljZVR5cGUiOiIiLCJ0ZXJtaW5hdGlvbkNhdXNlIjoiIiwicHJvZmlsZSI6IiIsInNpZCI6bnVsbCwiYXN0IjoxNzA0OTk1MjkzMDQ0LCJlaWR0IjpudWxsLCJhaWQiOiIxNzA0OTk1MjkyMzAxXzI5OCIsImFlaWRsbiI6LTEsIndzcnZjbGwiOnRydWUsInZycmVmIjoid3d3LmJsZWVwaW5nY29tcHV0ZXIuY29tIiwicGNpZCI6Ijk3ZjAxZWFkLTQ2NTMtNDdmMS1iMmE0LWRlNTM2MzBiMzU0NyIsInBhcnRuZXJJZCI6MTQzNDUxNzEzNn0=%22]
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.95.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-95-105.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
x-powered-by
Express
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
2
bounce
ib.adnxs.com/ Frame 9603
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBVzyI6EdQqGQAxZAe2A-uM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBVzyI6EdQqGQAxZAe2A-uM%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBVzyI6EdQqGQAxZAe2A-uM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRCM6XEY3JC4-AEwAQ&v=APEucNUrWlCcK8Xk1wgnLG5YaTLDufvjsolweFXjfRBR5xZcPHi0Anx3144P8bkLavG1JbtY0bWH8jA4MzAvIMB2Pb6nebY6Gw
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
aa964234-137d-4af9-8bf8-a062e000a3f7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
6c75be2c-96e6-4d86-83f9-16d3767e1920
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBVzyI6EdQqGQAxZAe2A-uM%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9603
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4MzgzMjc5MTQ1Mzg2Nzc4Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4MzgzMjc5MTQ1Mzg2Nzc4Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRCM6XEY3JC4-AEwAQ&v=APEucNUrWlCcK8Xk1wgnLG5YaTLDufvjsolweFXjfRBR5xZcPHi0Anx3144P8bkLavG1JbtY0bWH8jA4MzAvIMB2Pb6nebY6Gw
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
f8da18a6-f8a2-42ae-b0aa-5d0f294a1094
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI4MzgzMjc5MTQ1Mzg2Nzc4Ng%3D%3D
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9603
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
42 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRCM6XEY3JC4-AEwAQ&v=APEucNUrWlCcK8Xk1wgnLG5YaTLDufvjsolweFXjfRBR5xZcPHi0Anx3144P8bkLavG1JbtY0bWH8jA4MzAvIMB2Pb6nebY6Gw
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9603
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRCM6XEY3JC4-AEwAQ&v=APEucNUrWlCcK8Xk1wgnLG5YaTLDufvjsolweFXjfRBR5xZcPHi0Anx3144P8bkLavG1JbtY0bWH8jA4MzAvIMB2Pb6nebY6Gw
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B18 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7502206890655&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B18 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7502206890655&version=m202309260101&ct=77&x=9&cor=17985484038588266000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9B18 		40 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZ27MdrFSX-Jks4-LGXIozmmxYx9dK9POuP4-zLgAfKLiWQUjniXwT4sjgPDKQPh-byPIseVjaKwHO4htn6Mgm0WQ7N99Zfx9SDkzlck9_F_nFIsnTFzCnshSwzIgpvPnjdgdc0PLIUQ6lGyUqPhcxF1w3qTwNNl9TB-f95gWBTRJQ2Ts&dbm_d=AKAmf-CAUv7RWwCxOyN-g6GC8gxeUGKzIAawZWff5EfwAkFoYBWwsI15Z5SW0rc0G0jGsLK6Ij00BkJXdosAzg-wC0q-CEmhMiB7RInzSZ1CXMMQLCopP-nF7Bq57KIy1N15GPi_lnkiMTi2dEmpYAJFn9PPm0tvWSYp8U3J10lgZii6y15BD8zv4OglcN9_WX4O0l9R4JMZsfFO_kGx3-YxjsHAoeiHhLavh4VNrikQLINUo7jXmCNthl-HNRbpqaWgCc2aaCLuRdMf_Eu7wWcWKgWAKj99sJfaZ8tdvN1s3SFHncxPLhLSt69KW2sAyovQxzTLYf6lmcOiMtX809PMj8rwWgIyESbQOkw3qx3AyfBxso1O7a80jO7bW4Nocch1UWh4uEhRfldthWydxUTvMSdzpWET-Ck0RI_G8dsmRUaNxj9N6O-W35MEcJ7nAiU5HjprxD5Z8l6JlzffycFCV-2cS189rnFg93EVZED1aPj4roMx4r797m47vXYMKTJbZ-o_U7CKslAq3SsaQIF_VLfJpqvVLUgT-QnxWsRN54ATgJvb6b1I-jv2P8Yn8QqCC60QDdp_8KBhZeaxFMVZeNSv7w0kZQzHRriX-1xMxLHKi0IHXVNM1jR0De9vkfiavinSq6AABiF6os8zyKFcjTpFVkp_uLiPtdGivFhTD35nDkiNSJQu489Pc_0g7u1Q32AIzobnuE0GeGdPymXnnoDC6KMxl41l24BlIQp34FIN-ut4IUaYAHUAvaApWLpZb0DgDwVdLvIob8QvHXxvUXYF4wf941yCQPDb0RQbltyh1DGxNz-hFEDGkuj-7UjShfqqJZFHW4LfsoI4Ze7FuOGaaF92ZrsmyqSGtuDrAKF8bxEash4AMsoOG5tzpQvZPxuKHuOq-raFtlqVv_m7WnJ_IZLzyI37eJzWQ3EC6iRD59uGO_SZ7GD14_RhQEDQQzAW3GwS_RiFeY3QW6ls8lVCxwVkx7l6jAeYa_TpLKQhHDCmMO8kvAC3Vksl8_1rLB91pGiU0PSjbc_bC6pwhgP-u029n4gAlUdYDqFPBOSKDWPG58swjl-HSe0FE3Bob7vNQXRMPYJzO_OP6R6mOBJSeZqOindqcTT-0FernFIjdFx1S0LQWrnrvH_FIIkTncotuF4Z1fhpBts_K2k3QQidzhic-M_4UtrRlSRDXzUfMjZp1_FDW0F6rIraOfneKoLnGgTFX84NdMBpqgnvYYNl_x4Ov5_67gXWG1kFuZy46RIAIlw84F_zDyMUlR8sIbl3I0QjKF-8ovDaYishye3fHxtCpjCHj14xzFIIkWzmQd5Z7g-2v-Mtqervw7giDm4eVBhMUeEevq23fnxuNLDzK8kFuUP2oScpD2RKcoVCN2sBRS1PCVUuAeiV1O4HS39mNW4dwJjBJRJDS07dHPetqqolbKMViFqmrjxc6i57Cu8HZLAsKZBKpKLHsSR1jfU6s2l8uB2wdLjfRDBK8ESc201UbxmLEMaWPKzCyPuLybqog_8KGJFbFVJW34-C8Qbeu5DryZQzi6UfDHH3Xfz2emhANWSKAAjD5UFnBUUXqf4oTNsAE2poV0WGYuq0xXIti_wun3gAtXTH7zAiBXw57yauutLmBcWrBGZoJdnNrXObZIhw007iz-txXMpAZx8PPAA3AI6H5zQAaFFnx2rxSQz5X94Z5992SF99Zm10axhM6heNwrnrQ0evocLE0TziUCBIqrk8JHysxkaE9CL_sadioKnoqhs_xyaAKAjq08auo7xUByAzJDtYgm62f926hnc9PodCoDpBU53MzWqHppJteWG1w4yCkPlD-d5bhoy1kyRsyueBc-m0G08Ws9CA4URORqYauwPPLganCKtTfng68xpnbo1WL0rtlOei3TeAUVFkhS9kYThr0c_LVIMWJWkC2BEGTp9PYxDxbXweRH0RwpEHw3w42qPQamZYNowtKJRX86BHL5YV7djRSAQtz2S_hX--lHWxwxrlrZN4JLgwTOev6oNrlgEFVHB1wOas9mgazPjvzKvjwaneNkHpSwCm3LrWcoCEwjJ7ntXcdTAzFuAjBYCkFnT1hpJngKqHrpBVyf-JpQ3hT5ILPbHiD5w9Wb_uqF6-vDI86RFqZS3sEj5Falu61USxx49zP8XjLnw4Hl6WOFA9o793G6CENiaNMF48MibanfnlRE6rF-Mif-wsC0oGQIuMcf9e2KdbVsXavzICD7nIpWpdk_WRPKoYtl0Lw0zvZbIHTJAUUgOL-XR62CkcNUzLK6k-yQ2sX7eL7GOhhueyJtsDHVPHBPS4jMItDb6BMjijqkA1zvkdkYDppJRrufLmKYoisd3wgMmC5TU5xdrCESvvfMb1kXjYwt1Bh6U2SP5tMJixNzI1H5Xjys7UJSlP_1I0hCBEPn7n9XrqvhImEOLiZYg_OaE0miUn-KxVX61x0j5KR4H__yeVH6xxwo1IoIQfVsNhwFVLD_xYJnp7OgNoE9dE06PERknCZagOsBwYIUG9bjjKj3bULvayjOCDrs-QIAA__Nbf_lpLk4aUG8kK101K4FzC1L9pZcmOahC2vEF1lrZw0-jEJ3AKmr63UEvOLEFmuj8Bbkj12RfFhsJ6qAvLUFfMprANhrnsds80R5KBAwipLA6Is8eUVm1n7MGoxAzSckdTZW8JyUEqF0x1TilQUCMQi2rYY1QMhvBr7xl1x7wYSvPij0QQcrhCJvT-xEgc8yFOvjYtRuTW-vYS0a-oZfj5vquvsD72cAjMrPvIWUSpM82zIETQs-TD4OEb3pfHpj5TgaCS4rLNZnvS2d0jtehJMn44qZIG99reCXsV_fvJTSMrdLhiWCH62fOPE9atLEk5rWOAbqnpOs7gD7Jq4NHQzki4mMv2LcynihsSLR6LAvU4nvGBU0JnubzCyvWX8c7PD5ibsVtZSHGt_SNlMHhE0az7_e2om-gv0fi5ZV9fcJ4R8OLHMBBv2smYmsECOki5LXJhYynZk0vT0m821MeVX99lOkFYf8sG8hCFcvnija_vd0w8Q97-kH7tT2U9vugx3H268s7cI7ElsTKngqWBeKzSPbAdJImi9qS3bkxGPg6-t2x2sOLTdP8O9_QwowKKyZzrFr2uDXBIRBJ7Z0-lcZEZSqm66eOBv9PwkGlfYLv-FihFS6uWQ2gWwc2V9owRexEh0YNxdgslhmhhoYiR1je7YrO90Smkjw-7S4tcS-Xse2iLD0_XKXkbdD8YJIhoRUDWyB6ixEjFSLje65AeYyYE-G6Sloj4bk1vLVZ0xM-ICjMPSiPETwF-RAHj1t18Qqm2Q1klN1c5xiz9bqLxYs4WaVl6K6MB5bVK2tl1JuxVbAU3qJHQIRgtxjaOWox0FDhYcElSv9GAz892Y-6CU3GwkXNbYds-hjmwurxhNkdA4SDfzAIeMsoYNqCJ1ODZQWAdj89KhMclCnClPD042CVfrkUemSb1fx5qB1R0J5tlg9cDO15pm8_-T94hkzhLKeoKzwKXwT3UFoMbGoO3ZKr5tMFPuzC2TPMw-mwjUBQoSleOH9xknuHxS8-kCNiA0duzZUK--KijLBZO9_dFamGCKsG80VKug123K0cPrarlfEIdJ8M2X9dCsFGC95yzMLp-lTZhWOlAZo054DR01LptBPfxHVwBTLsYc6-deGxKJR3nlydDyWK5MUHrYIcsIJtSwJql_qniAAspvlyW_HiX8VAeEVkVPuemtcyyCWVfUDev04SKsouLUPJKqh7DevjhvTZgZVeLLmuhL234qbbv7bUn-lurIRq9TNUNlYafObfYyrUufuiKtubeog-K-jQw984mapNq1g0NEYM5xALZWC2JF6Mq_GHTUZjKpXkqrWf3_H0HhymvL75eXDwo7jmOTmeYrPqqjmJVdkJ4PK2hd9tLU318HiNBWeygBfRLgwA6Adepq-6vf-MpQrdvnvpoEx0XcGWSUc8KbmkKvE-7zfKDyjiN26k_jv9ONOc4c73Lp7AnZWvkJT1r2Eo2APmxHo8KYYRYipxiQFzBisDcJNNufdr9dw1qjdjzaCQY6UBwh-3ke0VOzRsmwb4CF4dRl05NP1rpEOHNnlrAjV2fmxcZHamFtjSeBa_J8FCUscj48Mdi4qG00snprgV-ozsCwWTUw2cD_Pq3Z-Rf8XYnUOkT66xo8vLk9U0CF4Mia2_ogkTc1dJHpXBwaGzoUcAey6pcHs3nRY4nvrC1TJle6h12iuzlsVvxkXtCMTHRHwlYU0k0A53LUFX3f1ngVK7-IWqa8aUAXwZBblHj3t7oBqr-7WJfdRqZp3qGvZKSv5wM3rF0ykmTgMcJKYWCzY0uCrk60JXgCKiKkwRutHfrpdW6SP6Js6kxEJIQ-vnYTxGvBVvqtuqRUA1Sod7IwU7Qu9Vmfu_J7PDkeL6iIOOP5BIAcep3MqEjOV_H7-C6XTh5iyezoHfB8U0Cb4jG1A-S9dailkHAkJvykCvSCx-RzcgDey6IQmbVo4zJumZC1t1-_RlqA-eNiSXMKqqvo6jg9IwEwGx5osNuhhqA1UpQwVZXl87Ey2-U468UMc2V0o4etDICNymdaJ24RZijYnNnNA1u9NTHmCREJcroYjAkkGt1-NnHHVnmMakcVsC1Ukyp2tK8isTuYXdth-5RllTaB-m5Oj2kw6Lj-wYFZEI3EkLEdGQb3sb4HGmjq16RjVAjPsmj2So-sGm0t_yTHBTnuMXw10xwRNsf6lXomGE7w90cm_Ip2advJG2WqDL4ECNSb22hwG6FRocTTrnqqzhqSYPqd-v2WaZP7wlSrb2DAZc_FoP5MRO7pLmsU3owyx-3R0pZzKDu94zxn88UGWjZC3lXDF-sQk-7MhquIWIVXMOMsDBLHZGlQNDCN6AJP5gB_nfgyoBWcnOq82trkClapeIA90dzX1fa0ubGkbQ1mwADbLn2GClp5Cmw6Mlrn-5wvaGeGii2tqOwV1a_5OvzjbfKZf6uckoI6BAtlscFdmtlQs1KjNShZQHO1aa30cwHE4TD0IwNJipef061LscsgnMCMdGdkhk66QM-PxNoFJhqcnNjeKiHdBkE_hhCqjsMFH8Z2BoAFScMiy0kpZKO0D-DTV-l2LhytYFRCMeM-fI3XSzJPZYBDqBsxB6MaFid0TbXyhh-vrU84a4HRlj4dV_62U5pFU9pmuhzCVQGXKu2noPpe0hcZQIiTZigLeQAa8PaMeZw_7QbfgiiUieukkhKMzYSXXeqL3tsFTww6n-YKJ98dDA2I8Iax3zDUFqtggo9uK5AIOET3SJ2pgmG-2DMSVxw2Pj3i3yUHAZj3gnx-yW8m6oVqA0dhXNpr8ev_qzS_U_CCSxmQft7E_0BhWHr0TqRIcZeLO9-xIm9HzSNMqTru0m0_P01Y-AHBmWq2L7qNqefjiwLe40Zo7L12QYM9_H1DMZO62Ow&pr=9%3AAAABjPmjiimpvABySD9y9YKeodmBM6qJ6-YbyQ&cid=CAQSMgAvHhf_nUHtcaDKaqKrilWjz4GasmNZrdAxpabW8FfrwjhTKpHBNTbVLrTkKn5KxtTsGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ds=l&xdt=0&iif=1&cor=17985484038588266000&adk=3450003662&idt=73&cac=0&dtd=63
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
61eba80821f78e3b99d39db643133072ed51bb328772a5e52a8a3c0533f80962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22577
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B6F1
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MjQzYWIyNzYtNWFlNC00ZmUyLWFiMTQtNDRkNGExMzQ4NDky
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MjQzYWIyNzYtNWFlNC00ZmUyLWFiMTQtNDRkNGExMzQ4NDky
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGNKfuIMCMAE&v=APEucNXKqT3GYq3IWKrt5RSo3PtSV4xtylcMtId4ZGJBt2nV-IN5jhnp3fYphJBDZfNzYG8C-G7d5v051K7hozcFGCLmd-E7wA
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=MjQzYWIyNzYtNWFlNC00ZmUyLWFiMTQtNDRkNGExMzQ4NDky
Date
Thu, 11 Jan 2024 17:48:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame B6F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNNjpJ_jZBfg7sEsMv5IcQ&google_cver=1
43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNNjpJ_jZBfg7sEsMv5IcQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGNKfuIMCMAE&v=APEucNXKqT3GYq3IWKrt5RSo3PtSV4xtylcMtId4ZGJBt2nV-IN5jhnp3fYphJBDZfNzYG8C-G7d5v051K7hozcFGCLmd-E7wA
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNNjpJ_jZBfg7sEsMv5IcQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame B6F1 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-6DhDAur8BGNKfuIMCMAE&v=APEucNXKqT3GYq3IWKrt5RSo3PtSV4xtylcMtId4ZGJBt2nV-IN5jhnp3fYphJBDZfNzYG8C-G7d5v051K7hozcFGCLmd-E7wA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 776E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6696132800004&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 776E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6696132800004&version=m202309260101&ct=76&x=13&cor=16915215473285110000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 776E 		19 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3O9kAex0ozXoCkNe2SzLPJBC2T-Es34_yMT8jxQuAeK8y1PUfEqD4BpBjru7zlG2Nocmwb5XGn5rIovxm6LaXcNLur833_5bRZ_AhhoBAFpA0iAYSpATn9uaiyNa3pNSFcD0g_KBewlvvR-iON_FbN-zzZiwldjdsTppp8w_GJKn6gQA&cry=1&dbm_d=AKAmf-B54v7nD_s05zOWl4ZUm9rODrBR-F5FSeFzFRVs68cd4uGotg9qCeC89FC4x2tCfbIx-4JwcCOeAtW7KTG2hK1yFmIjGgbpKv7Ws7ukjjD2k-i41yIOREMC9-zUmJrT-QzE36_D2LdVRUM5VJJBDQMWJ3NMO6AMVAAj-a_o5BOmgiZ6R5PCcC3fxhec0lMKA1smOnyD8wvbUVKzNRdO0l0y74Q5gjGjHWYRvKGguu_TjW9q1ynk4iSC8nYws1Ci6O5PWmqXgQ-nJZXOvOASkNF5dXplJDkuGHiAoQCajzUiNkdm68iz_oGkL3G2Klx_U-gvGbCC6eZO8b16B3wrg6rA7lBqfD3k3qUZSygl_qHkTRkjtcsq4Rreof4XpCWWKj_mLbDE0Qmz36DoP2dE7OBBrXKf4UW45G0QtBjzYIu6F8lUwYWsg8sf-53OXTJmgpMUC6FhR--XS9m8PXaLvCUMiaVsdUlmYczuo25tWjKZbLpAgw8evDAc-RhdU1P8SZ-eyaOJUNPnNz_8szWxEENFgm61XIkTgmg9hdVe_eTZ2XH0rWWCxdYID9CnvcIP12VKXgcqN2Fn7cOlUGixY0Zdk35NBE8GzQ5AwkscEGUc6Dp_h5SmYp5C2eCe3ywc1uJ0WHspWRyfIK9gVqPRv7b3F78zd_vsa8uUkr4zWKLx0G47grDcLXKdZKXjMruSab65vV-LnY_h-Fx_KyBC0ByF4yQJuwmpqwRZWh7QReqbQW6bGtAUPCB_z5MVOGf01B8reYaNieV9dxkHC1SHVnxzGfrZLPac6gWlbgqHzidWNHdzHtajeM4aU-IBfoOi-nnOjTF6oYtffii_e0RRvXPq0FmplT86vSR6VB2Nn1Bp4M938BtYl8fGnLzS02xPXZOIjcCF6eZlPp57mZdcRE_PTY4bflNK2M5JBpkewNha_QuDOFMydGC_XxKblgP9My13drkuWfmOnflEaBMpplvPOVH_4-4lBCH_Ni97CFsWZ2z8uSrwKTbDtQL5A5uMR3Tafp8IEE53p9X7FVljM-hf8tsVkWY1Cqn5uSfPLC6zn9PPmK-hWJJqfOfeV9GTqFhfCIZ45itjtJYSZbsp1QyfYM5TCoqLuF_jI0P4Gm3KKqdsC_Th2qnaJ4iZV3gW-RC7hbfAy8qKSgYCXsl0z_i3MA3bHnJh0Zec8ScTqELSzJmp6884WDs3_ygyrc-AKzs_1KvCSZBpKDV20u5s0lv68YXY1vSUIUgETkV7M2AI701-pCMDK-mEo_ERzR5_dwBlFbQhSxmE3Sw7-AFH0u_oRp5OOUbLQ9mZQAFp2CbahKL6xJXrC2L5jLF6rCKDni-JZszuCZ1Ula4cIph2g8tuGvA0Q_yk41b-L76M9BLpUu6ZMUHrfJhin67oBww7Mrn_2DLmtn-PtC5ormzA2zktshXUnMI9EWae8pQ4zAcf21ZZAP3gicZmVUvbWNWzudefnpWYDr_lc6tYOihhhyW4vOvrUSb2RA9AV-zLAgNmoT6LmZJM2ua5M_xlPexRhv_IhEFLNyEmHLqIyGWCg6AK_atDefIG-2hfCDeWTp7scSLaayHPh8JXzja96His5Qkm6pHQ1Vn-AWpvMw_tu_XDnKQUXEaWhkmgxNZjqliOpQVSQp5vJEijc2Is2a5Iy2X-zWW0xBaNthr5VFwAqUuu2a7_x8eWdBuDucB7ND0Xvuvbb85uBNXEE458JRr54OaviDglS45RVtOuWpPE58pS5yhfClThsq4x47PduYd12arXgiupjsZNv-Nu7IBjEn28iBz6Oyy516xMqSsKFZMtwDdOu6prfDVdO3i3ZDFZi8rgLNAwgIc37qY_KJFdYbpHOfsY24kkWOvP7Q2B1-lufQb-mfObTqeYQE6NGgaDRrQEtw37_V0zTU1Z9sR6ZTeik_-jm37LDd9Za9AVRB7e9Lzbu2Ry1uQ2jBsQxYaBiNFPjSQeNApNr70SJZR01G93IoielNct388zn18_snGr2o-K3ipismzmBXnfcrMZ_qeABOOfsd7um2-WQtW9Z0s8u5txMFv0UqI9F9K_qsYdIkb3u5p99anhaRw_Lu4TNE8CN4D6ilKm3yrzGu5Ncf4AsUdOXATkIzN0u3VkN4yS8QrNmoQ9SWafuEuOBOg_fKDswrDBR21iIJwyTnH5vHcWnTY-QckZb3JrAFj1WVgjIPdRgacmBBf0utje31q__BEKzOWhVljs88ZFhPBrrXPosoSrdnZmRtKuMI_MV955GJDruruQEMYMHNSI2yCdQNqHxrIYobRpOr0_Hlx2D4V-E94_-sub7dW7oDNu9GkGaTbiItocSGlUgODd-QKvVNZZfXhFB4ktqmlAGjfUsQ3HxbmTONyju3sZQxYsLMfAx3HA0Pf7iR5xTz_d_ug9MULigiWNBAHthSiERQXVR7s1-dHRjdMR63w6FN0wNhaQPzXNf_zyWD3HuF_e1JTCLhhq_8TfSEWYjl1oQHw191bRMzqsJ0yGiBYhS-NN5jg2Tre037jpVgLzl-0mQbsxe5UzZFho2xMo5TYHZoYHAZQhkK1rIB6Q84Ga7YLeEug4fM86QcPoNTRJ35pc0ews5OnOPD6L9JURzWfmiOfapZLzx30HjhMRxRvGB5bsO0wwadyFEYzNAiAmUqvlDnfmqXuwsrYLwe2THyb1pdo10Zg4a0TNT5tBasmKP9ciJkcO2hh1BbqT9rBEJ6KufTW0x5Jao-HOGuUm-ziNtidpn1IS_pKCfbUqwLP-hzwlz3ILCokK0fGktprzJUUY99n9h9q6xcIXyJ9i72DYJ6zEW273w1LQM3RIIBxOYEO9jNdWrBMPgk9jF0eqkSp8VlsieLkB8atCGX1nVjrvxKIuUTuEUXVE9wnHBZDLtZTys_PBtU-9mI_uui1ouLVQzsdwKZ4GBWqbUSOc2ZIKqrDHfD3K44y4N5bi6Nm7MYsmmErHq20oYNeNkngU_SqujiP9-IEMPyCjtjDVBEhDnnTt7mvnglFpOXB-3zk8PRz-aSVAiitZ4XTNi-0CbzXzIrbEdrB-HlDirEs0ZFG-07MhVMO53Se87AqNLL8K-kuwq_-tpargGyrlIjdXzROeT_42CU6h_zaXllep3j_CxayNKjAqcErjnnxmJJ-W8F4-4TJjCLMLwnQxx2f_QUtKZIwBvNwSQbKnydVv4mii04gjfl67VazS_zGZ5IYNFonkZniWAXwG97dVhzuPdrVrqFVqXHoff7vJRjZKjIkqDYES_RSeW_1pIyCIKtHEKMoRywXXGSejdPeFdyMY6dMsy_tw4j8sZ8TrWCiHoGrPz0BlG02kuNng&pr=13%3AZaAp3QAAAABOcdu0D7EHk-TElzddT5AqQXqPCA&cid=CAQSMgAvHhf__bmls4gj7KG3hq6FX-0m13pIZm67K-YOnHwSekI18o0bcECP-D4xhTdRg4RlGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ds=l&xdt=0&iif=1&cor=16915215473285110000&adk=787121071&idt=93&cac=0&dtd=4
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
0a91868f91f3e2a76cb683429b4832c8c06846f2bfc9ac692dd42a71bf81f5af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13864
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E43B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBsRWS2IHHICAATG2OnATmY&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBsRWS2IHHICAATG2OnATmY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRC-4HEY7dHM-AEwAQ&v=APEucNWkO8yQu8ZI8gXULC3o7j719SuLeeABnOjAvNJgN5XpYUuGqYMOYJdJFILYka5tWPNTzePn6hGx7KUCKHtPlWqU2qI91Q
Protocol
H2
Server
104.96.165.48 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-165-48.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 11 Jan 2024 17:48:15 GMT
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBsRWS2IHHICAATG2OnATmY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E43B
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjY5ZWUzODktMjViYi00NzkxLWEzMDctNzE2YzY2MjlmZDI4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjY5ZWUzODktMjViYi00NzkxLWEzMDctNzE2YzY2MjlmZDI4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRC-4HEY7dHM-AEwAQ&v=APEucNWkO8yQu8ZI8gXULC3o7j719SuLeeABnOjAvNJgN5XpYUuGqYMOYJdJFILYka5tWPNTzePn6hGx7KUCKHtPlWqU2qI91Q
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjY5ZWUzODktMjViYi00NzkxLWEzMDctNzE2YzY2MjlmZDI4
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 11 Jan 2024 17:48:15 GMT
sync
partners.tremorhub.com/ Frame E43B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEIBh2a2itntPTMo8d1K11bc&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEIBh2a2itntPTMo8d1K11bc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPiUcRC-4HEY7dHM-AEwAQ&v=APEucNWkO8yQu8ZI8gXULC3o7j719SuLeeABnOjAvNJgN5XpYUuGqYMOYJdJFILYka5tWPNTzePn6hGx7KUCKHtPlWqU2qI91Q
Protocol
H2
Server
3.81.176.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-81-176-252.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 11 Jan 2024 17:48:15 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEIBh2a2itntPTMo8d1K11bc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame 8C44 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 02:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 02:40:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8101 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3312430027958&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8101 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3312430027958&version=m202309260101&ct=77&x=6&cor=2720070938298451000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8101 		39 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0Jo9ROc5AOnXtPeqMTEtn_EIiGKUG1C_69142vV2GQsGNGw3zvtD_jERQ2Ll7pV0iG7WwZmlS7wLbpEkrG06F4QLVBOWJo2nBHV59a4YOpjOUy9JvSb1vPQu9ZZ5pjNiQT9k-KmrHCYmmU7rEfyur8-j50kIIl5XkMreC1f7IVBF5RVA&dbm_d=AKAmf-B4KFOAfSI2BRZdPRRy05SgxJNCbKZ_m0-UhEyboFQdimyMxhMU1ncULufWeXEmKJT1Fdsn1nihD_x-NaQFQ9vXgYoz_zYo4Tp6-jPoGhFKhzDO2cIO9qenB-h9g36AX_NAL-_uGRhNpnYelg8RhpZdbLmHu2RxKCUI7FGPHbgftnPOhfrw2PB_lEE0rW3XywjFPYJGdTyLMWnxDRLfFRnzffgcprWWMJdqDv4cWvICiW4PbJQLRdUQX7Ao0AJFrq5bZLG644K-6iyj9usbY4FaYjYdxMPxG95f_2IY6waIkuajX23vbqcRLPMndOZd_bd_cGYqWOe3gtTBaQa-Dlg2mLR8E1scwVSPDSIL5W0Qwg8jzAuoatmGz2CdUydFQmZAaDGrLnEP1ROXlaonC1UFm9fKhyb4-gDD1z1mu-uTBL7r6gtYQeH8-sQV5UxJTk3pHgO7aybD9ccRJfNPY4e79FEXuK0O7lqEtK-DCRGICWjPd3xM8JEkJXa_nUDj4POEIYrAFyw3yQU86N8SgO48DqHfkuRQPH35boQh53kSuX5pW1Cfd0qkjHNggFe7cCp0D2DLy_WzbgBi3CMfbQ4-NJxM4DkOfA9qFHDP1FTQRu_OXunjLlGu5I48RoNr__QiGkej2zifRuh5k4WrsWlh8Grd9uetqNG4FsOZ7RuFj1OIsyOgbEfszODYXRNUuEIGjo85hVMb8E6X-UWyk0nGq6pZ2u4XNN8F2wjgaiHak-WQ7GayMXWrrNdDvXXpTARrUMqTrf_OlzSRn0bNDachAuMhkNfLn0XKMv5w8GtMt4hd4mhuvOJeV8LBBl7nOB-dmNHqYQiK9BUTLOyaoFl0RLaOug-ilxnhA_Ur1tTZXmqsWPmr0z35PHEFur9MKZVxvQ1J37LJ-sEnalUIhTTng4rX5WNUnu549vdyF8h2Kavu_hXsLGofFQ4Bexwq9DxHKE0MaA_CjEsNsKgEyb7T11XdHGunHnZoRwQQ_jtEF82LDDvkcsxXe5QhLZQHk_47-LqmB9dvdq_gA2mbB0Bb7JXXz8_EpeMy9rLZXuTIZ8mhfJCdEZkohlmaa8DxRrfeiKEPqSJnCbwD8FO823KIs36X-8mkbvTOKNe25e4JEdj8T7ee3ygY1K1GL1wu_JBexclOZs2yXwOkYR_6REplDNEKh-EzDhogs-QV9w2k3ARPG4HNPvH5Tm3qagjGHpQrL8sKmHzsv1WIuDRLnZ2I2zgKaHKMqsV2AJVPIalZYCj82dohCTOHpIZU-_g1juk8y0OMw4vAfZILn__WHSb37jN6yyOPtKRipgsqQFtjXGtnyOYh4rMv3-O1Xxx1vb8H16YernZ-NMKk2xoVX2CtOkHfPjUkOHy1SM_Y7YsMfUQnkj3TfcwtbvKyOdKTCMxz8bUevQuUCbM2CbB27KXV7vCeeAfHwemmS-bg_uzJPqTvkc1r3JOZw6OdqcmCf4zec9hExSWkRkhTTwPtZXdQxB_fihGOyYf-zn5PhpGc0Zl0UNXHArOVI4dHHt3agZI-KGZKWyCEQMpeUaU3OPWsItXvi2MDOUlOWUjFpwPJeFYuesXVVPH7MedffMelDJ6ynETYGWm29k43TX_D_p-53NGh5adThFcHaQj_LLp83Nn3tVqCGX3pRJRjNs3FuHqEG1e7AZkljDSwtytdBWAICYXFAU2MkthhugRI67ZclzTnL66lctOuqVfLxJqXpp_MtOjYPvZUYSdiHbBKN0fb3bWscMHN6iMoF2VlhlfnI22fInQtBZpmSh0dYKja8u4hVIRph2QMtfcnZoYoIuE4Zxt_K-KKX-jNW2R9nUnmolXQuKiwp6RJojbpyhOm8nAwArDyp3Xb8OyV7LwG2QyYYwccD6ZYK6acZ_7q4NYnG5yzRFuGPl0KDpG13974RGEDJV1XR_i_QQL6oEprkc8OzGiG43OEluFKqAAaPom4RBaaWTd2bN2ajWcE4sbuSuQRaXD8hVI96s0hNRk6NX1ILl4lTaZ4jEkV3oQ0NP0dpit7D-J5BIFL5h84kK8C1SY0c0k7n3vsNMtYjHNZPT0H8YKUq8s8VrN2lMrzWeX2UvwhQFYreftMqUOT0UrgPaZZluZef1RQZ8b7lh4nUphMPV3n2Vl8VFnMIQlVxlzfFi0CFJnk5D7hGAoAv1iAbdFFm2F4OazALE32QM3zqzuSwM-e31TDE4FBd0yAPciQDFMkb_F_M-WQuRiuEyRwErU1OppPaCEPMHRXyAK7exkZxPj_wkJfWcD4AIjQuuugyG0aLtUNNmfgRI6CGVAIipDt2TC41x8JtU1n9Yvu00-jJgXIMYInM_bBKbOqad5ef0MxApt88FR4KG8B0H8fyipJ6lKEX78PHLFBxlKj_5psWkVQz4rb0KqSaeo8oN7o-zhJSPpoqNcMz5MKPjJKiLO4UfwPydYYX2cfX_rWofEWaSlBh1TuS7NZtQgGw-tYby5ZYtcMR7EU55wEdTTc_utVR16BcZztgPOOyeZrvWzE_lu8HCqfMGfaXpfuxsfXRWkeepWYpeQbWnDB1YLPHkLN32PW_g28PE60sl7GnjC0FC_C_hfUxCXruKKGx7JqgcMQLW_aSTeY6R9Rt9FV6wJ2gFzQUKhd-ja0NMiNf3gaNIZHretGEc1_fdW8wzp9IQLSlzhF1nATW4f-f9mV_1mAvdM7LCCBXSejSt2nRTM64pqiUj5MXQT5u04ZbVqACp9vOqD36Laecal-8y_yX9gNWd1JlmPoz5ApcWc7Lt98Brm7uhPIuVDQjsNNq9iIypGE9BLE3lmxf2pCPVuGyeESLygVfplT9XDOr02ktuyIsN11OqODVzQggbN0JfsdQHXM9adIAK769WyGfFgt4mRIqhUBHtHRVMqAE2lC1ZO0ZPKi24LEcbi12ZGOge-njfcBzNQ820CsXrtOtFkcpU_uuW8TdsOt1uAO4jNwlSq-9s56FC2bczUHciYrFPCpoVvbnBgztlzAkIwXg9lPFx47IhsbusqJ2zFSBJM3nzI30xkFakLvnt0JgBd_7g1gPTqCHst1P50iyQE4NtiGU65cmvuktaP63ks9QAasF_TJnvuaFzA7bkpFS0fQ76xmBNBL0HX0ivUMn1XXGxSy78NYNNnXHuEhSfd7f4a67u6n-wpAo30h59FFQ8yAn6XSff7__doihu0XqC5qRKv_SneQeKiVgboiDlmcG8impePeHSHeuM-cXxBqTHcCD3ak3sJD-p0yfQI0KhMStAw39MMvKGHQS9hFN25Yp37W7bCYg_i49o6Kb6JWMs0-AqGVPu-vcDMciIcbJkH3nTHTSD5Ppcqj2LXNdhs1Njp0W4Yykz2CLk3PYY9gQM3yRpGRJLMd9yeW_CQGF_X5NWWLT89x7U6HThDr9OjrgmMArvm0gj9o1qjvwE294YpstBCVjgG0f7iP7CzP1JQQAKAqaAhWNGotDzO0vxxz5SqAHsl-E2gGxA23n6Xa8OsQTqYxWAVFVEBcZfEp4C0FlvcyDXKK8acdNV3hsDN9WKP_W1nJitfGa4Rtm1Lwht9sJSCsWqN_vUCXoNeZZJaIEe1Wq5J6SDoOO6L5mtifWCGfae2UOeE5oG5F3h56ym9tGbQ_KEH2mMwXPChqT7GUKHCCFr8mNE3M_vhJCc0Oj3Y4JCStYVmks5Wk6W-nlw6MpdrSvPAEpulQ-KSjgoSqvAuRjAcR4hxsGQhWsSa4wdESF1CkVuVjmGgjJ1iW3LmyCjAVjTGRWGOa_DWfu55nSkltwPTS26KUkRVMVUwveY5FU_t1u3nVraAT_pfRCDmbjoxoAiaESWemMXotjIDyX7Q-Z7KEkzGAz1I-2RT2DZ-_1dJnEyCI5vxulbcEbOYJj4agmk0moTD4pvPGn8LzbaN13T8VUyBuvz0FS3pC2Gv4t9zydkO5AqCmiTdE5cNFxWjYhkSULmmL5tuerYi5W2XqQ0lcXkXYRWDxRsavCcdGXYiX53eSca05MnlpZeSEQQnuljI7Ad3U-jQ8OFC7bWqW7pZULYuqh-gGFni-Yy9AgHcgUEdhbMslKmxJ65jqmi6NrvP8FYGlS7Peuv3U7bzFGjmO0LWliT4gML2ej0XfwQ8wnR_uAX_t5jLSVPyiQqR3zOvN9MogQJikNxXE3vSil3bARnBYmSy1M6Hcvj_0-r-8EzDf0VJe2XvVgb1P3XneaYQUwJOntWHepVVeex7NRnI3yo0IpjwjlZgmb4sSsRweOBIJIifnA2O8p_0_9uJFpQSf6agL7ivXGBk6pJChzqnqE2-g5aTaKGpbNh0YHwb9yDoNMdEzibRf9-lvrkG71IPUex_h91EnT3WW7HsVzq_exeSWPX0H1-CWx4coGvgHPZsm8i3gY9Pe6p1bs5y_5ZkYfgcu_bMTfWB07eht9NE1uzw1-NLXsVqeC96Kg5dQLC7-FCEdLa5fyYN9H5-iY6PZ7nbZM4IgDHpWVpY1dyBqDCoV87qsEpQ_KVt7FsRdKRtDo7vNTh1Lp9-82PZz4ogA92SUN-8wqFiCcoVE5G5ywNyz_gNPszFWgDzmRCWvOfpdvACV5cgnuBwxEhub3DI8m3xkz4EDOfYPXpgIznxRIFPxBonoZircX51ID4z076y4q8Q5m04BQngl4NKyNFFFOVExL9okNNZX2k-yaLj8nS_ChIt3Hy4Bc-A9sEFg-M7P2CwxkkLPWBz9Olpjjnb0pUCcSkbLGIa7EorMhVvz9XCBVmXllw9KQ__v92WJdgTsXX0HrbelEOuAQLTWMyr7uRCdqU7BpZPAlqeY8R0yTHzbESzGv7GT1WoLas391Ik7s4VNeefm8d5AKH5lgpANG6Y_usZDTTnqsNCZsdY-LBmtLXOuy29Sx5_1LWY10-wHGR6iNChkm5cVYghxDfnZUyqlmnX1NilL6QUrXst1juZny33kFoy1rnl9-_p5ZvUrChbYerEQzTTZqyUfVimn9vdYkwBSCT8Iqdo6nNxG_K3TD3s_SfbwerkolYBext9lAXqOdh2OwN728GtsUt9VKPqmshCGZ__hylBnzWv2HBMhZtmJz9dm7ZkPKsJnavbyQs-nd7XAtyqFsS0QDKqSKA1iokcXgmxsOgDV7Birejbvdnk2z6xeLXI1hzevkUwJBiSz7PDPBDZ7m9Lfmhi26fuOkGJQltFTsUShORCz8E5BPMSWkBNgMFtUhqfKyqR1_AGz9iTtqC5EADLQJ8XlY0aV4dwEo7uSnEpKfOAllyiQ3_FsP9G7FfV-NXO1P7B5Eh51sOvyfa3VCOHR6E2Cm1TS0BZrzbbHVYJaZ2FqxFVYQL6lI9pdzqnZgbdivBQ9KPMqIGmv1nGyoPO4PFM6RGhD4nIf1E1KIl_8lRbPd8TD3wC_n4SzqLU7ueEuWpnj4lQRn6LWw-N_Yzo3woWlBRsWWKOaIYeSyf15toflrBonIglKzoyJePIDouqpsXOpQkAR9vO376A0oHc7hAfaTMY&pr=6%3A2.638118&cid=CAQSMgAvHhf_r7SU7ISj1ThMvtUe_Ir6-DLOlGkjgVN5WXUtHYB2CPTQohdhhZPq_49vM61cGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ds=l&xdt=0&iif=1&cor=2720070938298451000&adk=3432401326&idt=88&cac=0&dtd=3
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e597828cfb639e9d02ef8a6f7ee3ff32c0322805d22d0b9367a8340b64d33855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22209
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 092B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7124662190177&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 092B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7124662190177&version=m202309260101&ct=76&x=1&cor=2827914423068538000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 092B 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcBzU-UTnPvE1cR-vEa1aGbfv9hdMMJ0hXVJEK40E61qZ5XM2P9ZxM-6taLZvOa7DuMItXbK4WV59b9Z14Rw3-MEKZhb5UpY_osEw8ba8L40EbU052fHDQup_6MbX42NlUeTa9uUG0GPgY-0_tnaHcgT48SQXKKoFFk90aHUmp70W8qdk&cry=1&dbm_d=AKAmf-BrjU_0ICYZr3Pd-YnwdZTo2hqxo33S7fmp346rVpkp1AopBHs-_MODhftejkHXxOmFsIhcVPP28bLDnyRnX61zxl8h6Q4BEX0hWOD6P2zrRHmUh3usQFnX4cTsTII1afpmc2nMPG-KJfQqB1nmoi01AjFDCsfpGeQD2OpZkLRmMy_-9CTlSpmXyuIwJ4nRcFPxbeCawFMsCf7BhPnBEEN_QEKHXSkqOqyRW5EHCBL2We2iiq_4FaJ6wYdJqwTGWiv3UArGGzFeya4gi7gVyc4xvaLqjvfvv6O-uEszlWfY9I8SAwhrMXri-0WLq9hmSrPh3b9FzilareQ3UV-fhBChpOH6r3uW3VPRUQ_vpjxZdrUZLBJLZWrcTbNPk9Munnt_3axTCW6YxR8yy5CmnTUGsCGNga9akgfThYWzAC9cHTgsIuDojBZF_VzCYWt99HBSQEHvZ4nBJ8qJwTY4_7IVqC44iTtB3twuSJCF9pfX4AoVR6C4TY_ZQpifbBMQHaXnB7vW9QehIIkOysNMzZuUhZWJcBc8kaNRKFDBDmXXcemuygnfKw1xeqNuSnHsbLNdwjHrfHTFZaVM7ULbX7ua_zxW5vE1kRRcnx2cfwiUJlZ3U7btbcNID14k9GDiw5FVzdYxd4sm4xxH8x8RCdqlRnXMV92ffqXExCbQPF0EEBrylX-NNWqT_lNNzvcg1vGcYYbh5Z_pKwwb4vzad1Oft2NaQ1PZhCFI9Zs14W8e9jkrEdAWkd6NnnXw9jU49JymV9Rzugf32bX1U82lFYBLzLa0CD5M3BkJzPIsgYiXfKm0GsU-Vzmyf8qsvxT_xewM6KSHMJEq4uIAYqsLWW0BAZ0eB_W0SaJjlZt9he8j9-Isu916xJO1WcDukeInkTMe4_cXLJKgoWNhU5ZvBulNXCOJRTa9pNOYqca_PaspbH6LpuFMhnmN0vEKYjkNaVOrpVMu8nO6ep6x7uxKSF8Fun6KGOn7wUEzwUJSR35kL1Km0sHJrLu4BI0fHIztdPWvVH88cJKyCaiMqketxYfGiswfOZmzPlWh1oi5gp289n_KMbz1NVQZQuhYWec1JzTNeZ6ia_vDnomZvRU6jNhPkInL7pK3cqOxR8T-j9R7TDFdLf-d_ygoKoBfGQ4laf2w0VILpbb-zM37y-rrB1QFz4jZDEoQB_FHoiMk4cpbrrXrEQvVBdVNDl4D1s4wrxJ3RkD3lOayuyrhSfT_qvBtnb_-mlDrmlGM9l4HG4JGv03aIH5AQroa-yPVi6h51gTRoHuWzSmui5ywqqbcYeH7NG6HvYCP9TQfuXBM7KdZsie8YJYvnERCxOjvzG4jVYs6iKGiWG20udnyQQVnYoCCVLt9mtYWVhET9NtxSsg0dpk4AJRS0qyDqpG7k77pFPaTDKIeKe5Cn1y4OjzTyvzPTYruYqBc_HU75IWj1lPX1yGLJGL-K3vIFWdbva7cMPlh56iJr1uVa5u892H7udGB5fcnE_W576E-nTpaKiDzJ95mmHf1AR4H8DByshv3x7gfcSDNTJLPoMAYfcbdMAJTPZEBBwO4c3d2WYauUxPb9Ry6_OXzb0zUeeLnUmiER-Wy12ggSLtdJqe3by6a2ioPBE0Ldax52_BlMSVmvmwAgQMAzo0N3oPjJSffMOIGyC1phe_qOYc2QvDwiS0OTcEJqUAVdQXu6mS3QTAhUMVOwbEMgbY0KQSsKZp3w7IQmLjCiAj8dP1lOUOlGcl8kQBL7aPgzgX_ONXUhkhUsAu16iK_iCgaAJMZBbT8UMNofUf68XJh1RyzbRev7kP9L0-PRUNmw88eYUHXVzn8diBzTdrz9px_-QTsVt6enAe6zXKZOPybqqngMszaqZvBly3o4rzujHGTL6oKSbE9f8d283jGnpb1cJjNNt4zfplZRwbmHnwyuRCO0nUEB7fERXP_SqECIuYhkmpzuDx0LC3CJPVBfpYxRy7JHkJ2XI0wj3iQStGY-qzc9_0hbXJltdRsiRnRNjcCuYnurEW334qGXSYQVfECSbdww93BSO6LRXuFSvJeW-aFSf5Qr-I8bx_w4gSio48GchyNlgUtjIy-ikfvPbfnWgBxLWXYGRt7V_rHHSgO67Ia-_PluiuaSnuMBZzCZWN43ZmqcaFg_2boFvV2ekEYNcl0Fo4ykjXoJ5t2nLwz9xzQ6Ho2s7NDxKbP9bb1zswLu1Mt7-rY72s24gKemht9Thq03tCc-l3amF2FAUdi3yZ2tVsAiYuk86w3f7YnG8lDJ5RUHVgIbmIY_Mf7VtQCpYMs3Ri42OTa7owNHVjvXCCLbr457YaYgL_UbGfupqTpbeoDLgw686UVmOxqEhvTuC0RK06pi0qjSM1FztBmv7g_mklIzeMt8YWCGckBcGxu86ZSXhY3ZuF5Xe6Rd9fQsdEvAGgnUym-XeM2_6j8NtthEVMiZXIqG10xSW-0nAQBDf4zmbdS6dkWf0Zt0bz3P-aX1yHrutthIyYZpy7NwV0LqN8wFY8uzywVbx4B4NnZu8qIjtMgqOYio8q66b1CpcY_V_IWkp7VIbJ4ac88NLJ0PxL7D0ZM4opXQDcOsB_trNG_cB5n1IySuOM55GiyleRjzEahCZbS6PggmtF85BLAILRP3bTyXOkh24yJFaJSWa9TszdE7EGoxJg7zQ-kiDCtXcXVLBhsXaPzT_CsrimnPPdxu3hpqLbbgkQt9na2Jkulb4H-eqLYeJ8splLxFFd-N42QlpkOw2Q7Nxw4QRziIwe0vNaDOc_YCoB8Dp3ZHicSTcgp4uuR8WbBr_JmgwNk3w67WasY5mTmGNycox5VVp3RtvpgK_MwAhyAYMh0008f3pFivqPOR2d9a9wVdFLzDp1E3UINxMc80nS0IORxdonp1K3_zR3SYIbWInnniv-aTO_lUKjWPRwgTj3kMVek6Ts5XVWUfAcyGLTrahyHgM1mUydo0jMlO107UZ_HPgPanuzhHKPtASM1BViDQ8tywZLOq86H6IrEooUNUELrEyO7pTRWknYFEf1TkbfBkRGoGKHJj9WmJe1IVERBQE2J4CnU-RMqbt0-13khy2nd0VLwusF3cTbpYRnsDVp8IVEqK-U2my-Qv4Px8WVos7pBTP1uctu1l0r6FZ1Q9cEaRR1dt9PUwEjQT9eeVWHgWmNlskxWs4PcCEIrFTc0Sbw-Q3EdpMHj1HfRVhqj81Kbq9J8gtIVguqzg3eTW6rEh0SCid4eyvxao9hBlVpFWSxkLXOjlgqDnUZAPbPcE0of3R3tIFi3P5JEc_rfeLrpi2ZA04StdqmqUoIXoLqOUxW-faMH6eqw7ZkSY7MG4TJp2x1GKf1hRwThKrjqaXMv9L8WjLrgHVDsvMbRdEc7GVQuYvCf2LIk7ImEX5kD0F0vz2EmqqqJW0BkM1jNP4xShvSMZ3bqrwsM9ZiDvdCSQPjEfsm2sypdUIMxKtk3T5uVHNXZ_V_PtOUzkqmBD1ec105-3kNdkEaPy1GCejpxXialbZ_XgofdzGOBxNfaahmqmMqqgmilll25SYSojf_WAfhU43efrCd2SMk6zLdduycUPnIlsVWhg2u4sWAOZ3YcdHxSm85bpTkFNTUODg4dcQ3s-nemg8EKK1z-y_Sebm64gUjU-j9BijADCnE1fKF2z4VJOB8FFROkQsNQgA&cid=CAQSPAAvHhf_vFYDf53vwlFxspz1XsSskK8ONeg8rfI4IrP9zMjucBPkD33oXAF1kdhiMv5YvR0KRqJsH__KfhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&ds=l&xdt=1&iif=1&cor=2827914423068538000&adk=3037181501&idt=91&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ec28ff9286afef04d31857735b4766fa760103e95cd7e61d95c7aab2a8f23416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12378
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuP...
ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/ Frame 19EC 		67 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
a3f96325e633a8322f21f3186dd49c7ed2a6e6b14bf4726df988606f4ba984a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
31040
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E76C 		1 KB
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3326
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 16:52:49 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 16:52:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8C44 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc230f841c13475a013be8a664ae91d156f8c6feebe2c05d24ac47235bdf5a7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 9B18 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:13:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
84888
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:13:27 GMT
img;adv=11167212900636;ec=11167214155259;adv.a=6492373;c.a=30790706;s.a=6555772;p.a=385367412;a.a=576121694;cache=770723588;
ad.atdmt.com/i/ Frame 9B18 		0
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9B18 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
180087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 15:46:48 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk5NTI5NTEzMzM5NAogIHNlcnZlcl9pcDogMTgwOTIwMDg3CiAgcHJvY2Vzc19pZDogMjA5NzI4ODc5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MjI3NTAy...
ad.doubleclick.net/ddm/activity/ Frame 9B18 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk5NTI5NTEzMzM5NAogIHNlcnZlcl9pcDogMTgwOTIwMDg3CiAgcHJvY2Vzc19pZDogMjA5NzI4ODc5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MjI3NTAyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9ibW8uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDE1CmV2ZW50X2ltcHJlc3Npb25faWQ6IDY2NDg4NTE0MzIyNTA2NDU5NDIKZGVidWdfa2V5OiA0MzkyMTE4MTQyMDI0OTQ4MjM3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQyMjc1MDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODUzNjc0MTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMxMzY4MzIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA3MDgxOTQ3OTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NDQwODUxMTYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYm1vLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Jtb2ludmVzdG9ybGluZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x21fca00d5f0c7ab40000000000000000","13":"0xf0a2e6d547650ab20000000000000000","14":"0xb3cd5c1022b4ef230000000000000000","15":"0xa171b595e7f8a9110000000000000000"},"debug_key":"4392118142024948237","debug_reporting":true,"destination":"https://bmo.com","event_report_window":"345600","expiry":"1296000","filter_data":{"14":[],"21":[],"8":["4227502"]},"priority":"0","source_event_id":"6648851432250645942"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wt
polarcdn-engine.com/ Frame 9B18 		0
0
514feb494cd645919de70c0b26822d2b
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.bleepingcomputer.com/creative/ Frame 9B18 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.bleepingcomputer.com/creative/514feb494cd645919de70c0b26822d2b
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.127.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8badb6a34d7b32d59231c6a23a584483d95d98472466fc64187f0930d25d3797

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:18 GMT
content-encoding
gzip
server
cloudflare
etag
W/"4cbb87f8f83ca771cd53a475ab77141b"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-country
CA
access-control-expose-headers
X-Country, CF-Ray
cache-control
max-age=900
timing-allow-origin
*
cf-ray
843efd68da8236fa-YYZ
B30790706.385367412;dc_pre=CJz9sbfy1YMDFWEoiAkdtnEIrQ;dc_trk_aid=576121694;dc_trk_cid=202444796;ord=1704995293671772;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;lt...
ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/ Frame 9B18
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385367412;dc_trk_aid=576121694;dc_trk_cid=202444796;ord=1704995293671772;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385367412;dc_pre=CJz9sbfy1YMDFWEoiAkdtnEIrQ;dc_trk_aid=576121694;dc_trk_cid=202444796;ord=1704995293671772;dc_lat=;dc_rdid=...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385367412;dc_pre=CJz9sbfy1YMDFWEoiAkdtnEIrQ;dc_trk_aid=576121694;dc_trk_cid=202444796;ord=1704995293671772;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529532644752
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385367412;dc_pre=CJz9sbfy1YMDFWEoiAkdtnEIrQ;dc_trk_aid=576121694;dc_trk_cid=202444796;ord=1704995293671772;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529532644752
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
us-u.openx.net/w/1.0/ Frame 7A69 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=21f03281-5b83-4670-a0e0-dc15f7542014
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 11 Jan 2024 17:48:17 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 776E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
180087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 15:46:48 GMT
dvbs_src_internal125.js
cdn.doubleverify.com/ Frame 776E 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-74.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:15 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Dec 2023 15:12:36 GMT
Server
UploadServer
ETag
"8188d451e0a669939fa9ed400c00d127"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19695
Expires
Fri, 10 Jan 2025 17:48:15 GMT
setuid
s2s.t13.io/ Frame 5A57 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=H-YMjTZH1GTxRA4NTu6VhOUq&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
merge
ce.lijit.com/ Frame 5A57
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LR9I6E4X-N-5Z4I&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LR9I6E4X-N-5Z4I&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LR9I6E4X-N-5Z4I&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
69db7c5e2f600e97f8860add7135fe1e
Expires
0
merge
ce.lijit.com/ Frame 5A57
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H-YMjTZH1GTxRA4NTu6VhOUq&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:cc55153a871c385da363984f8a60da22
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:cc55153a871c385da363984f8a60da22
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 11 Jan 2024 17:48:18 GMT
server
Aorta/20240110.a47e9006f
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:cc55153a871c385da363984f8a60da22
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
295b3205e33b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 5A57
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU93a389850d0f496d8f8bd1d1fc25d9e5&gdpr=0&gdpr_consent=&pid=103
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU93a389850d0f496d8f8bd1d1fc25d9e5&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:15 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU93a389850d0f496d8f8bd1d1fc25d9e5&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 5A57
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SC1ZTWpUWkgxR1R4UkE0TlR1NlZoT1Vx&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 07:26:26 GMT
x-content-type-options
nosniff
age
37309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 07:26:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 5A57
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LR9I6E2J-1H-345A&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR9I6E2J-1H-345A&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:15 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR9I6E2J-1H-345A&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
merge
ce.lijit.com/ Frame 5A57
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=tCO3G7AvsxqvJrVJ5CD7GLQltUivI-Ab4CGQL32S
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=tCO3G7AvsxqvJrVJ5CD7GLQltUivI-Ab4CGQL32S
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=tCO3G7AvsxqvJrVJ5CD7GLQltUivI-Ab4CGQL32S
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
6c4db297715e8da5dd48a587027b226d.gif
cs.iqzone.com/ Frame 5A57
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=0b0d3463-e0c3-50be-9a86-96445368d063&redir=[RED]
0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=0b0d3463-e0c3-50be-9a86-96445368d063&redir=[RED]
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:31 GMT
Server
nginx

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:23 GMT
Server
nginx
Location
https://cs.iqzone.com/6c4db297715e8da5dd48a587027b226d.gif?puid=0b0d3463-e0c3-50be-9a86-96445368d063&redir=[RED]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5A57 		0
0
17219958792518593099
s0.2mdn.net/simgad/ Frame 19EC 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17219958792518593099
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
17947283bf668871c43b0b11443e540a4b4900e522766496777dedd5255900c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 12:14:14 GMT
date
Wed, 10 Jan 2024 12:14:14 GMT
x-content-type-options
nosniff
age
106441
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90121
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 23:15:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/xfa/ Frame 19EC 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:05:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
67361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4124
x-xss-protection
0
server
cafe
etag
9042593224187393105
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:05:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 19EC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 04:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
47569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 04:35:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9B18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswJjdLjWXDJClr8Z-d2zDaBMh4U4LYoAhgoZDULTO9zTYCM-icgoQhRsvDSZsd2njWyOcAz3v788kc_ypxj6Ui7opDs_CTym_CjSf2K_-lz-EzAmBrFXVxxEBoHk978Vg9VxacBlUA94HuDCHFiwGGeAMfTr1iY-opz5LY1m3CEVRffFW1E5Jh7R_M8mKj1DnbgqE1ZPNh2B8om5JyosUK9kkOZQqMonFM2SQqqa0CvkGsQ50Lq5ZN0bnpYH_L23YtrgMt7qmRJG1pbGe1q31qlGIMPVxJjIv3OoBUQxovyXdrE9GuspuEa09Vihbqm2Euegx0P0-yVkkc4vYRZ-Ai9zv90B-DqNH3SP3BSyp8PfnIKwiblLLs0vzEW92pzB1sWQFnnXnn-xuZkIn6mcy6InftY_mMRnh1uigvugcHCfOQqPTvFg&sai=AMfl-YTC8fdGCLW72a6Ir31obi5416RECuiPh39J7L6Do4aY8UhoDWtr1GQ5KRz0hQ2BiHYTqEMPfv-fDDc87ZynYMeu3RrfnW0HLtWulDF5JlJlcUrRyV9BUo7ragYMiBk&sig=Cg0ArKJSzHYspLLg7zNSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 776E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzdtS5k7muR2RQPZRyfo2lo8040tB6f18QGgadFMu397s6z95KXMl5MS5mCsgxmzTDdlsUf9Z5zTwhSI3rEn9g93hTtNUtrvLNPQHM027Xehv2uELBhkJAQHL9_bFRL_a1Ten5kJkUJND2MQ9IJseR0b2ViVEvUxAGQ3WCb6DfRj5j-DD3gxhXVHV3r5gJC-9sQjpOwNm8_Qfmmf0XQHwE4ys5DqGIStzVmf9zpgtbEYAsR60L-Wa9uhImqs8q8rLEE6xDijGbn-dhldEyZWcS5sDC0eve-ohmG70EqRqjuupWucLdSpK4e1FFAn0GiAfCPZ2a3O3zt8I4OmjOpqbEnPSX8Wfsy7y--105GjLuQrr3l1e3jD7DCMKbIAe2e4Rjx3nMWOJkRVxYCeqpxqOOpQst1w_bJuBdzmKVY8nAUMFYo2w3vQ&sai=AMfl-YS7wx_sdFD0blB1mrpiM4YBoKi7_ynSk3E7TMZbJzP8qBk8ooD_E2hsDk5cbrttnMfnrgIAaZaNXCZXoSyAvw1x1eZmydRnru6csiUT6_tZ7PShbrsItaBBkkWKhis&sig=Cg0ArKJSzNwdn9T_XxmFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:15 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B1B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122248
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 11 Jan 2024 17:48:15 GMT
expires
Sat, 13 Jan 2024 03:45:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D72C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122248
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 11 Jan 2024 17:48:15 GMT
expires
Sat, 13 Jan 2024 03:45:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 8101 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:13:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
84888
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:13:27 GMT
img;adv=11167212900636;ec=11167214155259;adv.a=6492373;c.a=30790706;s.a=6555772;p.a=385096202;a.a=576121697;cache=2721232515;
ad.atdmt.com/i/ Frame 8101 		0
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8101 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
180087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 15:46:48 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk5NTI5NTE4OTA4MAogIHNlcnZlcl9pcDogMTQxMDM3MDM5CiAgcHJvY2Vzc19pZDogNTAzNDU4NTg0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDQyMjc1MDIK...
ad.doubleclick.net/ddm/activity/ Frame 8101 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk5NTI5NTE4OTA4MAogIHNlcnZlcl9pcDogMTQxMDM3MDM5CiAgcHJvY2Vzc19pZDogNTAzNDU4NTg0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDQyMjc1MDIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Jtby5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMTUKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTM0MzYxMzcyMDc2NDUwNDk0MzQKZGVidWdfa2V5OiAxMjIwMTU4Nzk4NTQwMDI3MTA1NwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMTEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MjI3NTAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg1MDk2MjAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMTM2ODMyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzA0NDExODI5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTQ0MDgzOTIyCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Jtby5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9ibW9pbnZlc3RvcmxpbmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x21fca00d5f0c7ab40000000000000000","13":"0xf0a2e6d547650ab20000000000000000","14":"0x16e2d530417c8dfc0000000000000000","15":"0x6d584f3e38cc737d0000000000000000"},"debug_key":"12201587985400271057","debug_reporting":true,"destination":"https://bmo.com","event_report_window":"345600","expiry":"1296000","filter_data":{"14":[],"21":[],"8":["4227502"]},"priority":"0","source_event_id":"13436137207645049434"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wt
polarcdn-engine.com/ Frame 8101 		0
0
908eed724b1449b1b2f1b945d02abdd1
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.bleepingcomputer.com/creative/ Frame 8101 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/www.bleepingcomputer.com/creative/908eed724b1449b1b2f1b945d02abdd1
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.127.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe2a39ade2a09afd73d8dce25248e2fe1f31e3abea133fb17f7e3bc163f5f18

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:18 GMT
content-encoding
gzip
server
cloudflare
etag
W/"0245fde674bf25d208dbc7546c91fef4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-country
CA
access-control-expose-headers
X-Country, CF-Ray
cache-control
max-age=900
timing-allow-origin
*
cf-ray
843efd68da8536fa-YYZ
B30790706.385096202;dc_pre=CNq5xbfy1YMDFaksiAkd1DoEJw;dc_trk_aid=576121697;dc_trk_cid=202444796;ord=1704995293635543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd...
ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/ Frame 8101
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385096202;dc_trk_aid=576121697;dc_trk_cid=202444796;ord=1704995293635543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385096202;dc_pre=CNq5xbfy1YMDFaksiAkd1DoEJw;dc_trk_aid=576121697;dc_trk_cid=202444796;ord=1704995293635543;dc_lat=;dc_rdid=...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385096202;dc_pre=CNq5xbfy1YMDFaksiAkd1DoEJw;dc_trk_aid=576121697;dc_trk_cid=202444796;ord=1704995293635543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529565080752
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9322.3848558MATTERKIND/B30790706.385096202;dc_pre=CNq5xbfy1YMDFaksiAkd1DoEJw;dc_trk_aid=576121697;dc_trk_cid=202444796;ord=1704995293635543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&mvord=170499529565080752
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7C76 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=113344
content-encoding
gzip
content-length
14529
content-type
text/html
date
Thu, 11 Jan 2024 17:48:15 GMT
expires
Sat, 13 Jan 2024 01:17:19 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame AE0C 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=4682884&imprId=10D0B30C-72B6-4342-9B02-78993E4D3D47&cksum=C429AD2B2C0A6E69&adType=10&adServerId=243&kefact=1.866201&kaxefact=1.866201&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1704995293&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=2.638118&dcId=2&tldId=0&passback=0&svr=BIDNYC30592TD&adsver=_2517529617&adsabzcid=3&cls=BID&i0=0x3100000000000000&ekefact=3SmgZZBLCwCxw0arQ9KrDaLlGiNX8zhQiEIXpxSElDX_99x3&ekaxefact=3SmgZahLCwAZWBTcz_UYMmr-DlmHMAbeC2GMXh4R5ANOR4ZH&ekpbmtpfact=3SmgZb9LCwBSvqKO0R1UkRGDK0ROx57Dne4ZvgKOvjwqDA6L&enpp=3SmgZedLCwDHiJU1bMkXZuHrlGupBjfx_5ZzuBdxxT6x34aI&pfi=1&domId=7543222089094626466&dc=NYC3&pubBuyId=2626&crID=544083922&lpu=bmo.com&ucrid=1137787727744961165&wAdType=10&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=236831&wDspId=80&wbId=1&wrId=0&wAdvID=7510&wDspCampId=20704411829&isRTB=1&rtbId=8A4D284D-0945-49D0-ADEA-AAD175FE9B0DB&pmr_m=3SmgZQhMCwC71CQiCiWveIbsCrIg7ZkInj5onsiflSXjDGSW&mdsp=3SmgZR1MCwAysfqE1R7KNXpk4zUbHIlPfPMiRKmT82G9akGw&ver=16&dateHr=2024011117&usrgen=0&usryob=0&layeringebl=1&oid=10D0B30C-72B6-4342-9B02-78993E4D3D47&country=CA&cntryId=40&domain=bleepingcomputer.com&sec=1&pAuSt=3&wops=0&sURL=bleepingcomputer.com&BrID=5
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 17:48:30 GMT
expires
0
pragma
no-cache
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8101 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:15 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 092B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcBzU-UTnPvE1cR-vEa1aGbfv9hdMMJ0hXVJEK40E61qZ5XM2P9ZxM-6taLZvOa7DuMItXbK4WV59b9Z14Rw3-MEKZhb5UpY_osEw8ba8L40EbU052fHDQup_6MbX42NlUeTa9uUG0GPgY-0_tnaHcgT48SQXKKoFFk90aHUmp70W8qdk&cry=1&dbm_d=AKAmf-BrjU_0ICYZr3Pd-YnwdZTo2hqxo33S7fmp346rVpkp1AopBHs-_MODhftejkHXxOmFsIhcVPP28bLDnyRnX61zxl8h6Q4BEX0hWOD6P2zrRHmUh3usQFnX4cTsTII1afpmc2nMPG-KJfQqB1nmoi01AjFDCsfpGeQD2OpZkLRmMy_-9CTlSpmXyuIwJ4nRcFPxbeCawFMsCf7BhPnBEEN_QEKHXSkqOqyRW5EHCBL2We2iiq_4FaJ6wYdJqwTGWiv3UArGGzFeya4gi7gVyc4xvaLqjvfvv6O-uEszlWfY9I8SAwhrMXri-0WLq9hmSrPh3b9FzilareQ3UV-fhBChpOH6r3uW3VPRUQ_vpjxZdrUZLBJLZWrcTbNPk9Munnt_3axTCW6YxR8yy5CmnTUGsCGNga9akgfThYWzAC9cHTgsIuDojBZF_VzCYWt99HBSQEHvZ4nBJ8qJwTY4_7IVqC44iTtB3twuSJCF9pfX4AoVR6C4TY_ZQpifbBMQHaXnB7vW9QehIIkOysNMzZuUhZWJcBc8kaNRKFDBDmXXcemuygnfKw1xeqNuSnHsbLNdwjHrfHTFZaVM7ULbX7ua_zxW5vE1kRRcnx2cfwiUJlZ3U7btbcNID14k9GDiw5FVzdYxd4sm4xxH8x8RCdqlRnXMV92ffqXExCbQPF0EEBrylX-NNWqT_lNNzvcg1vGcYYbh5Z_pKwwb4vzad1Oft2NaQ1PZhCFI9Zs14W8e9jkrEdAWkd6NnnXw9jU49JymV9Rzugf32bX1U82lFYBLzLa0CD5M3BkJzPIsgYiXfKm0GsU-Vzmyf8qsvxT_xewM6KSHMJEq4uIAYqsLWW0BAZ0eB_W0SaJjlZt9he8j9-Isu916xJO1WcDukeInkTMe4_cXLJKgoWNhU5ZvBulNXCOJRTa9pNOYqca_PaspbH6LpuFMhnmN0vEKYjkNaVOrpVMu8nO6ep6x7uxKSF8Fun6KGOn7wUEzwUJSR35kL1Km0sHJrLu4BI0fHIztdPWvVH88cJKyCaiMqketxYfGiswfOZmzPlWh1oi5gp289n_KMbz1NVQZQuhYWec1JzTNeZ6ia_vDnomZvRU6jNhPkInL7pK3cqOxR8T-j9R7TDFdLf-d_ygoKoBfGQ4laf2w0VILpbb-zM37y-rrB1QFz4jZDEoQB_FHoiMk4cpbrrXrEQvVBdVNDl4D1s4wrxJ3RkD3lOayuyrhSfT_qvBtnb_-mlDrmlGM9l4HG4JGv03aIH5AQroa-yPVi6h51gTRoHuWzSmui5ywqqbcYeH7NG6HvYCP9TQfuXBM7KdZsie8YJYvnERCxOjvzG4jVYs6iKGiWG20udnyQQVnYoCCVLt9mtYWVhET9NtxSsg0dpk4AJRS0qyDqpG7k77pFPaTDKIeKe5Cn1y4OjzTyvzPTYruYqBc_HU75IWj1lPX1yGLJGL-K3vIFWdbva7cMPlh56iJr1uVa5u892H7udGB5fcnE_W576E-nTpaKiDzJ95mmHf1AR4H8DByshv3x7gfcSDNTJLPoMAYfcbdMAJTPZEBBwO4c3d2WYauUxPb9Ry6_OXzb0zUeeLnUmiER-Wy12ggSLtdJqe3by6a2ioPBE0Ldax52_BlMSVmvmwAgQMAzo0N3oPjJSffMOIGyC1phe_qOYc2QvDwiS0OTcEJqUAVdQXu6mS3QTAhUMVOwbEMgbY0KQSsKZp3w7IQmLjCiAj8dP1lOUOlGcl8kQBL7aPgzgX_ONXUhkhUsAu16iK_iCgaAJMZBbT8UMNofUf68XJh1RyzbRev7kP9L0-PRUNmw88eYUHXVzn8diBzTdrz9px_-QTsVt6enAe6zXKZOPybqqngMszaqZvBly3o4rzujHGTL6oKSbE9f8d283jGnpb1cJjNNt4zfplZRwbmHnwyuRCO0nUEB7fERXP_SqECIuYhkmpzuDx0LC3CJPVBfpYxRy7JHkJ2XI0wj3iQStGY-qzc9_0hbXJltdRsiRnRNjcCuYnurEW334qGXSYQVfECSbdww93BSO6LRXuFSvJeW-aFSf5Qr-I8bx_w4gSio48GchyNlgUtjIy-ikfvPbfnWgBxLWXYGRt7V_rHHSgO67Ia-_PluiuaSnuMBZzCZWN43ZmqcaFg_2boFvV2ekEYNcl0Fo4ykjXoJ5t2nLwz9xzQ6Ho2s7NDxKbP9bb1zswLu1Mt7-rY72s24gKemht9Thq03tCc-l3amF2FAUdi3yZ2tVsAiYuk86w3f7YnG8lDJ5RUHVgIbmIY_Mf7VtQCpYMs3Ri42OTa7owNHVjvXCCLbr457YaYgL_UbGfupqTpbeoDLgw686UVmOxqEhvTuC0RK06pi0qjSM1FztBmv7g_mklIzeMt8YWCGckBcGxu86ZSXhY3ZuF5Xe6Rd9fQsdEvAGgnUym-XeM2_6j8NtthEVMiZXIqG10xSW-0nAQBDf4zmbdS6dkWf0Zt0bz3P-aX1yHrutthIyYZpy7NwV0LqN8wFY8uzywVbx4B4NnZu8qIjtMgqOYio8q66b1CpcY_V_IWkp7VIbJ4ac88NLJ0PxL7D0ZM4opXQDcOsB_trNG_cB5n1IySuOM55GiyleRjzEahCZbS6PggmtF85BLAILRP3bTyXOkh24yJFaJSWa9TszdE7EGoxJg7zQ-kiDCtXcXVLBhsXaPzT_CsrimnPPdxu3hpqLbbgkQt9na2Jkulb4H-eqLYeJ8splLxFFd-N42QlpkOw2Q7Nxw4QRziIwe0vNaDOc_YCoB8Dp3ZHicSTcgp4uuR8WbBr_JmgwNk3w67WasY5mTmGNycox5VVp3RtvpgK_MwAhyAYMh0008f3pFivqPOR2d9a9wVdFLzDp1E3UINxMc80nS0IORxdonp1K3_zR3SYIbWInnniv-aTO_lUKjWPRwgTj3kMVek6Ts5XVWUfAcyGLTrahyHgM1mUydo0jMlO107UZ_HPgPanuzhHKPtASM1BViDQ8tywZLOq86H6IrEooUNUELrEyO7pTRWknYFEf1TkbfBkRGoGKHJj9WmJe1IVERBQE2J4CnU-RMqbt0-13khy2nd0VLwusF3cTbpYRnsDVp8IVEqK-U2my-Qv4Px8WVos7pBTP1uctu1l0r6FZ1Q9cEaRR1dt9PUwEjQT9eeVWHgWmNlskxWs4PcCEIrFTc0Sbw-Q3EdpMHj1HfRVhqj81Kbq9J8gtIVguqzg3eTW6rEh0SCid4eyvxao9hBlVpFWSxkLXOjlgqDnUZAPbPcE0of3R3tIFi3P5JEc_rfeLrpi2ZA04StdqmqUoIXoLqOUxW-faMH6eqw7ZkSY7MG4TJp2x1GKf1hRwThKrjqaXMv9L8WjLrgHVDsvMbRdEc7GVQuYvCf2LIk7ImEX5kD0F0vz2EmqqqJW0BkM1jNP4xShvSMZ3bqrwsM9ZiDvdCSQPjEfsm2sypdUIMxKtk3T5uVHNXZ_V_PtOUzkqmBD1ec105-3kNdkEaPy1GCejpxXialbZ_XgofdzGOBxNfaahmqmMqqgmilll25SYSojf_WAfhU43efrCd2SMk6zLdduycUPnIlsVWhg2u4sWAOZ3YcdHxSm85bpTkFNTUODg4dcQ3s-nemg8EKK1z-y_Sebm64gUjU-j9BijADCnE1fKF2z4VJOB8FFROkQsNQgA&cid=CAQSPAAvHhf_vFYDf53vwlFxspz1XsSskK8ONeg8rfI4IrP9zMjucBPkD33oXAF1kdhiMv5YvR0KRqJsH__KfhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&ds=l&xdt=1&iif=1&cor=2827914423068538000&adk=3037181501&idt=91&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
180087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 15:46:48 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:15 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
setuid
s2s.t13.io/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f...
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEF7sqqnn7qb8OH3EekL&gdpr=&gdpr_consent=&us_privacy=
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEF7sqqnn7qb8OH3EekL&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=VEF7sqqnn7qb8OH3EekL&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 19EC 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 19EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2IOak1w51XqJaTBD0vPb4KPwGoXGy9VQoFhmkZcTQowLjiSUq6YSKxu3Izq2KlQd7z9tPlQRZ7FcjOo7wrmbwbZlsBgEMcgyyEJ2gH0TtLkPlbG3uHCWO4Wsuo-eAJIYCJjVKOHfb1kH6pphVmTMr53yu0sbhYCEwQRCuerM4OB5O3aPElA&sai=AMfl-YRsgTYyawGTK0NDQ4HS7jxoeAVbi5FSx7uIzwwbTWodKmfXzBvJpSNFf_RE5H5hPds1KW7HeTgaOpbslZBZ1xKvcKD6RHw4Ufe3NQ&sig=Cg0ArKJSzAvsNtVmCBNqEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.09625&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 19EC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
180087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 15:46:48 GMT
json
gum.criteo.com/sid/ Frame 		0
0
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
726148273317d2080c2bd42b2a0742ac83df6bcdd5fc96e2c0e6e3a8a31a0444

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 10 Feb 2024 17:48:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8101 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviRCyauxqimeg69-r8pOrjv7mKS4cWn3-ZBHcmne2TIQZ7Hq5s0FC0UrEg4cTdwMhnhhbThe5UJ3aRJ9e05hihuqDdrGCUEuEKZv62YCsLYcgW_KoMA_5I9umJQEQfKS7xKBsV3qbGkMP9tAnjEVKOWVERNuFACLNszd31EigF0sL46rfW5aJj1ViR49RhmGfTj2C60Z8YXdaayQc_gcNuFh9YVg2AjGSWBTmJ6u9BwONcOxQYwObNkaz08-acOhiIOsTfu53tyr2ZPn7m6vUFpbzdb7IkImQmzervV8LTtNQyiLmIlPt5wc4l9VVBcn-NkwkJOcDYvQKbWgpszN6TOyjHYhhPsmyw9bAyjEE6nZOA-2emT1ogs38uygM17vIx24sRBHAru4xlGiDe2lgH_7oCnr2n5UPbe_LP6cSY0E7q0MGiXA&sai=AMfl-YQz3fI1KHTyTsCXErquS7LdTtwSjC6m_AfWNO21sfrDA2_yplJ-7ODaRdy7ZluzFCy0D75hJy0hT7X1lxJma2GeENciIVAnR_h14B4lAYlswfUr1t06R5tDNXEOHcA&sig=Cg0ArKJSzKFiLQ-r0gR7EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:15 GMT
dvbs_src_internal125.js
cdn.doubleverify.com/ Frame 092B 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11556288&cmp=30582322&plc=377163690&sid=6008794&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-74.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:15 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Dec 2023 15:12:36 GMT
Server
UploadServer
ETag
"8188d451e0a669939fa9ed400c00d127"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19695
Expires
Fri, 10 Jan 2025 17:48:15 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E76C 		0
0
pixel
cm.g.doubleclick.net/ Frame E76C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESENzDJlrtAJP3OXAJWsckZn8&google_cver=1&google_push=AXcoOmSqDAZDOOcDgWKU0KJxrpcojlgghzBROLgXAULK7q9DafLwgtn9rjY-IY7dsp7_Qdj-9wD-veapwyuHvye56499QW-_VNg
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=875782531506&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=875782531506&us_privacy=1---
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=875782531506&us_privacy=1---
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E76C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTULEH4uWUI9UEqxwy4P...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTULEH4uWUI9UEqxwy4PqwwFWBhX-l13Nk085NXEl8M8VJyJmH3Bt54DBFygs9fLY2j43sbIYKmvw86X9GTsRgLXtsW06k&google_hm=BczKVi9MlUtgr3tw7O7Kt8A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTULEH4uWUI9UEqxwy4PqwwFWBhX-l13Nk085NXEl8M8VJyJmH3Bt54DBFygs9fLY2j43sbIYKmvw86X9GTsRgLXtsW06k&google_hm=BczKVi9MlUtgr3tw7O7Kt8A
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTULEH4uWUI9UEqxwy4PqwwFWBhX-l13Nk085NXEl8M8VJyJmH3Bt54DBFygs9fLY2j43sbIYKmvw86X9GTsRgLXtsW06k&google_hm=BczKVi9MlUtgr3tw7O7Kt8A
date
Thu, 11 Jan 2024 17:48:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXccca562f4c954b60af7b70eceecab7c0005
content-type
text/html
sync
rtb2-useast.e-volution.ai/ Frame E76C 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECG8CPmATAwAWhc3K6dcFHM&google_cver=1&google_push=AXcoOmRLpIA9h1uGIV7he4sk5g-V9g5JPMFI6rAefiQUqJQYZpz8Yog8iR31eZmRi2L28l4FgrST6W-42y1MKx4gfXv3xGEqu2oE
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:17 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
sync
rtb.mfadsrvr.com/ul_cb/ Frame E76C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAKukKfouTcwqKLqrvouAPs&google_cver=1&google_push=AXcoOmQhfK6nBRVARKKTePRBljIe2LENa93A-I0Oa4ftddKHnChYEQy8NjrgeYEyjMl7Jcwoj4DQ...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAKukKfouTcwqKLqrvouAPs&google_cver=1&google_push=AXcoOmQhfK6nBRVARKKTePRBljIe2LENa93A-I0Oa4ftddKHnChYEQy8NjrgeYEyjMl7Jc...
0
0
pixel
cm.g.doubleclick.net/ Frame E76C
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEMvSg0VQhvgDHajGkTMgMg8&google_cver=1&google_push=AXcoOmQLOJVfENazkkiqbceuWbAn1ZSliwZYhCW4EOabUXMfi_b8gkRG7CI2PIMslM...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQLOJVfENazkkiqbceuWbAn1ZSliwZYhCW4EOabUXMfi_b8gkRG7CI2PIMslMqEFubvUWcawmqyx0Pw2whm_neYwafFtKBD&google_hm=hH3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQLOJVfENazkkiqbceuWbAn1ZSliwZYhCW4EOabUXMfi_b8gkRG7CI2PIMslMqEFubvUWcawmqyx0Pw2whm_neYwafFtKBD&google_hm=hH3pZJUCRzCHRy1rBOYaSp0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQLOJVfENazkkiqbceuWbAn1ZSliwZYhCW4EOabUXMfi_b8gkRG7CI2PIMslMqEFubvUWcawmqyx0Pw2whm_neYwafFtKBD&google_hm=hH3pZJUCRzCHRy1rBOYaSp0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E76C
Redirect Chain
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEOE-lOLxPOo_2cx5pRnKoeQ&google_cver=1&google_push=AXcoOmSJKop1jLIEa5WMg9LOMAe2Dgh-7_yBxDYIbmVY6emlYTdrUiH2pbof0d8ISxK0V4K-N_N_o3feRGx74vawLh9khv...
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSJKop1jLIEa5WMg9LOMAe2Dgh-7_yBxDYIbmVY6emlYTdrUiH2pbof0d8ISxK0V4K-N_N_o3feRGx74vawLh9khvjDMaAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSJKop1jLIEa5WMg9LOMAe2Dgh-7_yBxDYIbmVY6emlYTdrUiH2pbof0d8ISxK0V4K-N_N_o3feRGx74vawLh9khvjDMaAz
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 11 Jan 2024 17:48:18 GMT
strict-transport-security
max-age=2592000
server
nginx
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language
en-CA
location
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSJKop1jLIEa5WMg9LOMAe2Dgh-7_yBxDYIbmVY6emlYTdrUiH2pbof0d8ISxK0V4K-N_N_o3feRGx74vawLh9khvjDMaAz
x-yak-request-id
1704995298955-05f8389e4d7f64920f1e127c1ae7a77e
yak-timeinfo
1704995298955|2
cip
86.48.15.157
alt-svc
h3=":443"; ma=604800
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E76C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkgP9r12Ge6pshhwLBzBEJIjrBoU4mXOEQlsKOKwuDiCnZ-3dYvfzaSI3oqC1xGqDN0voP0HeYVQ
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
verify.js
rtb0.doubleverify.com/ Frame 776E 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_55379009006&jsTagObjCallback=__tagObject_callback_55379009006&num=6&ctx=11556288&cmp=30567958&plc=376571972&sid=2742014&advid=&adsrv=&unit=300x600&isdvvid=&uid=55379009006&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=2&m1=13&noc=4&fcifrms=18&brh=2&fwc=0&fcl=585&flt=0&fec=893&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=172&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTau%3AG2%3FE%3A%5CH2C%3FD%5C%407%5C4%40%3F%3F64E%5CD64FC6%5CK6C%40%5C52JD%5C6IA%3D%40%3AE65%5C%3A%3F%5C2EE24%3CDTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3EU42%3FFC%3D9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTau%3AG2%3FE%3A%5CH2C%3FD%5C%407%5C4%40%3F%3F64E%5CD64FC6%5CK6C%40%5C52JD%5C6IA%3D%40%3AE65%5C%3A%3F%5C2EE24%3CDTau&dvp_exetime=8.70&callbackName=__verify_callback_55379009006
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
4905cbb3e5593e9fa5a750b9994681fc9077bd3dc1d3fae4d19db282ceeecf6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:16 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/10/2024 17:48:16
hadron.json
id.hadron.ad.gt/v1/ 		113 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0267f39be7f6a52b8dbcb124970751d6f4806009ccf837cfa1e52422952e0bec

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
843efd57ad8c3972-YYZ
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
843efd576d223972-YYZ
content-length
0
content-type
application/json
date
Thu, 11 Jan 2024 17:48:15 GMT
debug
OPTIONS block
expires
Fri, 10 Jan 2025 17:48:15 GMT
server
cloudflare
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AFE1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
34528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 08:12:47 GMT
expires
Fri, 10 Jan 2025 08:12:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 19EC 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
035d5c057e1d42850d93c9727c2dc5bddaef0799a7b04018d68a7af2691703a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5908
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9936 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
34528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 08:12:47 GMT
expires
Fri, 10 Jan 2025 08:12:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8101 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0d523bcc6d601a62421c4ca9d6f59b9d8a864436968106f6c5c2a9e22bd8a8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 19EC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2IOak1w51XqJaTBD0vPb4KPwGoXGy9VQoFhmkZcTQowLjiSUq6YSKxu3Izq2KlQd7z9tPlQRZ7FcjOo7wrmbwbZlsBgEMcgyyEJ2gH0TtLkPlbG3uHCWO4Wsuo-eAJIYCJjVKOHfb1kH6pphVmTMr53yu0sbhYCEwQRCuerM4OB5O3aPElA&sai=AMfl-YRsgTYyawGTK0NDQ4HS7jxoeAVbi5FSx7uIzwwbTWodKmfXzBvJpSNFf_RE5H5hPds1KW7HeTgaOpbslZBZ1xKvcKD6RHw4Ufe3NQ&sig=Cg0ArKJSzAvsNtVmCBNqEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=263&vt=11&dtpt=261&dett=2&cstd=0&cisv=r20240109.09625&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N718679.3159GOOGLE/B29069693.376025832;dc_ver=99.292;sz=970x90;u_sd=1;dc_adk=1526426640;ord=p5ahhp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCBXYX3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEtANP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFNButT96QUTJnaxL-slWdr92IuQzdYXoSD15Iut5SOmDySmz_doIdfQb8GRwSwAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtPa7tvLVgwPyCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgOYCwHICwGADAGiDAgqBgoErLqxAtoMEAoKENDSxvj3g-STfRICAQOqDQJDQcgNAeINEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQH4FgGAFwE%26ase%3D2%26gclid%3DEAIaIQobChMI89i9tvLVgwMVGyaKAx2arAMzEAEYASAAEgL7UvD_BwE%26num%3D1%26cid%3DCAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB%26sig%3DAOD64_1hgxfOFRUqlRUcHaadMhM_w7Fa6Q%26client%3Dca-pub-3605257360853185%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=e_*h(SP3BH;stc=1;chaa=1;sttr=56;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:15 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F618 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
34528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 08:12:47 GMT
expires
Fri, 10 Jan 2025 08:12:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 898B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
34529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 08:12:47 GMT
expires
Fri, 10 Jan 2025 08:12:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame 092B 		442 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_584326408206&jsTagObjCallback=__tagObject_callback_584326408206&num=6&ctx=11556288&cmp=30582322&plc=377163690&sid=6008794&advid=&adsrv=&unit=728x90&isdvvid=&uid=584326408206&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=120&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=172&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTau_d%60g55%604e2_eea2c6hdad%60c3e3__dgh5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=11.80&callbackName=__verify_callback_584326408206
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
f3561f99ff8037cc787cc4236b681e72caf6487f87ec92d78a4c576df1b49368

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:16 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/10/2024 17:48:16
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1A44 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
34529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 08:12:47 GMT
expires
Fri, 10 Jan 2025 08:12:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
474
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
675b6d11fa6a048205913ccaa002e67e6ed208cec5b060bc69cb99b74ddf11a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 17:46:41 GMT
server
cloudflare
age
111
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
843efdbd5a18a202-YYZ
usync.js
eus.rubiconproject.com/ Frame 154A 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74298
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:34 GMT
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame AFE1 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:50:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
165488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 19:50:08 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 9936 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:28:00 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame F618 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:28:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6D81 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74298
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 19EC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Jan 2024 17:48:16 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8C44 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcmQW3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEsQNP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFdhmM3V8b7zvc1UsrHiR8K_uus4jUT2LBzeo5W1DwFUzqycJZfzkj7O52wAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQq6YU0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli09ru28tWDA_IIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAaIMCCoGCgSsurEC2gwQCgoQ0NLG-PeD5JN9EgIBA-INEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQGAFwGyFx4KHAgAEhRwdWItODA2MTk0NjQxMzUzNzk4NBi6yBc&sigh=WrRZVFRcQJA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB&cbvp=2&vis=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 11 Jan 2024 17:48:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcmQW3SmgZbP2G5vMqMwPmtmOmAPl6OyZdbSk54uLEq-BuuPXAhABINrXxTlg_aCZgegDoAHS-MviA8gBCeACAKgDAcgDAqoEsQNP0DCFhzPgfvuzWKRf5htxmtJKRBovCy-cug4iiFP2DJlCIv47-MwKTxbvH_fEz9Z3Giey9vXkE6qll4P27XUItv0MZH2lPHfSDDQkTsEP5i7E5qxYznqeynDtvPluJqIFGoZQe3exVx1Pq8_EEJJhJwIn-qjHxVxd2IGpOp85OmyYmjgPezQ0E2V_isfqea5xsT7IHkF252X5QPWtpIb8MeeaItH8uVoB531N9Zs3kn42bffxISmQtiw-gUnavFJOwSKCn9xRFnGYxaKEcTIS9ndzM98SmF6iIH_c6gbSU0cNQS1895vX-QxxvrevNt2awM2958T22usskcvxXLWQ3BKrOhWivX8AhzOnZSj9IFxgYA5G6WqcrkGTX-HvTuKCGZDav7QlKPdSSd3VvOfIN7mQ3G_jgLqkOwhklhsyqNZbuPEyFEeX6txMYbmgYFe9ogqEhkINmJJdHcMOcS4ummpZ8ulHyuE2_Hj0nOb1gQVCoxVV_1LFFgPZAVX9V5FJxeXDj0AFdhmM3V8b7zvc1UsrHiR8K_uus4jUT2LBzeo5W1DwFUzqycJZfzkj7O52wAT_8v2ThgLgBAGIBdiG_bkHoAYRgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQq6YU0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli09ru28tWDA_IIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAaIMCCoGCgSsurEC2gwQCgoQ0NLG-PeD5JN9EgIBA-INEwihsLy28tWDAxUbJooDHZqsAzPYEwPQFQGAFwGyFx4KHAgAEhRwdWItODA2MTk0NjQxMzUzNzk4NBi6yBc&sigh=WrRZVFRcQJA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
demand-source
d.pub.network/ 		61 B
95 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
53f480f01dcb676ccdf0d432f8b341b422d1e0436edf4d276d46414fbef723ef

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:16 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 898B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:28:00 GMT
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 1A44 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:50:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
165488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 19:50:08 GMT
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 092B 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=f9c93c9b6f0e4dbe852ebbb086a8e0f3&vfdur=206&cbust=1704995296210124
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:23 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-10T17:48:23
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 092B 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVESF5-n0HXVl98ggPmVud_WWVgZScd8e8j8QZT8___9kgQ0ps&d=CokBAKAmf-BtcJFgticvbWjV1kE8dwjeAEGDgOk7SjNENMBw3VVefCcPqdtDdFGxphLMOVP6iJONoer_PVe3ALn1iAH6pOVCWjNTASlhD3qO7PxKoNZE4OKxgjJCvLFSoHMjRt5EtetZufTEx8XqeMWQXtQUGs415orJwOp9l5_cQ_nTXGweqG3VZV0S6RcAoCZ_4HQU05aL-qlUfpQXpApfZ27IITenkNj0pVV7oHxHPY7CRxqeGkgxk5qs3OA6AGOhlUSm5j489EGXsfyx_GsLlVS_jrM6zUt_vFBadE-7xGQzo02LoBaxQttuf8WKZCLnqORLN3Awvh0dsSOXkyKE3Utt6FyuKxSwJB_HKFk2nwKx_MGsoieGGGCG6gc9IqooKrTzG5IgU686XF43BtxpUEIVRifsU7-QFqlSfsVJ0Z7HYzjS44uEpdsRoMzPFf2DLUkfB1P4PcgsdfGnSn8sStrj8_DnIloNMV4sZkrQ0-P0XOTZJke9udV-CM-KnSkj-9jehxUPYPYDa9WTBcYTVSs7NFnZ1H_-HHPnhmUcLA740aWHuLhcr4G4X8DITakwatfh_gux5qg7UbEMDqQT6TL_wAwn0pAlOUVuqdLVbkAfDiLlaVNkKgxhS6TG8-M_xVnhSeTMcJguM-56LQ3y5ZAuaVOJ6mWpInz_FLMw-W7EiQTW25AhxssPjq6afAv43VPWxfJXung59OB_Tv8hwHLrGeIbLCZdO0xESmH3oOjgvcV9FEirJI6zTq0iqg2B2sZNnmP_5inWW3v-bMWMRN_6FBrrqgBsGr4O5lrOW0q_gwo8MZ3Oyf_1jGIehqRggcrvRum2F4pG2Dh2XyFwHV5RR5dRarHgQMOmMTGjTfYyW4isI_acs9fQ4wL5BunDG41YgUPkiLskGG08IFhssIFQ9aatYNcHZ9PYmFyQlJbuFgY0VvkK3Bw6xaZ3C6OLMyo2KiSffDeALHpOudzi856M-GDskwLUor24vEvpgs5vm7ogfDEwHtnou-lb2px8uvmuAVtJN-5V1XiiM1J8PHFxBZfeJDbB4hlQPiL3VVva0akGYXnEJgfVxg_M4Nhh8ibP8RXXEItGurSOThM9SPFNvJFuFB83uxD7hmgSj4H9xur8xRlQztp4qbTIS58QJEcfzxE9GmyDh4aYFMDpRCCZreIJTKkXiqJ-G9G5dHT0P_6bPYq5kjLEb7VkFrLPcPBCsn2lCbbM33V438JzAuFhlC0Qk-XgwpB7p-Wn6rXDkSfm47-RowXzmGXIROhroJWxo01xYY6hR5i8ezgmJHngx67H7wY7L5eCUdAs_6gINC42BiRhIji0pOASeBKfrEwqWiGPphflF0hmfYc_OLG7norBaxkpygt8Bh6I-B8Hck8-4mXtj8UTKU0Z2cRmTADaavcloChGfM6wi_GiPePU6ALsnlZguEQXr7VLtkujkXOdjyxl1f38CZu4ubHZpiQjE85UOwsgRQhPIvIfXTwF9NOUyANWWkKxLgpEMBh3Y1ylKLVzfbozhcn2OiRhNaH2IUMbwWbGgeyxKEX5Z3Gds3jrC0N38xHCeuAXdWFEda-E6rqOe8qLbIZqo7wH4dT-WWRW8hCJSuzJxvBxE9thOCEUQKe6tSLvqef54ZC8hDltc8L4H9AWgsBVIbXHOV00wouRUScNDvqyzbn3GPdtlAx2vO48XvIVB2qPI2VpPLWs1G6fBeHU0LlJjZp4eR0HtEk5ji-fnAHuZ2HfWPxib89dV4XpjLFbcGgAAbrDd_klj0iSBsZUmtBFujC9ryt_ytFC-IvXY79rxWJucKIoU641qEHq6vF4pp75fu3mlThGNJrJnL40kp8rqrN5S3sL16yg5zR-smqozYka9wg1BcCDTC1JtwCgbsIXLdDp0KJv2csbES47wc4cEAkOxD-GHwPWmUirtGaE3uhNd73DvzgBsKjV19aWu_kqlHmO1o4hEJETPjINFob6z9tngCGr-U82k-xU675mQodnd8HZK0j4U0fl24UJS763xOYUCo14sI3zIfzB_7yNv3X7NN0fzadtfXp745tZ8VE1XcIENTblHwua1cGaGy3lW8vzBPNL1S2a7cHQ637nqqYPvy-13cIZ0cEOpUtLtX3ia1CvBHeqGg3eYzPSWruNRbAhCrOw28wf3pL9FL6fqI2riqia_Nin-LVc_JegHx4Iu6_4wF34rz7RN5SE0mF-36H4EV4HkV40OR6s_PQ7-UTgqutnE5poWP0YUaj0edN_IcAOK40db8IoZ-PJwWD7C3HYiIBkrrIbzlqUo5SO6iBFXS5CYrBxQQQDAjag7uzIjTsgnUNzQTPFJWFdpDcZMO-bmpj5PsA8c9SAFRZSaVgaVHycdZH-oU5_HDm6imrpeBzYdYkR6r3WaJ0aed1ghty82KkYis76twsV97S5yr1_s6HUF9rxsUUqKnSQtrCczEpkIEFMtmZ6Usu96SqFRAcPw6XiPUc6cQOiZ8UH9wCATLNO01sOc_wq1odFSCP50Z0SkSE2RQh7q3KBs39YiP2v_E5AubBshobJjQRxRG5rQYRaw5doK6FilErmBo9f8x1UbSQ0iQkRZq2AeLZBnP8HqP_d6cFdRDQXXBSQqV9ygYAQuxsyCS1Xad7kvNB77cxrYB83yy5QzKh7Avf5HERQ7U3G818kTWVpqWvo-g79un3XB8m2qaVRy9mIgA1fNCHsb0UcWL4Pcx5IRAzZECOdpIt_hquax3gFDAXH5J8EvNfl65FJQFTPWETmPBp-hr3Pg77HhxC11FEyOgVoIgBnppnvmwrVpiBn_ORWXd9fkzYVu9WBLpLi5QofHGm-8uWfI1UyUOzszQ0UeviZGCpplIe3gCLt3MvxuNyvYQOlaMdoTg_ROhwtcA3besBOxK4VHxh81feSXsyPlZc0VfWEJ8vkNnGENCerYFZOBVmLpWyIEy6GvyPSLIdo-IVZFkeVy9vSiSDMdgLjAuGcz92-CXG6Pz_cYVGRcd4-NkOSQ7GKSu6JykRtvLuEXe9QTLo89XWFs1KZBImGFkCSHA54IuuWeIFyTqaS6TgKPq-_c-8ZtppCWoqBJNZDfgdIi56VnVfZjgkJmZHgqckTYlFFl3Kzlpr1VD2Shn8hjNW1flw6cEBQijOM07qMU8dewLn6bUEYhxZid_UoPOJhBZ2ih71HpKxkYz5NuweJaTzRGb_T07CBhAFoJshRPECUsc6pVLm0LF8j8W8q5dibFL0RIasTwvcXjICPaUr1lfkP_GThO2Ki_CWjdgJxAQHhOrcBPmXshfKnsmkWjLGkLlYGc1N3W7Qo221VafIper3cMkXZ24-Gsztqn1Az_oQwaTuLDlaS4rjgoLgBc3oV2bHQumSpiBxJpTO_gLDjZkbDmhNh0awsQN8qmyHoqO4LkiH08zSLw6oV_E8OsakermTjz1d8AntetmHo19Zhfxt0ZiPXc8_5Iq3BT45IqzZ-XAMpjVZKSnL7fgrV5lHEI0QIYhk17Iyy2xy-cf9WXIgfsLg7fogELqVyNE0lNZKb3dWL_3nHZoEuuImqNJ1ZeKmRqeHqJOMjyY6Y4WgYfV42CRjTp1zQz41p2f2uFqXA1H_z7YepsttwMMlrtCpElskchppMkN03X72Mzl2UvgbBw2P9wXZf6aWonWb6OoNBppgGpKzMyuo-Gq4fY8Z2LDRQ6HdJ-XTIxG5Z8ITrSSsd3BQWDPex-ufCnHgfq3RayZCjiX3UBilHuGkxYU9KjF9mdFXIASISRXfFQae70wQL0tplOs4q1rUrWTmlJRmL1sylTAwTIi2pQMuit_-02qJQTv_12tJHvAkCil4qAgyOyb7kxjjpNJKEVCUj3yVpC-2o_NVNL1gqC3Dq2d5rP_be6TV7dHe19qqMirAuWSMuFuu6MrxWrgTuln3mMdQJ26phC7vHBgrU7o0yvWtHiOITFHJAfO--DQi-OMXi0XO3tSTYAP05sSgjF5FmuMR7PC9bRvVOSl0bcxkLqtgoKr5Of4EgtZOeCHVXQp-WLet-Bx_mPpMlg1G9htNgJsIiLZQGBm9JP_9YySqk5qkxhbTRRx6DtxH_3TO0Sf0w5IdIGb2PJXjGzDYHb76BTYsXsA1xv167BtS801Ngy2cR77UR-YOcFTX9ThyEpRK_aFqTOofqnKWQPUJjnZQhQRxFc-SZRr6tkRRPrp_H0ftBfmVV0uTBbDpxddy8NZerKU6gK6CdjdhJEhvyHERQLsMm_fTJMp_uGkIIBBI8AC8eF_-8VgN_ne_CUXGynPVexKyQrw416Dyt8jgis_3MyO5wE-QPfehcAXWR2GIy_li9HQpGomwf_8p-GAFgAQ&cry=1
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
7721e5519f03025c6b8f10f1ee951d67cf9cfea7cdca67ad0ce47b6d91e8c543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26908
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame DEFD 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74298
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:34 GMT
khaos.json
token.rubiconproject.com/ Frame 154A 		7 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 776E 		0
0
dcmads.js
www.googletagservices.com/dcm/ Frame 776E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 11 Jan 2024 18:04:34 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 4DEE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:28:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C44 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTaqVxp4SzjD0DruqRfd6460wmiABL6thJF1kWJfzJ3-sCLcrLaoW30ZXTn8k1tqIp4vV5P0xLWpP_uxOXYCVwbEQEVLKiAIHKKLaYuZ3LtEXlrJFBOzHxS6UFI2Sq11qcqlkqba2XRFpxBiIUixFoKenIWNrjVdWHSi0vcqHoMTl8BRUCaS7qTdLThs1Rz7q0aVyHYrZMJirLsCYQTWhzPdSAZmMJNK4RXsac13fcX5fzD3P7Qk-NF_EGZiGCNKQDnMucnM3Gwe0KTK3qyW8QVaTUDQlgDA-XY9spnbuujAUdlPDRf53jO3XruTf9JMzclIFxv5F7qir3_HAhYsEouF67BoYiN3JHBY4Qmw1OpRh38ofd9UC2PQrgHmzKwctT1qQwgf7e1mXdjvFCsLcLYtwVlfICgFWPxh99HoVfdZrCMeqo1AWA92DNfKP0FOvV5kb8887GgdfLLFy2Z-3P5jvRRjfw5fyvJC0Y-Qr6Hjc3q5fFFIgQq67NWHbS5gSs1VojsED_h2AUZjNxyNd_Qf8K8qo5X-DkGgCpieePZeg7tzKYLD4UDDrQxLBKDK0KpN40J5MvwowV8RYiLsU042an8ccEL05PbsANyyVtVHw7wnP0kVy2rdCzJVL3IXrMnd-T5VCMKhj0T7Dq0u1ovfPUjIunVyZ0XsNkM9agiJty3VbUaEfk-zUja1PwwqJoYTam2sQXhMS5YFZbtvJE1u8vzkpNqsoobzleQPZDpt5pFZPW31XwRC2-Qdh_fa4c9g3ncVBc4XBnz-KZ_XCko9f5fzhuOFGCfq59kUpOICX1gxKIYO3W7Jxtw3ChX6pZ7U6bnf9rIVgW29C7H5RYN6sXIlw4KNgTx7how-uv9UMFPvtR6uFKz98gWKeR5SLzB1c5dvuAvmawEGRW_Ws7r_LNIK4MgnyTQG9oyWECMfueMt-VW39CbqZABCNHHmXHtp59H2BsS8yaIh-ob1KX9jFrY0qnCdxb9M07v5vXwSswPngmAZZBOHXYqIKAJMTwNDNYo4uMiFp3btt6Hj90LS8C48DE1UW_1Un95PGmloYEUoGqGR239yDe3A69jK388Nz1E-lFIfRAMKowFOCGeUtkbQ7soYPB_HClm9WsSi3uSY7kGBlKt3CPt6hU1OerKRbThb9IZWNV2rAWBIFjMpovu7XTGaCJNy0PGfCDlUjKw-fQfNS8-emJ7cPu3JgXBjm14jL8CS27rQ5wzT_vHORLZpYOi9BVbiwuatqHPe52Ct5Tp5s2u0jcoyFVyNdoCxqg0KrhBjfm72hBvbqYUZ6B3t8lTFPEMl6mJS33Sk_JoCmRUDLAkV3tuyxAskbbW2wWTsF9epJMh1-6Anqja3uVS9-7iAnuYy0oyXQmtbMb6yAZM2Eoa6lb1j3J0yFchXl5yn6ga_CteG4l7ACX5fjCgsLP981LFkHyw2AR6XmkVgq9V-BAXilzRqMq2L7bx_syRtJIX9-LmGOSJwjNRp0-zmU2ZEIfiO96w-3Sz1XLss82CFMpmemac0b8U9O62_PPn3JY3_lnfiG-teKALHCKkjHZoXbjoWHAjqLJV9w&sai=AMfl-YTrvSByfnXNPGwqcd7RbJL-1FM_w83Vzt660sleNVi5eNAehMczhHDWC_li5NqzpURJh_CRij8yiyF-K8IskGjypGLSuVc_lPYpxM6NX6ein-vJgQEqcFhZjW6De8GhD2T7YyolAKhWhw&sig=Cg0ArKJSzLWGLnSB5-mvEAE&cid=CAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB&id=lidar2&mcvt=1119&p=1110,296,1200,1266&mtos=1119,1119,1119,1119,1119&tos=1119,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1085809260&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704995293798&rpt=1441&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:16 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
khaos.json
token.rubiconproject.com/ Frame 6D81 		7 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 092B 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 01:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58980
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 01:25:16 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 092B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVESF5-n0HXVl98ggPmVud_WWVgZScd8e8j8QZT8___9kgQ0ps&d=CokBAKAmf-BtcJFgticvbWjV1kE8dwjeAEGDgOk7SjNENMBw3VVefCcPqdtDdFGxphLMOVP6iJONoer_PVe3ALn1iAH6pOVCWjNTASlhD3qO7PxKoNZE4OKxgjJCvLFSoHMjRt5EtetZufTEx8XqeMWQXtQUGs415orJwOp9l5_cQ_nTXGweqG3VZV0S6RcAoCZ_4HQU05aL-qlUfpQXpApfZ27IITenkNj0pVV7oHxHPY7CRxqeGkgxk5qs3OA6AGOhlUSm5j489EGXsfyx_GsLlVS_jrM6zUt_vFBadE-7xGQzo02LoBaxQttuf8WKZCLnqORLN3Awvh0dsSOXkyKE3Utt6FyuKxSwJB_HKFk2nwKx_MGsoieGGGCG6gc9IqooKrTzG5IgU686XF43BtxpUEIVRifsU7-QFqlSfsVJ0Z7HYzjS44uEpdsRoMzPFf2DLUkfB1P4PcgsdfGnSn8sStrj8_DnIloNMV4sZkrQ0-P0XOTZJke9udV-CM-KnSkj-9jehxUPYPYDa9WTBcYTVSs7NFnZ1H_-HHPnhmUcLA740aWHuLhcr4G4X8DITakwatfh_gux5qg7UbEMDqQT6TL_wAwn0pAlOUVuqdLVbkAfDiLlaVNkKgxhS6TG8-M_xVnhSeTMcJguM-56LQ3y5ZAuaVOJ6mWpInz_FLMw-W7EiQTW25AhxssPjq6afAv43VPWxfJXung59OB_Tv8hwHLrGeIbLCZdO0xESmH3oOjgvcV9FEirJI6zTq0iqg2B2sZNnmP_5inWW3v-bMWMRN_6FBrrqgBsGr4O5lrOW0q_gwo8MZ3Oyf_1jGIehqRggcrvRum2F4pG2Dh2XyFwHV5RR5dRarHgQMOmMTGjTfYyW4isI_acs9fQ4wL5BunDG41YgUPkiLskGG08IFhssIFQ9aatYNcHZ9PYmFyQlJbuFgY0VvkK3Bw6xaZ3C6OLMyo2KiSffDeALHpOudzi856M-GDskwLUor24vEvpgs5vm7ogfDEwHtnou-lb2px8uvmuAVtJN-5V1XiiM1J8PHFxBZfeJDbB4hlQPiL3VVva0akGYXnEJgfVxg_M4Nhh8ibP8RXXEItGurSOThM9SPFNvJFuFB83uxD7hmgSj4H9xur8xRlQztp4qbTIS58QJEcfzxE9GmyDh4aYFMDpRCCZreIJTKkXiqJ-G9G5dHT0P_6bPYq5kjLEb7VkFrLPcPBCsn2lCbbM33V438JzAuFhlC0Qk-XgwpB7p-Wn6rXDkSfm47-RowXzmGXIROhroJWxo01xYY6hR5i8ezgmJHngx67H7wY7L5eCUdAs_6gINC42BiRhIji0pOASeBKfrEwqWiGPphflF0hmfYc_OLG7norBaxkpygt8Bh6I-B8Hck8-4mXtj8UTKU0Z2cRmTADaavcloChGfM6wi_GiPePU6ALsnlZguEQXr7VLtkujkXOdjyxl1f38CZu4ubHZpiQjE85UOwsgRQhPIvIfXTwF9NOUyANWWkKxLgpEMBh3Y1ylKLVzfbozhcn2OiRhNaH2IUMbwWbGgeyxKEX5Z3Gds3jrC0N38xHCeuAXdWFEda-E6rqOe8qLbIZqo7wH4dT-WWRW8hCJSuzJxvBxE9thOCEUQKe6tSLvqef54ZC8hDltc8L4H9AWgsBVIbXHOV00wouRUScNDvqyzbn3GPdtlAx2vO48XvIVB2qPI2VpPLWs1G6fBeHU0LlJjZp4eR0HtEk5ji-fnAHuZ2HfWPxib89dV4XpjLFbcGgAAbrDd_klj0iSBsZUmtBFujC9ryt_ytFC-IvXY79rxWJucKIoU641qEHq6vF4pp75fu3mlThGNJrJnL40kp8rqrN5S3sL16yg5zR-smqozYka9wg1BcCDTC1JtwCgbsIXLdDp0KJv2csbES47wc4cEAkOxD-GHwPWmUirtGaE3uhNd73DvzgBsKjV19aWu_kqlHmO1o4hEJETPjINFob6z9tngCGr-U82k-xU675mQodnd8HZK0j4U0fl24UJS763xOYUCo14sI3zIfzB_7yNv3X7NN0fzadtfXp745tZ8VE1XcIENTblHwua1cGaGy3lW8vzBPNL1S2a7cHQ637nqqYPvy-13cIZ0cEOpUtLtX3ia1CvBHeqGg3eYzPSWruNRbAhCrOw28wf3pL9FL6fqI2riqia_Nin-LVc_JegHx4Iu6_4wF34rz7RN5SE0mF-36H4EV4HkV40OR6s_PQ7-UTgqutnE5poWP0YUaj0edN_IcAOK40db8IoZ-PJwWD7C3HYiIBkrrIbzlqUo5SO6iBFXS5CYrBxQQQDAjag7uzIjTsgnUNzQTPFJWFdpDcZMO-bmpj5PsA8c9SAFRZSaVgaVHycdZH-oU5_HDm6imrpeBzYdYkR6r3WaJ0aed1ghty82KkYis76twsV97S5yr1_s6HUF9rxsUUqKnSQtrCczEpkIEFMtmZ6Usu96SqFRAcPw6XiPUc6cQOiZ8UH9wCATLNO01sOc_wq1odFSCP50Z0SkSE2RQh7q3KBs39YiP2v_E5AubBshobJjQRxRG5rQYRaw5doK6FilErmBo9f8x1UbSQ0iQkRZq2AeLZBnP8HqP_d6cFdRDQXXBSQqV9ygYAQuxsyCS1Xad7kvNB77cxrYB83yy5QzKh7Avf5HERQ7U3G818kTWVpqWvo-g79un3XB8m2qaVRy9mIgA1fNCHsb0UcWL4Pcx5IRAzZECOdpIt_hquax3gFDAXH5J8EvNfl65FJQFTPWETmPBp-hr3Pg77HhxC11FEyOgVoIgBnppnvmwrVpiBn_ORWXd9fkzYVu9WBLpLi5QofHGm-8uWfI1UyUOzszQ0UeviZGCpplIe3gCLt3MvxuNyvYQOlaMdoTg_ROhwtcA3besBOxK4VHxh81feSXsyPlZc0VfWEJ8vkNnGENCerYFZOBVmLpWyIEy6GvyPSLIdo-IVZFkeVy9vSiSDMdgLjAuGcz92-CXG6Pz_cYVGRcd4-NkOSQ7GKSu6JykRtvLuEXe9QTLo89XWFs1KZBImGFkCSHA54IuuWeIFyTqaS6TgKPq-_c-8ZtppCWoqBJNZDfgdIi56VnVfZjgkJmZHgqckTYlFFl3Kzlpr1VD2Shn8hjNW1flw6cEBQijOM07qMU8dewLn6bUEYhxZid_UoPOJhBZ2ih71HpKxkYz5NuweJaTzRGb_T07CBhAFoJshRPECUsc6pVLm0LF8j8W8q5dibFL0RIasTwvcXjICPaUr1lfkP_GThO2Ki_CWjdgJxAQHhOrcBPmXshfKnsmkWjLGkLlYGc1N3W7Qo221VafIper3cMkXZ24-Gsztqn1Az_oQwaTuLDlaS4rjgoLgBc3oV2bHQumSpiBxJpTO_gLDjZkbDmhNh0awsQN8qmyHoqO4LkiH08zSLw6oV_E8OsakermTjz1d8AntetmHo19Zhfxt0ZiPXc8_5Iq3BT45IqzZ-XAMpjVZKSnL7fgrV5lHEI0QIYhk17Iyy2xy-cf9WXIgfsLg7fogELqVyNE0lNZKb3dWL_3nHZoEuuImqNJ1ZeKmRqeHqJOMjyY6Y4WgYfV42CRjTp1zQz41p2f2uFqXA1H_z7YepsttwMMlrtCpElskchppMkN03X72Mzl2UvgbBw2P9wXZf6aWonWb6OoNBppgGpKzMyuo-Gq4fY8Z2LDRQ6HdJ-XTIxG5Z8ITrSSsd3BQWDPex-ufCnHgfq3RayZCjiX3UBilHuGkxYU9KjF9mdFXIASISRXfFQae70wQL0tplOs4q1rUrWTmlJRmL1sylTAwTIi2pQMuit_-02qJQTv_12tJHvAkCil4qAgyOyb7kxjjpNJKEVCUj3yVpC-2o_NVNL1gqC3Dq2d5rP_be6TV7dHe19qqMirAuWSMuFuu6MrxWrgTuln3mMdQJ26phC7vHBgrU7o0yvWtHiOITFHJAfO--DQi-OMXi0XO3tSTYAP05sSgjF5FmuMR7PC9bRvVOSl0bcxkLqtgoKr5Of4EgtZOeCHVXQp-WLet-Bx_mPpMlg1G9htNgJsIiLZQGBm9JP_9YySqk5qkxhbTRRx6DtxH_3TO0Sf0w5IdIGb2PJXjGzDYHb76BTYsXsA1xv167BtS801Ngy2cR77UR-YOcFTX9ThyEpRK_aFqTOofqnKWQPUJjnZQhQRxFc-SZRr6tkRRPrp_H0ftBfmVV0uTBbDpxddy8NZerKU6gK6CdjdhJEhvyHERQLsMm_fTJMp_uGkIIBBI8AC8eF_-8VgN_ne_CUXGynPVexKyQrw416Dyt8jgis_3MyO5wE-QPfehcAXWR2GIy_li9HQpGomwf_8p-GAFgAQ&cry=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 20:30:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
76641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 20:30:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 092B 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVESF5-n0HXVl98ggPmVud_WWVgZScd8e8j8QZT8___9kgQ0ps&d=CokBAKAmf-BtcJFgticvbWjV1kE8dwjeAEGDgOk7SjNENMBw3VVefCcPqdtDdFGxphLMOVP6iJONoer_PVe3ALn1iAH6pOVCWjNTASlhD3qO7PxKoNZE4OKxgjJCvLFSoHMjRt5EtetZufTEx8XqeMWQXtQUGs415orJwOp9l5_cQ_nTXGweqG3VZV0S6RcAoCZ_4HQU05aL-qlUfpQXpApfZ27IITenkNj0pVV7oHxHPY7CRxqeGkgxk5qs3OA6AGOhlUSm5j489EGXsfyx_GsLlVS_jrM6zUt_vFBadE-7xGQzo02LoBaxQttuf8WKZCLnqORLN3Awvh0dsSOXkyKE3Utt6FyuKxSwJB_HKFk2nwKx_MGsoieGGGCG6gc9IqooKrTzG5IgU686XF43BtxpUEIVRifsU7-QFqlSfsVJ0Z7HYzjS44uEpdsRoMzPFf2DLUkfB1P4PcgsdfGnSn8sStrj8_DnIloNMV4sZkrQ0-P0XOTZJke9udV-CM-KnSkj-9jehxUPYPYDa9WTBcYTVSs7NFnZ1H_-HHPnhmUcLA740aWHuLhcr4G4X8DITakwatfh_gux5qg7UbEMDqQT6TL_wAwn0pAlOUVuqdLVbkAfDiLlaVNkKgxhS6TG8-M_xVnhSeTMcJguM-56LQ3y5ZAuaVOJ6mWpInz_FLMw-W7EiQTW25AhxssPjq6afAv43VPWxfJXung59OB_Tv8hwHLrGeIbLCZdO0xESmH3oOjgvcV9FEirJI6zTq0iqg2B2sZNnmP_5inWW3v-bMWMRN_6FBrrqgBsGr4O5lrOW0q_gwo8MZ3Oyf_1jGIehqRggcrvRum2F4pG2Dh2XyFwHV5RR5dRarHgQMOmMTGjTfYyW4isI_acs9fQ4wL5BunDG41YgUPkiLskGG08IFhssIFQ9aatYNcHZ9PYmFyQlJbuFgY0VvkK3Bw6xaZ3C6OLMyo2KiSffDeALHpOudzi856M-GDskwLUor24vEvpgs5vm7ogfDEwHtnou-lb2px8uvmuAVtJN-5V1XiiM1J8PHFxBZfeJDbB4hlQPiL3VVva0akGYXnEJgfVxg_M4Nhh8ibP8RXXEItGurSOThM9SPFNvJFuFB83uxD7hmgSj4H9xur8xRlQztp4qbTIS58QJEcfzxE9GmyDh4aYFMDpRCCZreIJTKkXiqJ-G9G5dHT0P_6bPYq5kjLEb7VkFrLPcPBCsn2lCbbM33V438JzAuFhlC0Qk-XgwpB7p-Wn6rXDkSfm47-RowXzmGXIROhroJWxo01xYY6hR5i8ezgmJHngx67H7wY7L5eCUdAs_6gINC42BiRhIji0pOASeBKfrEwqWiGPphflF0hmfYc_OLG7norBaxkpygt8Bh6I-B8Hck8-4mXtj8UTKU0Z2cRmTADaavcloChGfM6wi_GiPePU6ALsnlZguEQXr7VLtkujkXOdjyxl1f38CZu4ubHZpiQjE85UOwsgRQhPIvIfXTwF9NOUyANWWkKxLgpEMBh3Y1ylKLVzfbozhcn2OiRhNaH2IUMbwWbGgeyxKEX5Z3Gds3jrC0N38xHCeuAXdWFEda-E6rqOe8qLbIZqo7wH4dT-WWRW8hCJSuzJxvBxE9thOCEUQKe6tSLvqef54ZC8hDltc8L4H9AWgsBVIbXHOV00wouRUScNDvqyzbn3GPdtlAx2vO48XvIVB2qPI2VpPLWs1G6fBeHU0LlJjZp4eR0HtEk5ji-fnAHuZ2HfWPxib89dV4XpjLFbcGgAAbrDd_klj0iSBsZUmtBFujC9ryt_ytFC-IvXY79rxWJucKIoU641qEHq6vF4pp75fu3mlThGNJrJnL40kp8rqrN5S3sL16yg5zR-smqozYka9wg1BcCDTC1JtwCgbsIXLdDp0KJv2csbES47wc4cEAkOxD-GHwPWmUirtGaE3uhNd73DvzgBsKjV19aWu_kqlHmO1o4hEJETPjINFob6z9tngCGr-U82k-xU675mQodnd8HZK0j4U0fl24UJS763xOYUCo14sI3zIfzB_7yNv3X7NN0fzadtfXp745tZ8VE1XcIENTblHwua1cGaGy3lW8vzBPNL1S2a7cHQ637nqqYPvy-13cIZ0cEOpUtLtX3ia1CvBHeqGg3eYzPSWruNRbAhCrOw28wf3pL9FL6fqI2riqia_Nin-LVc_JegHx4Iu6_4wF34rz7RN5SE0mF-36H4EV4HkV40OR6s_PQ7-UTgqutnE5poWP0YUaj0edN_IcAOK40db8IoZ-PJwWD7C3HYiIBkrrIbzlqUo5SO6iBFXS5CYrBxQQQDAjag7uzIjTsgnUNzQTPFJWFdpDcZMO-bmpj5PsA8c9SAFRZSaVgaVHycdZH-oU5_HDm6imrpeBzYdYkR6r3WaJ0aed1ghty82KkYis76twsV97S5yr1_s6HUF9rxsUUqKnSQtrCczEpkIEFMtmZ6Usu96SqFRAcPw6XiPUc6cQOiZ8UH9wCATLNO01sOc_wq1odFSCP50Z0SkSE2RQh7q3KBs39YiP2v_E5AubBshobJjQRxRG5rQYRaw5doK6FilErmBo9f8x1UbSQ0iQkRZq2AeLZBnP8HqP_d6cFdRDQXXBSQqV9ygYAQuxsyCS1Xad7kvNB77cxrYB83yy5QzKh7Avf5HERQ7U3G818kTWVpqWvo-g79un3XB8m2qaVRy9mIgA1fNCHsb0UcWL4Pcx5IRAzZECOdpIt_hquax3gFDAXH5J8EvNfl65FJQFTPWETmPBp-hr3Pg77HhxC11FEyOgVoIgBnppnvmwrVpiBn_ORWXd9fkzYVu9WBLpLi5QofHGm-8uWfI1UyUOzszQ0UeviZGCpplIe3gCLt3MvxuNyvYQOlaMdoTg_ROhwtcA3besBOxK4VHxh81feSXsyPlZc0VfWEJ8vkNnGENCerYFZOBVmLpWyIEy6GvyPSLIdo-IVZFkeVy9vSiSDMdgLjAuGcz92-CXG6Pz_cYVGRcd4-NkOSQ7GKSu6JykRtvLuEXe9QTLo89XWFs1KZBImGFkCSHA54IuuWeIFyTqaS6TgKPq-_c-8ZtppCWoqBJNZDfgdIi56VnVfZjgkJmZHgqckTYlFFl3Kzlpr1VD2Shn8hjNW1flw6cEBQijOM07qMU8dewLn6bUEYhxZid_UoPOJhBZ2ih71HpKxkYz5NuweJaTzRGb_T07CBhAFoJshRPECUsc6pVLm0LF8j8W8q5dibFL0RIasTwvcXjICPaUr1lfkP_GThO2Ki_CWjdgJxAQHhOrcBPmXshfKnsmkWjLGkLlYGc1N3W7Qo221VafIper3cMkXZ24-Gsztqn1Az_oQwaTuLDlaS4rjgoLgBc3oV2bHQumSpiBxJpTO_gLDjZkbDmhNh0awsQN8qmyHoqO4LkiH08zSLw6oV_E8OsakermTjz1d8AntetmHo19Zhfxt0ZiPXc8_5Iq3BT45IqzZ-XAMpjVZKSnL7fgrV5lHEI0QIYhk17Iyy2xy-cf9WXIgfsLg7fogELqVyNE0lNZKb3dWL_3nHZoEuuImqNJ1ZeKmRqeHqJOMjyY6Y4WgYfV42CRjTp1zQz41p2f2uFqXA1H_z7YepsttwMMlrtCpElskchppMkN03X72Mzl2UvgbBw2P9wXZf6aWonWb6OoNBppgGpKzMyuo-Gq4fY8Z2LDRQ6HdJ-XTIxG5Z8ITrSSsd3BQWDPex-ufCnHgfq3RayZCjiX3UBilHuGkxYU9KjF9mdFXIASISRXfFQae70wQL0tplOs4q1rUrWTmlJRmL1sylTAwTIi2pQMuit_-02qJQTv_12tJHvAkCil4qAgyOyb7kxjjpNJKEVCUj3yVpC-2o_NVNL1gqC3Dq2d5rP_be6TV7dHe19qqMirAuWSMuFuu6MrxWrgTuln3mMdQJ26phC7vHBgrU7o0yvWtHiOITFHJAfO--DQi-OMXi0XO3tSTYAP05sSgjF5FmuMR7PC9bRvVOSl0bcxkLqtgoKr5Of4EgtZOeCHVXQp-WLet-Bx_mPpMlg1G9htNgJsIiLZQGBm9JP_9YySqk5qkxhbTRRx6DtxH_3TO0Sf0w5IdIGb2PJXjGzDYHb76BTYsXsA1xv167BtS801Ngy2cR77UR-YOcFTX9ThyEpRK_aFqTOofqnKWQPUJjnZQhQRxFc-SZRr6tkRRPrp_H0ftBfmVV0uTBbDpxddy8NZerKU6gK6CdjdhJEhvyHERQLsMm_fTJMp_uGkIIBBI8AC8eF_-8VgN_ne_CUXGynPVexKyQrw416Dyt8jgis_3MyO5wE-QPfehcAXWR2GIy_li9HQpGomwf_8p-GAFgAQ&cry=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:13:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
84889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 18:13:27 GMT
khaos.json
token.rubiconproject.com/ Frame DEFD 		7 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 436C 		1 KB
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3327
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 16:52:49 GMT
etag
48472445140208031
expires
Fri, 12 Jan 2024 16:52:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 092B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b8078837bc1f2d90aba7d9ba8cf9e7770408a3a481d2f1ada591a70054dc6af

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
impl_v99.js
www.googletagservices.com/dcm/ Frame 776E 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 02:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 02:40:15 GMT
us
capi.connatix.com/core/ Frame 154A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&gdpr=0&gdpr=0&khaos=LR9I6EKP-B-JADY
  • https://ck.connatix.com/cks?pid=11&uid=LR9I6ECV-6-CY2O&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=LR9I6ECV-6-CY2O&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=LR9I6ECV-6-CY2O&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd5cdd6e7118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 11 Jan 2024 17:48:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=LR9I6ECV-6-CY2O&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd5c8acea222-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9D3A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.188 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 11 Jan 2024 17:48:17 GMT
ETag
"623de86a-cf34"
Expires
Fri, 12 Jan 2024 17:48:19 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 54BD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122247
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 11 Jan 2024 17:48:16 GMT
expires
Sat, 13 Jan 2024 03:45:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 4107 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 11 Jan 2024 17:48:16 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 5B9F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c7b9d14f22510bb18fce8e9c30fcfe48b050a2fd4334ec1f47f8e3ff443a54ae

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:16 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbcas
ads.yieldmo.com/ Frame 2B50 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.91.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-91-144.compute-1.amazonaws.com
Software
/
Resource Hash
dd7f9dca60ecf05a93994f8454b4215381f019632bec6d48fd63d68fe0c660d7

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 11 Jan 2024 17:48:17 GMT
pragma
no-cache
vary
accept-encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D0DD 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
231
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
843efd678b8c3972-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:18 GMT
expires
Thu, 11 Jan 2024 21:48:18 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 118C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 17:48:16 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=243ab276-5ae4-4fe2-ab14-44d4a1348492&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=c43e51ad-deb1-45e6-b233-ed165521eb63&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=c43e51ad-deb1-45e6-b233-ed165521eb63&ssp=themediagrid
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
//x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=c43e51ad-deb1-45e6-b233-ed165521eb63&ssp=themediagrid
date
Thu, 11 Jan 2024 17:48:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
events-ssc.33across.com/ Frame 6D81
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LR9I6ECV-6-CY2O
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LR9I6ECV-6-CY2O
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LR9I6ECV-6-CY2O&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LR9I6ECV-6-CY2O&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LR9I6ECV-6-CY2O&ts=1704995296&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame DEFD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LR9I6ECV-6-CY2O
  • https://cs.yellowblue.io/cs?aid=11590&id=LR9I6ECV-6-CY2O
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LR9I6ECV-6-CY2O
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LR9I6ECV-6-CY2O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LR9I6ECV-6-CY2O
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LR9I6ECV-6-CY2O
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:32 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LR9I6ECV-6-CY2O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
usync.js
eus.rubiconproject.com/ Frame 118C 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.165.176 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-165-176.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74298
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:34 GMT
B9689862.280584279;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=4272585447;ord=nbj4o8;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fse...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 776E 		67 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=4272585447;ord=nbj4o8;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F$0;xdt=0;crlt=ZEDbP_*vyw;stc=1;chaa=1;sttr=183;prcl=s
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
bd97bd47a2b3377c198e1da589adbdd95f7c0c42a6f56611d874ca7b4a1f1d7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30805
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 154A 		0
0
ecm3
s.amazon-adsystem.com/ Frame 154A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LR9I6ECV-6-CY2O&ex=d-rubiconproject.com&status=ok&gdpr=0
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 154A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
0
0
pixel
cm.g.doubleclick.net/ Frame 154A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI5STZFQ1YtNi1DWTJP&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEB7_sy6YQTJ4oIWAxYvJvoY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
setuid
px.ads.linkedin.com/ Frame 154A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9I6ECV-6-CY2O&gdpr=0
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9I6ECV-6-CY2O&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F1649791CD29450D863A51018A057F46 Ref B: YTO01EDGE0409 Ref C: 2024-01-11T17:48:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOrycIfPAYR4tzb3zcNg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9I6ECV-6-CY2O&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 154A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
42 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEG_tVt-IUSC1sXwZ8_4y97Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 154A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdjYWRhZGI4N2QwODA2YzU1MTRhNjBiODFkNTRlYjY0NjdlZDBjZg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdjYWRhZGI4N2QwODA2YzU1MTRhNjBiODFkNTRlYjY0NjdlZDBjZg&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjdjYWRhZGI4N2QwODA2YzU1MTRhNjBiODFkNTRlYjY0NjdlZDBjZg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 154A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/AUe9wKTLMoU7s_HG6x7NpQ?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LNKshT1E2oJLGG7e_62QunEtHEDxjH9SAsIfZw--~A
42 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LNKshT1E2oJLGG7e_62QunEtHEDxjH9SAsIfZw--~A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 11 Jan 2024 17:48:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LNKshT1E2oJLGG7e_62QunEtHEDxjH9SAsIfZw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 154A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=&expires=30
42 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=&expires=30
date
Thu, 11 Jan 2024 17:48:16 GMT
server
Kestrel
content-length
289
rp
match.prod.bidr.io/cookie-sync/ Frame 154A 		0
0
merge
ce.lijit.com/ Frame 154A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LR9I6ECV-6-CY2O&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR9I6ECV-6-CY2O&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR9I6ECV-6-CY2O&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
Expires
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 154A 		0
0
pixel
capi.connatix.com/us/ Frame 154A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LR9I6ECV-6-CY2O&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LR9I6ECV-6-CY2O&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
843efd5ef9e97118-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://capi.connatix.com/us/pixel?puid=LR9I6ECV-6-CY2O&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 154A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LR9I6ECV-6-CY2O&gdpr=0
0
0
v1
match.sharethrough.com/sync/ Frame 154A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9I6ECV-6-CY2O&gdpr=0
68 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9I6ECV-6-CY2O&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-125-247.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:18 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9I6ECV-6-CY2O&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
cksync
hb.yahoo.net/ Frame 154A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR9I6ECV-6-CY2O&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR9I6ECV-6-CY2O&redir=true&gdpr=0&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR9I6ECV-6-CY2O&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sZ0tCcWJORTJ1RlhWNUhKTGtZTWYxcF9iMG9JLklsQ35B&gdpr=0&ovsid=LR9I6ECV-6-CY2O&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sZ0tCcWJORTJ1RlhWNUhKTGtZTWYxcF9iMG9JLklsQ35B&gdpr=0&ovsid=LR9I6ECV-6-CY2O&dpid=58160
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
23.40.207.42 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 11 Jan 2024 17:48:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 11 Jan 2024 17:48:19 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sZ0tCcWJORTJ1RlhWNUhKTGtZTWYxcF9iMG9JLklsQ35B&gdpr=0&ovsid=LR9I6ECV-6-CY2O&dpid=58160
date
Thu, 11 Jan 2024 17:48:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dvtp_src.js
cdn.doubleverify.com/ Frame 092B 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-74.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
868ba79554a417daf825ba46df8f6138a1bd2f0ab12d9fb0e947a04c1b05d3bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 10:31:54 GMT
Server
UploadServer
ETag
"1f5bc53504f26f9291e5206f6f168a7b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3639
Expires
Thu, 11 Jan 2024 18:03:16 GMT
index.html
s0.2mdn.net/sadbundle/17933141011844227161/ Frame BCDD 		117 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
e3ab153c4332010bbdf1d4a13fd98cc5876133df1892ab4fdfeafa7a8470e999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:17 GMT
expires
Fri, 10 Jan 2025 17:48:17 GMT
last-modified
Tue, 08 Aug 2023 17:04:37 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 092B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuprhkb-K3hddkAuHWRYWukIX5DxIqSRF1Fo3JOovXTygP93hM0PQTVJYUAcY9Fk1qcatzbPjMd0z4OXf9GGLIfBWYLPdGWgLMcFNnmt0hjbEAFo7PGD-9hF7yQTPCPjfdvCAsGpC2Di9qHf5wvN-85uSKYn7v26_0WSU3KkiRljFwJC6FnIKTfEZ1UmekByehb_5ogr8dzkJ31ctRn2_Ek66s_NyEgHv3eOp2EboGg5g&sai=AMfl-YScOCXJRpN2q7rYcYmpZ9FpuDWCCT27xs5pkLIjBv4JwNby4QXYiC-TEq6QukkTuaTlJZkvWu9n35Ra3fIsicW_EK2q5ybmzB81_NBlTfLRazAUKA6_0dj75eYKkVPtXL1UGbFe6Vg0ngqIzZsRLKsfGw&sig=Cg0ArKJSzLziQkLfYfEeEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly90ZC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=374&cbvp=1&cstd=363&cisv=r20240108.66974&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame 436C 		0
0
pixel
cm.g.doubleclick.net/ Frame 436C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AJo_7Lc8TsegRJXgCQ2HjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AJo_7Lc8TsegRJXgCQ2HjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTcflRsysYx4ZC-ZV9AisyXNrsAeKmJng4s8ENcAcaSJN7t-HCWaJFUsm6kdAJ19vW_p48gl61qqw1kRMxW8PN1ZhBn4BY
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AJo_7Lc8TsegRJXgCQ2HjQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTcflRsysYx4ZC-ZV9AisyXNrsAeKmJng4s8ENcAcaSJN7t-HCWaJFUsm6kdAJ19vW_p48gl61qqw1kRMxW8PN1ZhBn4BY
date
Thu, 11 Jan 2024 17:48:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 436C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB7_sy6YQTJ4oIWAxYvJvoY&google_cver=1&google_push=AXcoOmQC3d2_wnm2NKs8KAVoF0qcCUZVwnjQUtM0bW68q5fJwHJo14g4QoQMWk9Hg8z5PgkjxMX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=AXcoOmQC3d2_wnm2NKs8KAVoF0qcCUZVwnjQUtM0bW68q5fJwHJo14g4QoQMWk9Hg8z5PgkjxMX010eJAywFuvFeZySE89By-qU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=AXcoOmQC3d2_wnm2NKs8KAVoF0qcCUZVwnjQUtM0bW68q5fJwHJo14g4QoQMWk9Hg8z5PgkjxMX010eJAywFuvFeZySE89By-qU
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5STZFQ1YtNi1DWTJP&google_push=AXcoOmQC3d2_wnm2NKs8KAVoF0qcCUZVwnjQUtM0bW68q5fJwHJo14g4QoQMWk9Hg8z5PgkjxMX010eJAywFuvFeZySE89By-qU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 436C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMq32Fet__8zx5hwQ7VQgUw&google_cver=1&google_push=AXcoOmS3NU2L6idwj2UBFdBcvmhgJdZVz9RR-7RzVPwWOl6lmLHjA2ZVcwIlprymMGTHX9MdH5t4TBDFmkYNTakg_LobLxcw6w
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D&google_push=AXcoOmS3NU2L6idwj2UBFdBcvmhgJdZVz9RR-7RzVPwWOl6lmLHjA2ZV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D&google_push=AXcoOmS3NU2L6idwj2UBFdBcvmhgJdZVz9RR-7RzVPwWOl6lmLHjA2ZVcwIlprymMGTHX9MdH5t4TBDFmkYNTakg_LobLxcw6w
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D&google_push=AXcoOmS3NU2L6idwj2UBFdBcvmhgJdZVz9RR-7RzVPwWOl6lmLHjA2ZVcwIlprymMGTHX9MdH5t4TBDFmkYNTakg_LobLxcw6w
date
Thu, 11 Jan 2024 17:48:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cc.adingo.jp/adx/push/ Frame 436C 		0
0
pixel
cm.g.doubleclick.net/ Frame 436C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQQCFrwiYzMeuRjlw7h_O-Ble27zBHl6IrPLPAZeSaU_3uFrsT4o8Q05Pq7OT7YveSfygpwqZd6AHZpC9XE4HhY_4K69DdQ&google_gid=CAESEDpCcNB6Z9EFD...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDpCcNB6Z9EFDws3AQfdftI&google_hm=T1BVOTNhMzg5ODUwZDBmNDk2ZDhmOGJkMWQxZmMyNWQ5ZTU&google_nid=opera_norway_as&google_push=AXcoOmQQCFrw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDpCcNB6Z9EFDws3AQfdftI&google_hm=T1BVOTNhMzg5ODUwZDBmNDk2ZDhmOGJkMWQxZmMyNWQ5ZTU&google_nid=opera_norway_as&google_push=AXcoOmQQCFrwiYzMeuRjlw7h_O-Ble27zBHl6IrPLPAZeSaU_3uFrsT4o8Q05Pq7OT7YveSfygpwqZd6AHZpC9XE4HhY_4K69DdQ
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDpCcNB6Z9EFDws3AQfdftI&google_hm=T1BVOTNhMzg5ODUwZDBmNDk2ZDhmOGJkMWQxZmMyNWQ5ZTU&google_nid=opera_norway_as&google_push=AXcoOmQQCFrwiYzMeuRjlw7h_O-Ble27zBHl6IrPLPAZeSaU_3uFrsT4o8Q05Pq7OT7YveSfygpwqZd6AHZpC9XE4HhY_4K69DdQ
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
324
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 436C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMCH_jU3_...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=243ab276-5ae4-4fe2-ab14-44d4a1348492&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=243ab276-5ae4-4fe2-ab14-44d4a1348492&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=243ab276-5ae4-4fe2-ab14-44d4a1348492&%%GOOGLE_PUSH_PAIR%%
Date
Thu, 11 Jan 2024 17:48:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 436C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDt9ujZjDEX-4QbkyW03m4PCJBLrmiWVLOe7vpFor7Dit4tEVU7LmgcImmML7rYoDGLz5ViE8
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 54BD 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84149371&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a5174cf4a6709a452cad608d28e564f1be42ec26890f18319401e7f0202a19e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
us
capi.connatix.com/core/ Frame 8EA9 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd5decc139f5-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:16 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
xuid
eb2.3lift.com/ Frame 5B9F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=138f948b-8a30-4e0d-950b-1c32400031db&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=138f948b-8a30-4e0d-950b-1c32400031db&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=138f948b-8a30-4e0d-950b-1c32400031db&dongle=0cfd&gdpr=0&gdpr_consent=
date
Thu, 11 Jan 2024 17:48:17 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 5B9F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5B9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMetDcnhvWkJj_GfeCIBKUc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMetDcnhvWkJj_GfeCIBKUc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMetDcnhvWkJj_GfeCIBKUc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5B9F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTY1OTUxMTc0MjYzMjU3Njg5NjI0NA%3D%3D
date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 5B9F 		0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1659511742632576896244&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 70FE36E38E444B57BF7A9C327701A857 Ref B: YTO01EDGE0409 Ref C: 2024-01-11T17:48:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOrycIpJO6wGMTVIVPyQ==
xuid
eb2.3lift.com/ Frame 5B9F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1659511742632576896244?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Kr5owJNE2oQR_DMrkyIK.X8tWv.Bw9mPLO6eL8CSrw--~A&dongle=0883
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Kr5owJNE2oQR_DMrkyIK.X8tWv.Bw9mPLO6eL8CSrw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 17:48:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 11 Jan 2024 17:48:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Kr5owJNE2oQR_DMrkyIK.X8tWv.Bw9mPLO6eL8CSrw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 5B9F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1659511742632576896244&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=243ab276-5ae4-4fe2-ab14-44d4a1348492&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=243ab276-5ae4-4fe2-ab14-44d4a1348492&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=34124dd9-d2af-4023-bab1-8b876a6c7394&ssp=triplelift&expires=30&user_group=5&bsw_param=243ab276-5ae4-4fe2-ab14-44d4a1348492
  • https://eb2.3lift.com/xuid?mid=2409&xuid=243ab276-5ae4-4fe2-ab14-44d4a1348492&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=243ab276-5ae4-4fe2-ab14-44d4a1348492&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 17:48:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=243ab276-5ae4-4fe2-ab14-44d4a1348492&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 11 Jan 2024 17:48:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 5B9F 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
567459
expires
Thu, 11 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5B9F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3360464478994624864&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3360464478994624864&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 17:48:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
3772fdb2-b904-4613-9b32-88846fda402f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=3360464478994624864&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 5B9F 		43 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1659511742632576896244
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
c8f17a32-8fc1-4250-aaf4-acdb0d9bafa6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9936 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-s3e3ymgZZKSCJe-ogbarIjoBwAAAAA4AeAEAg&bg=!mJulm9TNAAaumcC-jpk7ADQBe5WfOMDZyeZYyX_7Zb0FEQFOjMiIDb8dMIk3Y88lSBldHMI5PbhGbWjCnJS29gt_KOz0AgAAAtlSAAAAAmgBB5kC6a2J3b-_u8eMZR6Rx_76QokUcgBuiDYEHX3xHaoaC2onnsH8_PIRmfRrYs7QbZON-k7rOJbWTTvHVmHYeVpMl65BB7eMVX_WBvW9CEPieoCf0MMTlJW1bKcJvNWW2GxsbES8KY142de4tetvrhlLQdOLxsg8Rng6BThRUSa8atpOWdepPSGcGZWT8ND2s87R4dDfogYXIsYkVIHMYWpt6DiurkUNLdgJiXIJQjrzr1FFSHpps4OnoLc0rF7ENJBFelGOaqekDCvjdJ4LGPTadwH5l1gdIEpGv1yVlnYaCYUwEHXStnxr5Xt33raIHqsdjo4uc82KsUWUmzEPZ36ptf3uSLTAsIQH_l0cByuUBHTT-T2LsUcMF_1fF_ZmPsetniRzIbSTU0bpU2WGM1fJyReopH7wu7HAjpKmP2WXv-sNsbrH05Pis-bfloyn9vnfiNfc1YBvApGOmwOM_WSd_35FgvLagj1n3p2E0w41ozcfiZqW3m0hmPE53ERXBKEIcn1uJRhwJeGsWIVrtUwZxNHGCF8Pn3lOzfC8OH63DfJkU0BTopB1QqHPP-43p8ECvaBja_TAvRbCyMl3GnkFw2Db9833HQaUEHsrPg7VxcczQ0nRWr_qQKLuRcAOxk-6MrGiUB_HyZqeNnpslo3EqbdLVFUSZI6-vo_qwfa2uyLIY3mcXqp2s4fIxJoG3QHhRQI1pXYNPCqpfLVN5ZieapNdKGjFA9twndlxYdh03CmRnuQSJbwiXeEwQW9p5nlKmK23hIeaaMGMOPeqwIjh5S4GAAy1PTwM8GVRg5RrtrQOZ1OEZmHdADEu6IGBF4I_LF_ZyoSWGVz4XV14MGnCsEz_jOIKWfvjhEmxAFoOkSwBmGQi2GJ6SxL0UV0LPrOwfAMGDc6_02Fhl3b5IVluGP5qmh0Sj6UnCFAHNfA646AqQWKUP4QO5ZSjxF0yi0N_FenT8dz3Edb0zKfm3XaArp7fIELsS28Wc5E
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 776E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 776E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 04:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
47571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 04:35:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 776E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssv9yDkeOwrNIVgHFvLQFoC2LcGnCqGAtFSsaUPSAURlCVEfg0FzVsr_PfsoFqtEi7Xz5XklMiOevPridlx6EfAcX6WFuJCDQgvni7sE-bQkY12hgPBoqYcBcqxjt9GPBMni7ZnqxMWavR5EZ_SGx-jrZQDYCae9XQTRijrWCbn1mDzRXrJDw&sai=AMfl-YTjxMkH9mYitwPRWjx63PBl-fXRu0nhtiRgxTSotnByZhxp-jd0-iD0o6vJ8CljD5A47TQsfgmbmnBV_JaU7Z73aFSV4csmxery9g&sig=Cg0ArKJSzKjn-mmx0f97EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240109.42363&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=4272585447;ord=nbj4o8;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F$0;xdt=0;crlt=ZEDbP_*vyw;stc=1;chaa=1;sttr=183;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 776E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 15:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
180089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 15:46:48 GMT
6335791767665586692
s0.2mdn.net/simgad/ Frame 776E 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6335791767665586692
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
3bcc78c28638c7500c7f6ac759ee979e9dcbc49559d7766a99ff763aaef8f051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 17:44:39 GMT
date
Tue, 09 Jan 2024 17:44:39 GMT
x-content-type-options
nosniff
age
173018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314659
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:18:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
usermatch
ssum-sec.casalemedia.com/ Frame 73A3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6e66a3861d1538d68efc8a23324fa1692c16d1c219d268931364acc0522161

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
843efd5f9ad353fb-YYZ
content-encoding
br
content-type
text/html
date
Thu, 11 Jan 2024 17:48:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BV9Twgo5bMr0Bgzz9j3YXcTiFXWI5Bt%2BlfpRUCKp3UZiz9jnn%2FJjHwfeLQLpbPxPBwzg3iVyBzscdUFkzO75VsbxpklnDdNT52Hx5LqxDwgehlcmyIBj821BLpvOShJG9t6JRa%2BpXvwkVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Enabler_01_250.js
s0.2mdn.net/879366/ Frame BCDD 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 04:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 04:09:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 19EC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWEIG-TIxJo1gVP34NFozZ3iQHo8H4LH0UKe_MY0Ut4JpZvYwnUj5NwTuPv-ct2wK0lRU7tdpneusPVMu0XjlnPdJ7of_d7rnzNOyZGS_vNYDbx_MnP5If48hs&sig=Cg0ArKJSzMUuESGT_gljEAE&id=lidar2&mcvt=1142&p=0,0,90,970&mtos=1142,1142,1142,1142,1142&tos=1142,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=1526426640&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704995295196&rpt=867&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AFE1 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHN963ymgZeClCfy8xtYP0ZSsuAcAAAAAOAHgBAI&bg=!iIuli8TNAAZ1R9vHVUc7ADQBe5WfOOt_Au8x1E6HmGGyDPDvGiSqIoljQGkLUN5WSvP4--O-CMW0u5eX6l3aASJ5TZ3AAgAAAyhSAAAABWgBB5kC32_hdD3wsNpOch_RKafBuCEAcyth_kKlePjR8EGwXW_FtDBTkUPlXQl6OUJzTa7BsZVnj3IKICLZOzq-DOtypKj871iCsDBGQ8aRLUFszjkEgIXZNhLJJIMnpyjsyH87mc8DpuPX1ycoCsRQKo7rwp9DQZDgvVDBt_L9fJKNz2WrsiBcP_QhS4R3EPhHVUMgTTYQDjmJqubhb-G8u8tNoPu1VPLyGIEPTxTys33pwoaXhJbxchffiDg-IFTBJVNsqLcMGamsl8_VJJ8UJffoOlCUL8c52TgmbOaI6mefzdO57nbs8TLlZvjjNbjWNeXMJkFA6ssL52WppbeqLZPC1zOmUQ-9nCMhWLSAtTp4jkvuIDrU74RccZ9rOKiLSQInoenPQPhm5FfYS2Q7ATtVJZBifGXsaU25GviuwgcXcCPVzL_1g-sc9I6KaajAeWt2T4sY3CH82vjeaP_ELua3h2Bvvm_ygrkihwiuKBo5JC-JhPBPERQh1P-iwi13VTPELehUsJSuQMVdKb_c92Ogz6YWoPANQjAdD_XIc0b_LmBycJh3bysJqTricS0H6acGMuQp23rWswVeV1-9m7gk9XG50YuCnRVg-NCwByB0vpvHJ2sViykoP07qYwf8RGQG13C5CgNh803sjw_Q4CohCQoyR5OQ6sigpcKC_dkvkZbTHO4CDPfe1a-kR0_sI_PJOkImD7fp4o0XT4GvImJy5IETSgg_7tnupgNljvb98H1U2t9BIcURs6-LfvbUVlzym1MYKMdXSry_WvUA_MiUDsONE8C4nkP_RffU5iQMruX-tMKMuwzWqmUiw9F5KzBRNpaNzfgR3zdTx78YxihCNCNliaksLyet7TOtgCKqP3YzFo4_WXUBhaIw3M79UoYHbljYkhYHKdcC1eze3RsEktcXNXxdrrJlySb-mbML-7uAglywRmLLfXpPfFBKUpk5fYHPgsVNU0Wo2l6tM9v8aw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv-measurements5226.js
cdn.doubleverify.com/ Frame 750C 		427 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements5226.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.5.74 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-5-74.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
38a762181e26dd8bdfb8d016bcb37444853b404339bd65131c97b73ffed0eb1e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 08:17:36 GMT
Server
UploadServer
ETag
"2a46e4eec48b992509c6f3dbc85f2324"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103502
Expires
Fri, 10 Jan 2025 17:48:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 898B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQaWl3ymgZZjFC--boPMPmNaI8AEAAAAAOAHgBAI&bg=!0dKl0p3NAAaumcC-jpk7ADQBe5WfOItt6DHfhOQMeB7TrFWwHIHRMNHOb4HNaDbdanI9ONHJfONLopStorQXzkaiAF6oAgAAAoRSAAAAA2gBBwoANFhRC7i6-eu3vGaF4XLGtvTEaOAeFf403esF-jn2h58Tc4EMDBH8l_eWRQqdB5mn52a1Vj6ZAuKzPEdXbMmIVtgAWkF1GiLo5bD2d996HU-Pn-VnirXTQv3guldkhqeyq3qazUa2VnG34uuwB0mKqZop7vH7TJfglmRzPWlmIg4EoTBv9wnrh8znEuBTiLtIm9lh-Gd2mVwv44DuovP0q2m-rT7ARBgOK5_bY9OyQU75WqvyvIjN83EjqII4eGBVl0MSWeTo4AT-HJ2D6EhyLRE8Ghh8ZfK9TQdn7EYE8rjupg312JawS1ROp3pqfgp7sqOzxW13Dyk8jxsWiUOqcZqQAH_S6kinDHk3G_LGnVkhO7x3qlAM6wc_WE1-VYPZy1e5s1rJL34ZeYTXwNnwxwNbjDlu3dVWcooAcQABkWEH-_gZ_JKlGj9BVVoLRKWhYez36K7F4TgMJ-RIRA6v3avqL1uSRdZ-99zoqDM6B_lGd3CD-LXOkxS_LXUKpm1r6ASmvHKohRVWHn15KjzwtXgDEHIVP_kbg3-82Lww8OCy_wQJVjccrNGp9RkucpefP56G1uXAGL5fWdsKOp9NwQAgp2oODkHtlL8AjDmACbS--lr2RDfc2MDVl6X51xHpA5gnDwnvlNs8yRA3uk8rzO1P7uE2IL31TwA-mgLrm2cRlAIbgdOmqRhq3kNmBrKAkB_unRK1nPQ1-MGe4bcQqnsyC7dAHqbAtfrS1VkO6uxdQ76cQIql-iRH4UGNgOqgjinVOsRrCQPaeh4LnPAWCLrbHc_I-db3_OL62Mds6QOIx2zUKdrH1IdLRN0rlmHMpOAmLP0n-2wkwG8RL_GxU7cwcp69KMi7KDFTiUgiei3uNyJHMI2AXLuBc4Sb-aT3K_s_CwbfERZKdY99cKpnmyU3wpFSWKubCnNmUjzBkW_GLX31tO1PWjUBnRPlFyMG0M_uN2Y-ZXkhR26Y4anRTR9HOU1z919e4cnrIs-Mjz6vWnpMdmPRG9zzA6Z_uHGP_bOOIy4elvpmiEaGjiQTze-g2mS2Gx5Cmtk
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F618 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByveQ3ymgZYmiDI2Qrr4PpeijkAYAAAAAOAHgBAI&bg=!Q0ClQA_NAAaumcC-jpk7ADQBe5WfONlKjknRWuYTSWMRDUQBS8iBz7lOIVmSwVdyreF6zv5-bYFJ441kAQtzap1u-W51AgAAAvdSAAAAA2gBB5kDB_zakcaS96jgnFF_qQqDwVm4MIgMrgc54ftm8ACBYApZvRVGGe35IM64ZurJnuN8zgqcYb9GGrnpAIoZgqBE3EEgWLb-OWLnio6fIhyjj1Xi1yo-vGk0F7UdveECkXcWE1l9GGaPLWt0MJsJtn3uuxTplvzwLr-IQh1nfljsI5AscN-z_HhQ_Y7w_cReJGzrdq8JfoisXUhpNKCMOKQcrK6-RNa0VmOSWpqiwJ9oT7WOq8whs1ASPsQ1ylYU5YfMoDDJJx8uP6AAUpfIj1OzHpu96SVlxFNGa98AqCUcG4KUPzte4qRYR_UehM4aPiXahKeZgPynxM6B39kCqUdIALvnRiV8bW_Dd5EZlD_jhd2-adC_LJwvUy0AqqG1w5T28qMgX1PGfHoKV0t9hqVwcA4kieSwtoO312oMiKd8nPo3y-J8Y2ApwLLisg6IZF2HpmPJwTHltRS-ZPHqQJLEFA53RM24U0smPVky83qb2zuGjyoqtWK08MMtH2VUF0IkCkPtfowEC1wuBuTOUdbGLJzqGpy-4VPvbUH85RXS3a5wLRBf3GG9qQFPafsygII49knvF3VnhDNlXKMLE92UTV_RwqUMWjCgk8-h1uNHATy91sywSQotGwpxjxTgo-YhlsG3mAmFEqAPvxqOSfllV9hZMSuw4Lio8xTYZnrTwPTqw-cB5HW80d9_EWt-rRI7fxn8yd52LwZ7p-RvEvzAjNPEiJClGnt91RcqWMommd75cGdEkkFuZZXQajDH3433INBxIYWOQQHWOSuuU4LvUwXfVjnfSUAWgYJM-PRa8KUBWYAZeP5Kw8XK2PUnYjYYmjOt_GasyAVTV2SKw4FkeRTck0Lpbsj6CvQ1Yi2iZbINLKnS0maEbUQAe0qcrYQ5ssAlSSCIRCntZSiCPX06e6kWFQirZp1S0vVY_JG5LRD_iSaxJlRwnZJEdohQF43PVljjddeH1G0VpiWQ3sQ6xsCRZPSm3uGEZQCaannm1ucdDXhC6v_AKv8_U93Nb7mVJmY6CmoOlf4
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E02E 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 846B
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:56:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
pm
match.prod.bidr.io/cookie-sync/ Frame 7BDE 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 33B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7793210899005664620&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7793210899005664620&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
faa2be46-9638-4d08-86a6-6727da1f9750
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:20 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7793210899005664620&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame D376 		0
0
141
match.deepintent.com/usersync/ Frame 177C 		0
0
/
a.clickcertain.com/px/img/bidswitch/ Frame 5C23
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 40CE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame F715
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dbHm8zTB1RnZac5&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dbHm8zTB1RnZac5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jan 2024 17:48:19 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dbHm8zTB1RnZac5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0e7b857660c2c5cae@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CFE9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 11 Jan 2024 17:48:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 3022 		0
0
cm-notify
creativecdn.com/ Frame ECF9 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 7CBF 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:17 GMT
expires
Thu, 11 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
417312
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
cm
p.rfihub.com/ Frame 9D57 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 3041 		0
0
i.match
a.tribalfusion.com/ Frame 9D54 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame ACF5
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582884
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582884
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582884
us
capi.connatix.com/core/ Frame 10FF 		0
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=2&UserId=46a0c9ae7afa44739d3ed7a9bacd8f25&DemandPartnerName=Pubmatic&tier=2&DemandPartnerUserId=009A3FEC-B73C-4EC7-A044-95E0090D878D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
843efd60ad2d7118-YYZ
content-length
0
content-type
application/json
date
Thu, 11 Jan 2024 17:48:17 GMT
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C4ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AJo_7Lc8TsegRJXgCQ2HjQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122246
accept-ranges
bytes
content-length
5622
expires
Sat, 13 Jan 2024 03:45:43 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C4ED
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=009A3FEC-B73C-4EC7-A044-95E0090D878D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=009A3FEC-B73C-4EC7-A044-95E0090D878D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
date
Thu, 11 Jan 2024 17:48:26 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame C4ED 		0
0
xuid
eb2.3lift.com/ Frame C4ED 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDA5QTNGRUMtQjczQy00RUM3LUEwNDQtOTVFMDA5MEQ4NzhE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLKNLRNIoMiKa9CR4D0xRE&google_cver=1
0
0
Pug
image2.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:322EA64EEBF542918DEB5120DC7B8982
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:16 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
date
Thu, 11 Jan 2024 17:48:17 GMT
server
Kestrel
content-length
355
009A3FEC-B73C-4EC7-A044-95E0090D878D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C4ED 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/009A3FEC-B73C-4EC7-A044-95E0090D878D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.192.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-192-137.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:56:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
date
Thu, 11 Jan 2024 17:48:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
sync.ipredictive.com/d/sync/cookie/ Frame C4ED 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=50d3b56eb86604f8&is_secure=true&networkId=17100&version=1&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABw-5zBrIYtQNihm9aAAAAAAA&expiration=1705081701&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&...
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABw-5zBrIYtQNihm9aAAAAAAA&expiration=1705081701&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:20 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABw-5zBrIYtQNihm9aAAAAAAA&expiration=1705081701&nuid=009A3FEC-B73C-4EC7-A044-95E0090D878D&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C4ED 		0
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame C4ED 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:16 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame C4ED 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C4ED
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4138458503621837899
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4138458503621837899
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:52:50 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4138458503621837899
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLKNLRNIoMiKa9CR4D0xRE&google_cver=1
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8655C5B6C3374A6381394AEA34A93C41
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:16 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=138f948b-8a30-4e0d-950b-1c32400031db&gdpr=0&gdpr_consent=
date
Thu, 11 Jan 2024 17:48:17 GMT
server
Kestrel
content-length
355
dcm
s.amazon-adsystem.com/ Frame 4367 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 36C1
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:54:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=9af340be-b0a9-11ee-b4f5-5307866aad86
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
pm
match.prod.bidr.io/cookie-sync/ Frame 35FE 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5487
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1442814614381177322&gdpr=0&gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1442814614381177322&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
3a5a2571-6727-4a1e-bf6a-dc7cb20d1e0e
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:20 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1442814614381177322&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 54BD 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame AB2B 		0
0
141
match.deepintent.com/usersync/ Frame F035 		0
0
cm
p.rfihub.com/ Frame 3D51
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame F895
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 54BD 		0
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 54BD 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7BF7
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Kc9avzQX1RnZac5&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Kc9avzQX1RnZac5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jan 2024 17:48:19 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Kc9avzQX1RnZac5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-018d8674c90e0d64a@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7015515884507246864&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 12DE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 11 Jan 2024 17:48:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MuQSxz7cX3h97_2who1Td1YwD50&gdpr=0&gdpr_consent=
sn.ashx
pmp.mxptint.net/ Frame 54BD 		0
0
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 3D05 		0
0
cm-notify
creativecdn.com/ Frame 5D99 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 8527 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 17:48:17 GMT
expires
Thu, 11 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
245009
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
cm
p.rfihub.com/ Frame 08E9 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 0F92 		0
0
i.match
a.tribalfusion.com/ Frame 71B8 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7744353088706261032
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7744353088706261032
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:52:48 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7744353088706261032
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2916
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582904
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582904
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875782582904
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 54BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8_vDIEXcQ225zZIKfYRnJQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122246
accept-ranges
bytes
content-length
5622
expires
Sat, 13 Jan 2024 03:45:43 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 54BD
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=F3FBC320-45DC-436D-B9CD-920A7D846725
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=F3FBC320-45DC-436D-B9CD-920A7D846725
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
date
Thu, 11 Jan 2024 17:48:26 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 54BD 		0
0
xuid
eb2.3lift.com/ Frame 54BD 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=F3FBC320-45DC-436D-B9CD-920A7D846725&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 17:48:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjNGQkMzMjAtNDVEQy00MzZELUI5Q0QtOTIwQTdEODQ2NzI1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
F3FBC320-45DC-436D-B9CD-920A7D846725
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 54BD 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F3FBC320-45DC-436D-B9CD-920A7D846725?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.192.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-192-137.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F3FBC320-45DC-436D-B9CD-920A7D846725&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F3FBC320-45DC-436D-B9CD-920A7D846725&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-074hrDtE2uVnKbSWlLxKf7r1ZuUv6QA-~A&gdpr=0
date
Thu, 11 Jan 2024 17:48:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=77f076d519ef2338&is_secure=true&networkId=17100&version=1&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMu6QcsR2PeQMBdximAAAAAAA&expiration=1705081701&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&...
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMu6QcsR2PeQMBdximAAAAAAA&expiration=1705081701&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:21 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMu6QcsR2PeQMBdximAAAAAAA&expiration=1705081701&nuid=F3FBC320-45DC-436D-B9CD-920A7D846725&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dcm
s.amazon-adsystem.com/ Frame 73A3 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 73A3
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZaAp4OT30KaT8BN13UvvzwAA%263838&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZaAp4OT30KaT8BN13UvvzwAA%263838&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8ad416282bd147698fe3c5a11940e4bc
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:22 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
599654
expires
Thu, 11 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Thu, 11 Jan 2024 17:48:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
10
usermatchredir
ssum-sec.casalemedia.com/ Frame 73A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLSNTJlTsrx9pQNJanS7VM&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLSNTJlTsrx9pQNJanS7VM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vU0mxYQS8VzCgC%2BYjF94c4b4xrHv%2FUMLZzMHRW3nkhxbrwBwMDyY%2FLr4HZ9HYPUKdP5hneMshtlLEMqb1PvPPCAIVaNublofT7PfVTEkn1jvlETQfp34ES0sSjYNmzCH4792DfnKTCXsAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd619bcea211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMLSNTJlTsrx9pQNJanS7VM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 73A3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db&expiration=1707587297&gdpr=0&gdpr_consent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db&expiration=1707587297&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opRRWfixCJhsZkFZ546veTSAG2TfQUV5iUia78ih0LCkuysv%2FhfdDHqC8Q3837jbbikL%2B9aceCZYYyRiqXzpID%2BkZWeqJMFg8zDspoJM8hIGAMBhh7XukcuIz0AolF0OfA%2BRvj6nkjsKaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd622cd0a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db&expiration=1707587297&gdpr=0&gdpr_consent=
date
Thu, 11 Jan 2024 17:48:17 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 73A3
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zRitLCQL0LUh1by2WHp1kLRUo1TgcWodMufbcnvs2%2FFL1NymMWtMKyFJErnV96sHGotVUzlQljRT4%2Bbpm31i%2Fm65vNldzolb2U1ibjKmD3cdgsKu0lfoonyRu2Fm6%2Bf2Wa2wKVsnQYiEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd767d79a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 73A3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YML5kxHZ1RnZac5
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YML5kxHZ1RnZac5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EfG1vJvTAC5dMeou%2FgEAZCujO9uhnFqfd0LfEgOxX7uYq36n1VFbGFzAcJ%2BSbXyVED8B%2BXRiT7XTcXh6ZxKWq5tr8SIoyJ9La4cWqJl6Zq78scxGYccTl1JjhWhbD%2B6yyHSRYg2bbLtmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd756bcba211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:20 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0427c28202f3087d4@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YML5kxHZ1RnZac5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
s.company-target.com/s/ Frame 73A3 		0
0
crum
dsum-sec.casalemedia.com/ Frame 73A3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4138458503621837899&expiration=1706204897
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4138458503621837899&expiration=1706204897
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOAWAEA5fHEmnt1d1kWKUdn9d%2Bzo6MzaK4bbKSvYByjaWzZgLnlqRJdv41GchYkYw0Eljz4LuaU7cnvnIgxUUWlExTJZM2tcwnbqcgxxMHbEJCELYw07Dtsg3%2FEWcwGtIOOb95IpzHGTEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd63bf61a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4138458503621837899&expiration=1706204897
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 73A3 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZaAp4OT30KaT8BN13UvvzwAA%263838
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:18 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
240
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
843efd678b8f3972-YYZ
content-length
43
expires
Thu, 11 Jan 2024 21:48:18 GMT
truncated
/ Frame 776E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df6e516e80929d2585f278be25c28d8e848940c31aa628930fbfe91a5a25b767

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A44 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BK8Ah3ymgZbWVDtyfoPwPpd63CAAAAAA4AeAEAg&bg=!CgmlCUbNAAZ1R9vHVUc7ADQBe5WfODBaVqxBxAfL4cicL-lETAbrZ7NHSmq6AM2Lma52iSf4hOG2LtZka1o4EXuwCzclAgAAAwRSAAAABWgBB5kDGoUHdE_0IwBWah3F3lnxiANMzW1t2KP-SttkL71lTIzsQtojIEgjwnJIE5N90kOKB-A-GqDCPS_83Xbe7wPf_rUpHvWB8eAcMFshIZSAROu0QSWilBDI2APrhVB-KK2AwVwCut8vlvMmf6EeVeJVskDTE8l5SQ_SbDrcdLsvoM_8USaUjc9a4OF0_qjHEZDKK2w0nwZd0YExfmCzT72gSN1KQNpUfzzah6NQGjiAYa4LyB1IekBuc-eMylJ7Cyzyc1wuen5TTnmu0XKMB_gy-Z5bHN9zAL3eXOdwk3RplSJ57G7t2Wb03Ws9So2FtAENzpCAysyXSMBBu7FFuRCZFIMqqsjCqaZ8ygMBIxmLAUWkKr5SkVncOa0aYZ4rAjbLtVAG7krnGS9PH02IdxMXJ8n0pLku0x4bfYFPlB-X5PTs-AwXcpuZ3hbxWiUIEyaQ9KaSY2Dhjhv2nbOYGjOqsR-jqr05aBdh5XAMdntbj_96Da6cSckFZR__XKTrSU9iEn6lf2hC7WHN5mux8XBOSmguO0yhp_rHTz78EIVsoA-y1Sa5OB-YE1g3FIbVAmsd1Y1uIWkzwlem8l96I1mJ78kVfB_gbijdKvuO-06jph8gXXx_R_d0UKT06KBrzxXjMxtadeUY5S0_bpStnNJ9ckUaa_ibVMDYfPQ0qvCR7GBUe50uanOqnIzIfRTfVopl-1nVVyaWZhRytdchuTBZ1KX06qfJdRjuhCYqS1tifH7KNMIwFpqZzOgidlLDt3QqdE4dKLLlxDm7ek5_RhinutAIvVDpSSBBn3u4Yiv1_UMe9SoOtIFJa2qR4aw5Ulpzth123-nA_-gH5gyshUAKiXftPb82z1aGNb4hLzSghp9EmsL6-xTaF-BdVkEXRqQgjW4_49pAxhJfpH5eRLJTzcl6zwoIoH7O6hDKvB8Z0DJwz8GmUhyX0p6CWd_LoC1z6P6mgYRudSDVkErQcGF5xPRttxsfKPsVU1g-WJvHUz4Y0d9iaQkIEQP-heDlKEGqPctQFUQeItxkEQuUIGjJMqda7PvNdN1QAeyN
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 776E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssv9yDkeOwrNIVgHFvLQFoC2LcGnCqGAtFSsaUPSAURlCVEfg0FzVsr_PfsoFqtEi7Xz5XklMiOevPridlx6EfAcX6WFuJCDQgvni7sE-bQkY12hgPBoqYcBcqxjt9GPBMni7ZnqxMWavR5EZ_SGx-jrZQDYCae9XQTRijrWCbn1mDzRXrJDw&sai=AMfl-YTjxMkH9mYitwPRWjx63PBl-fXRu0nhtiRgxTSotnByZhxp-jd0-iD0o6vJ8CljD5A47TQsfgmbmnBV_JaU7Z73aFSV4csmxery9g&sig=Cg0ArKJSzKjn-mmx0f97EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=279&vt=11&dtpt=277&dett=2&cstd=0&cisv=r20240109.42363&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=99.292;sz=300x600;u_sd=1;dc_adk=4272585447;ord=nbj4o8;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F$0;xdt=0;crlt=ZEDbP_*vyw;stc=1;chaa=1;sttr=183;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9A93 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
34530
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 08:12:47 GMT
expires
Fri, 10 Jan 2025 08:12:47 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bounce
ib.adnxs.com/ Frame 9D3A
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
89d7ec35-5778-422f-9d6f-101803d5a8a6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
059a7553-4429-4f65-be37-09231b141f99
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
TDGraphik-Semilight.woff
s0.2mdn.net/sadbundle/17933141011844227161/ Frame BCDD 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17933141011844227161/TDGraphik-Semilight.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
6bb2b288adf345540fd86820671236f035ab935c4937f2a255d424b7b211147d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 12:40:16 GMT
date
Wed, 10 Jan 2024 12:40:16 GMT
x-content-type-options
nosniff
age
104881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54220
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 17:04:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
TDGraphik-Bold.woff
s0.2mdn.net/sadbundle/17933141011844227161/ Frame BCDD 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17933141011844227161/TDGraphik-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f149.1e100.net
Software
sffe /
Resource Hash
ce70a83af3123d8f4d0614092cd54233ff4569d638e6c94d7cc3a3e767c30ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17933141011844227161/index.html?e=69&leftOffset=0&topOffset=0&c=lQzc1ilJsq&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 11:02:45 GMT
date
Tue, 09 Jan 2024 11:02:45 GMT
x-content-type-options
nosniff
age
197132
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57372
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 17:04:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
visit.js
tps.doubleverify.com/ Frame 750C 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=275&ttfrms=29&brid=3&brver=120.0.6099.216&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTau_d%60g55%604e2_eea2c6hdad%60c3e3__dgh5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2187&ddur=34&uid=1704995297582130&jsCallback=dvCallback_1704995297583864&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5226&tgjsver=5226&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=25&brh=2&dvp_epl=255&noc=4&nav_pltfrm=Win32&ctx=11556288&cmp=30582322&sid=2742014&plc=377163690&crt=196414079&btreg=569047290&btadsrv=doubleclick&adsrv=1&advid=5673126&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=3769125475.562363&ee_dp_sukv=3769125475.562363&dvp_tukv=1121518104287.696&ee_dp_tukv=1121518104287.696&dvp_strhd=0.6000003814697266&dvpx_strhd=0.6000003814697266&dvp_tuid=119007063857&jurtd=3011744494
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5226.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
a0fdd69e7dedeaa9eaff455125ca38f2f374a2e6829c94422f8e1457a8b905a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:18 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/10/2024 17:48:18
ImgSync
image8.pubmatic.com/AdServer/ Frame 2B50 		0
0
pixel
cm.g.doubleclick.net/ Frame 2B50 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkVGN2FxcW5uN3F4ck9vcXdYRFk=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 2B50
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LR9I6ECV-6-CY2O
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LR9I6ECV-6-CY2O
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.204.91.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-91-144.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LR9I6ECV-6-CY2O
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 2B50
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=VEF7aqqnn7qxrOoqwXDY
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=VEF7aqqnn7qxrOoqwXDY
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=138f948b-8a30-4e0d-950b-1c32400031db&ttd_puid=5e7dc5a8-b403-4def-beab-c9401343ad17%2C%2C
date
Thu, 11 Jan 2024 17:48:26 GMT
server
Kestrel
content-length
359
sync
ads.yieldmo.com/v000/ Frame 2B50
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VEF7aqqnn7qxrOoqwXDY
  • https://ads.yieldmo.com/v000/sync?tdid=138f948b-8a30-4e0d-950b-1c32400031db
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=138f948b-8a30-4e0d-950b-1c32400031db
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
52.204.91.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-91-144.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=138f948b-8a30-4e0d-950b-1c32400031db
date
Thu, 11 Jan 2024 17:48:17 GMT
server
Kestrel
content-length
181
sodar
pagead2.googlesyndication.com/getconfig/ Frame BCDD 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
aa26788f5136afe887c8047296a3ff023762940af75f73d0b565e9499d47d258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5866
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 092B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuprhkb-K3hddkAuHWRYWukIX5DxIqSRF1Fo3JOovXTygP93hM0PQTVJYUAcY9Fk1qcatzbPjMd0z4OXf9GGLIfBWYLPdGWgLMcFNnmt0hjbEAFo7PGD-9hF7yQTPCPjfdvCAsGpC2Di9qHf5wvN-85uSKYn7v26_0WSU3KkiRljFwJC6FnIKTfEZ1UmekByehb_5ogr8dzkJ31ctRn2_Ek66s_NyEgHv3eOp2EboGg5g&sai=AMfl-YScOCXJRpN2q7rYcYmpZ9FpuDWCCT27xs5pkLIjBv4JwNby4QXYiC-TEq6QukkTuaTlJZkvWu9n35Ra3fIsicW_EK2q5ybmzB81_NBlTfLRazAUKA6_0dj75eYKkVPtXL1UGbFe6Vg0ngqIzZsRLKsfGw&sig=Cg0ArKJSzLziQkLfYfEeEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly90ZC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1282&vt=11&dtpt=908&dett=3&cstd=363&cisv=r20240108.66974&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BCDD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Jan 2024 17:48:17 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 73BF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf0781b1cbcbf720404b2d19c3cf4691110436717a2441ec673ec8c86961ded

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
843efd63bf67a211-YYZ
content-encoding
br
content-type
text/html
date
Thu, 11 Jan 2024 17:48:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCCLB6h1lQVbRukZgvimBBvKgoB4Q2O4Ajn3jHtkkw3lguAbx3d3wxm7vgovzhfKvbcR5iDzbLBoxQXkty2Js%2FdVaP5vTa3vpaU15NUbEDLlG%2FO9Iuq%2FvD8i30sXVAXsmUskKreO2j0ZrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 9A93 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:28:00 GMT
us
capi.connatix.com/core/ Frame 8EA9 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd638f8f39f5-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 144C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:28:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je4180v878037826&_p=1704995291466&gcd=11l1l1l1l1&dma=0&cid=1419357324.1704995292&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1704995291&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&dt=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&_s=2&tfd=6971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 73BF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9107686382435366279
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9107686382435366279
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJVSRja%2BFdx63GKwyQDG6%2Fle%2BflsdL%2B5R%2FozpikKBkJ7wV2hZR53u5npcXe3%2FCErCOr8fSW9seguAcgHL5kbSpepQJbDnkduzEGqXoqT4VzuXgAo184K4RiiS8G42%2FAKvx46EIlXZ7ZpeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efda6caa8a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
an-x-request-uuid
a6359158-8b86-4989-98a8-e63f29e73c99
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=9107686382435366279
x-proxy-origin
86.48.15.157; 86.48.15.157; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 73BF 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.192.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-192-137.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 73BF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
44.215.192.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-192-137.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB
date
Thu, 11 Jan 2024 17:48:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame 73BF 		0
0
crum
dsum-sec.casalemedia.com/ Frame 73BF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CFE6577F4E63416F8D5515A5B968D3A7
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CFE6577F4E63416F8D5515A5B968D3A7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nCrebmh4B0iJcdcKCmIzT9FW%2ByMEKLQeRJBPnmi5mtQrk5svM%2B0gQnCHh%2F7Q3PyXj8I75N9uMrwQ0z9fw0qQDdPC2aU6%2FGAyaZpgJRPMUJH%2B1eiZqk2BqdICbaKyyqZXv%2BPMW80OqI7Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efda0b90fa211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 11 Jan 2024 17:48:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CFE6577F4E63416F8D5515A5B968D3A7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 10 Jan 2024 17:48:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 73BF
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9af340be-b0a9-11ee-b4f5-5307866aad86
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9af340be-b0a9-11ee-b4f5-5307866aad86
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5wutz1%2FcxObeQXE65Fr6Z7sorYxb%2FZxuvkqlF7Mcmm442CnbXnIyHgGgAGsthv51XjScNAfRQgsj8dJPE%2BiNYSOeytzzTZL1Z%2Fo8IKq0pIhH%2FnnMwKh5I%2BAyHtddEdYPAkpOZKC0ozJXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd6b8b49a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:19 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=9af340be-b0a9-11ee-b4f5-5307866aad86
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-7
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
ssbsync.smartadserver.com/api/ Frame 73BF 		0
0
setuid
s2s.t13.io/ Frame 73BF 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=ZaAp4OT30KaT8BN13UvvzwAA%263838
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:18 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 9DF3
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1cbbcdce-331f-4816-9363-5122770f6354&expiration=1712857698
43 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1cbbcdce-331f-4816-9363-5122770f6354&expiration=1712857698
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
843efd66ec35a211-YYZ
content-length
43
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDLqjWYtruOuBEhUxHRdtlFTEi%2Fo09x9CzWQ5%2F2%2BzEucunrN3%2FslJefbrno6oXwbkR8SW6%2FMRtfgYQlbq66KA0i3pmj7WEu2ffLugAUjHOu6i90s%2FtQQzRXDUK0AGFw9bZ9uZNL28DFBxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Thu, 11 Jan 2024 17:48:18 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=1cbbcdce-331f-4816-9363-5122770f6354&expiration=1712857698
/
cdn.doubleverify.com/redirect/ Frame 750C 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A93 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BloNY4CmgZZKWNPyUoPMP5pCd8A0AAAAAOAHgBAI&bg=!mJulm9TNAAaumcC-jpk7ADQBe5WfOBw8CHi-NlrT6xxYGAy95NL3tRjU0LObr6MiJHzTAScaNeJuZyP6_2qMekdh4vQCAgAAAURSAAAABGgBBwoAKzDxVzuI-8etxhYuiuB4-DxSev65e2qjjEecWuGKQNKkrFk58sq5NmiwabuZAtcHE4yl7oPhjIzv2xYPC4ciUDlr62PmtGjgLriz1XggocBelzg78zAla3Joi9uR7fx9Aw6qlJC3ohCLrRVUBFvTLxqU0eSK7p_PtVGnauKw9Yj-kafj3IFs8fNuzXTQOcXHBZwnKeLAIA_iOPtt6wlsBrCQ8mkkOQmK1FPvgIKIGbpoezCnU0LWKHTuNGCiAQQno3GERm7WJno0T2O8kWGZFe00Vb9jTQLwoQRQe_VbI264JxZ0CLCjm5Ho4T6eglS235qLj56MHfRTEG1AYqBmL4Iu9qcRv2Axl7lgAyb2GJTzI97rY7i25qHQAkQgHXXAWeZYghI2reAE7_kl4BPEACtmsd__9kiVP23ENqMZa964cBHYBA_za9RTOPlDivUAcPsQBLO6AmqC81zqrfjJU2z_E09lw9RtouIO9yC6FevEDdVNKg5L_0_BozHV8hNsxADIJz0mP4iQMSuiU865iQWbWIU1Ur_D_txms1bfzWMhJXrrFJUYvPh1AZnDS8qJLa8iUODRhVup-W9RVnU2H9Mpt5KXZP_In4aoyF8Dwqih2SM2gQXhNsdU96pQn06NhVStYNNAU6U370woIfUgqCGJtSq52SVBFWcgLkvhsdp20yC7LVuqcIVTXjwIKDdWz6hJFwW6jozsw12AYuRsEzu1a-yl19nWaGrwsjDmLFzIceA_5jfsF1ZCoE1Fv-6T13k8YAKUSzkEplLCxrQodjRQax4BIJbpA-F4Maypp_RUgzJgpbEQQHUY6vvhaREhH1VazUzZv4wx2-IG6xpqjVxSKG9U02QGGUIMoruE2blgaIkK6hupRUWSvJAXl2GvLJacbJRUxQGuBDxOxk_zSeyYeWyqy4e1jG7ER_HcpIGHJ2PdUNHqxWmbnD5cZiV1AUsV6u8sUkoZYz46dKlJtvA21hVBdveX9iEOgtDw7uJ_1IXFLJAPO8W9VM5vuijUeClKhH1D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 9D3A
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
f4b346d5-1dc0-4370-baa0-7692f7cfcde1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
an-x-request-uuid
460bc4fc-29ce-4072-92b7-88fc592cf8d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 654D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190b4aa4ed57e68734a92c054a55bd4689bc2a0d0c225adfb9b2244ab55f3543

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
843efd67fdeaa211-YYZ
content-encoding
br
content-type
text/html
date
Thu, 11 Jan 2024 17:48:18 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7X8ovI8U8JmByFY4MWVFLiBishtWHNz7lixI3HXBWIIRc%2FhMpn6SHnzyqZg99Zk5AC945AtwzkhQMwsbc0rB3j1VPjYHzLM13GajCgzU8Zkd6McqJ%2FEo%2FiPCxcRsVmo2HXiuF77zhjSwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
p-Z8PuJEk6U7Hyq.gif
cms.quantserve.com/pixel/ Frame 654D 		0
0
user-registering
ads.stickyadstv.com/ Frame 654D 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:30 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704995310639062-1172
rum
dsum.casalemedia.com/ Frame 654D
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=5d190c386dfa2338&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMu6QcsR2QGAMfYL57AAAAAAA&expiration=1705081707&is_secure=true
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMu6QcsR2QGAMfYL57AAAAAAA&expiration=1705081707&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH%2FE30R%2FbeW2PTGcLqJZGAzNKeFh32T6t5NiYg3nn1j18XxfS7cKI0EPh0Dcx1AIdOZUNq%2Bb%2BHRgR%2BNzg1dp0EymCdHRFXje2d2I%2FFmcwZViQPFf%2FkW%2FKEbTw4MChHL2rWeGC%2BTR"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd9fdf717117-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMu6QcsR2QGAMfYL57AAAAAAA&expiration=1705081707&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cs
ad.turn.com/r/ Frame 654D 		0
0
cm-notify
creativecdn.com/ Frame 654D 		0
0
crum
dsum-sec.casalemedia.com/ Frame 654D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=388b65a0-29ea-4200-b8b7-81ea8f58fb38&gdpr=&gdpr_consent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=388b65a0-29ea-4200-b8b7-81ea8f58fb38&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX1Kg8V0KwTGrjFMvVKofnntdz5m7IiQydfbz4lQ4L7X1Qgj9WvB%2B2HT%2BcYn5Ax0EVn7fswVoeRUeztvV3NJsLhmYX6ACL5nv5pM%2F0RE6AdIjYTAbqoG3%2Fm5Fo4fEhXqUMA6bHG4UeTUCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd96a9c8a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Thu, 11 Jan 2024 17:48:26 GMT
Server
MT3 1237 600843f master iad iad-pixel-x22 config_version:"289"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=388b65a0-29ea-4200-b8b7-81ea8f58fb38&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 11 Jan 2024 17:48:25 GMT
crum
dsum-sec.casalemedia.com/ Frame 654D
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gto4wBeR%2FOtsnn3YvOrydKmGr4fCMgofS4YCX2nidmz%2Fq7OJm8Lypuid1bqayBr2wX7Vc3G6ifDn1fLUb%2BYl5JmktIW%2Fm4npBJWVq7IC%2FH7YcTKc9DHMpgHaxmki4Rl1FCTJy8ngSHApA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
843efd767d76a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=847de9649502473087472d6b04e61a4a&expiration=1707587300
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 654D 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 654D 		0
0
wt
polarcdn-pentos.com/ Frame 9B18 		3 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-pentos.com/wt?e=3&n=3&p=UNKNOWN&s=1&u=3fe9b7c1-630b-4566-bac6-28f65d38233d&v=1%2F7daea8b&w=1.240.0&y=w&z=v1.7.10&pas=asa-web-dv360&pag1=default&pag2=default&padva=ABAjH0h850gs7kTrsUuR8lQYfFsF&padvg=20708194792&padvc=544085116&padve=9&padvio=1014570801&padvis=OX-XPT-wCfpC6&padvp=9&padvu=101267032151&pae=w&pai=3d636&d=www.bleepingcomputer.com&l=Fallback+rule+for+542600f1d4ae43b888941379b5a435e2.&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&pecy=CA&c=514feb494cd645919de70c0b26822d2b&t=i&pasp=542600f1d4ae43b888941379b5a435e2&papss=f&pvhref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&_=1704995295309
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.201.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:19 GMT
cf-cache-status
HIT
x-amz-request-id
BCKH6MDD34K69T0B
age
41921
content-length
3
x-amz-id-2
0tILuTDSZc2gfMj5mhQLlYWErXvHlVHYh+9S3pHQHZ8h1I/b/f7L3ZN5qdBKdHuhdfzU1j/7gg4=
last-modified
Mon, 31 May 2021 19:44:05 GMT
server
cloudflare
etag
"28e4477bb454eb35226fe56082545e13"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
843efd6fedf239f2-YYZ
moatad.js
z.moatads.com/polar822lQSh10/ Frame 9B18 		0
0
wt
polarcdn-pentos.com/ Frame 8101 		3 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-pentos.com/wt?e=4&n=3&p=UNKNOWN&s=1&u=3fe9b7c1-630b-4566-bac6-28f65d38233d&v=1%2F7daea8b&w=1.240.0&y=w&z=v1.7.10&pas=asa-web-dv360&pag1=default&pag2=default&padva=ABAjH0isiA8BjxPSvsaekzrmh-Oj&padvg=20704411829&padvc=544083922&padve=6&padvio=1014570801&padvis=&padvp=6&padvu=101267032151&pae=w&pai=ca4e9&d=www.bleepingcomputer.com&l=Fallback+rule+for+542600f1d4ae43b888941379b5a435e2.&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&pecy=CA&c=908eed724b1449b1b2f1b945d02abdd1&t=i&pasp=542600f1d4ae43b888941379b5a435e2&papss=f&pvhref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&_=1704995295643
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.201.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:19 GMT
cf-cache-status
HIT
x-amz-request-id
BCKH6MDD34K69T0B
age
41921
content-length
3
x-amz-id-2
0tILuTDSZc2gfMj5mhQLlYWErXvHlVHYh+9S3pHQHZ8h1I/b/f7L3ZN5qdBKdHuhdfzU1j/7gg4=
last-modified
Mon, 31 May 2021 19:44:05 GMT
server
cloudflare
etag
"28e4477bb454eb35226fe56082545e13"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
843efd6fedf439f2-YYZ
moatad.js
z.moatads.com/polar822lQSh10/ Frame 8101 		0
0
deck.js
static.polarcdn.com/deck/ Frame 8009 		477 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.polarcdn.com/deck/deck.js
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.119.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9eed05d0b640cd38adcf8a775824bf08b71b813f0f8784031c0a98da958d32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:26 GMT
content-encoding
gzip
via
1.1 varnish
cf-cache-status
HIT
age
8948
content-length
137007
last-modified
Wed, 10 Jan 2024 21:19:10 GMT
server
cloudflare
etag
W/"659f09ce-774dc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
CF-IPCountry
cache-control
max-age=10800
access-control-allow-credentials
true
x-varnish
1925706926 1925654031
cf-ipcountry
CA
accept-ranges
bytes
cf-ray
843efd96caae5467-YYZ
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:02:40 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%2...
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3479968939030167000V10
86 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3479968939030167000V10
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:35 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 11 Jan 2024 17:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3479968939030167000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 11 Jan 2024 17:48:35 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3B1B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8986805&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ba0f53cd9c2d7edf40f8eab8d0ebdffc3792d2bbfbb8ef4e79426e8f45829fd8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame D72C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31523934&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
58ef34404e64bbb23aa99fda9f24d08fed30bcff3ab525be5cc2b1fba411232b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 7C76 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16181021&p=156696&s=269885&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b9925192c6187b115ed5c505921116fb64ff970c99231b56d6fca5867687ba8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 11 Jan 2024 17:48:22 GMT
content-length
1598
content-type
text/html; charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame C4ED 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156592&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 54BD 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:53:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B18 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTFbNaWupw_cW9Hwf56oqy8gTRSSDWCJvebbvAJRqHZQVTIJFvrdNZulW-XVt532MfKxZddPrIikJzBxwascSbobLLvQJ5fwjke6gEVxnoAxLLg7v8mE6hh7SHwp20fwDo_rozU3uuZs64FWraif7x26m1&sig=Cg0ArKJSzGa39kFU7Q9kEAE&id=lidar2&mcvt=1000&p=482,1341,522,1382&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1431339665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704995294711&rpt=802&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
isync
visitor.omnitagjs.com/visitor/ Frame 3B87 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
eb20c4389eac84df94fd376a45b22d02b81403729b15e626f0809b00ec6411b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1608
content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:19 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
setuid
s2s.t13.io/ Frame 3B87 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adyoulike&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=ea83a82bfd5e8fb40afa5f0518b77717
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:19 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor-usa02.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%252B-%252BBanner%252...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=8840859491470346474&gdpr=0&gdpr_consent=&gdpr=0&gdpr_c...
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=8840859491470346474&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
an-x-request-uuid
04378959-d562-46e7-a024-bc5b668f5ba8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=8840859491470346474&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
86.48.15.157; 86.48.15.157; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvisitor-usa02.omnitagjs.com%252Fvisitor%252Fsync%253Fname%253DXandr%252B%2525E2%252580%252593%252BInvest%252BDSP%2526ttl%253D720%2526...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=9107686382435366279&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=9107686382435366279&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
an-x-request-uuid
d756d89e-eaca-4791-b04e-ae36664af87f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=9107686382435366279&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
86.48.15.157; 86.48.15.157; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 3B87 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%26name%3DCRITEO%26visitor%3D%40%40CRITEO_USERID%40%40
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
196158
expires
Thu, 11 Jan 2024 00:00:00 GMT
cm-notify
creativecdn.com/ Frame 3B87 		0
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame 3B87 		0
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=ea83a82bfd5e8fb40afa5f0518b77717
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.162.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-162-29.mia3.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:21 GMT
via
1.1 f6f4782af042282825a7e9efc782df96.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MIA3-P3
x-amz-cf-id
M0N-mTrOMmxMtQATbe7gk97eU-7BnmhWl2b5_yU1VN7v0H-G0D0w1A==
x-cache
Miss from cloudfront
bidswitch
sync-dmp.mobtrakk.com/match/ Frame 3B87
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adyoulike&bsw=243ab276-5ae4-4fe2-ab14-44d4a1348492
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=adyoulike&bsw=243ab276-5ae4-4fe2-ab14-44d4a1348492&chk=1
0
0
aul
match.prod.bidr.io/cookie-sync/ Frame 3B87 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=138f948b-8a30-4e0d-950b-1c32400031db&name=THE_TRADE_DESK
0
0
sync
visitor.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55%20&gdpr_consent=null&gdpr=0
49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=b0cab3d8-2d2d-4827-ae69-ab2d0987cb55 &gdpr_consent=null&gdpr=0
date
Thu, 11 Jan 2024 17:48:23 GMT
server
_
content-length
0
/
b1sync.zemanta.com/usersync/adyoulike/ Frame 3B87 		0
0
/
b1sync.zemanta.com/usersync/adyoulike/ Frame 3B87 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 3B87 		0
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0622040020cf49b74725fd&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0622040020cf49b74725fd&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0622040020cf49b74725fd&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Thu, 11 Jan 2024 17:48:21 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-32e412c7-3edc-5f78-7def-fdb0868d5377$ip$86.48.15.157&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-32e412c7-3edc-5f78-7def-fdb0868d5377$ip$86.48.15.157&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:23 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-32e412c7-3edc-5f78-7def-fdb0868d5377$ip$86.48.15.157&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Thu, 11 Jan 2024 17:48:21 GMT
Connection
keep-alive
Content-Length
218
Content-Type
text/html; charset=utf-8
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_US...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=5ca428c9-85cf-440e-9b99-d27e793fd798&gdpr=0&gdpr_consent=
49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=5ca428c9-85cf-440e-9b99-d27e793fd798&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:24 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:24 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=5ca428c9-85cf-440e-9b99-d27e793fd798&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 3B87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1f0b40c19d084a74a891b7901b0efda3&gdpr=0&gdpr_consent=
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1f0b40c19d084a74a891b7901b0efda3&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

Date
Thu, 11 Jan 2024 17:48:26 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1f0b40c19d084a74a891b7901b0efda3&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixel
ap.lijit.com/ Frame 3B87 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 11 Jan 2024 17:48:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
711333.gif
id.rlcdn.com/ Frame 3B87 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 3B87
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=afa9d49b-c70e-426b-a900-dd582d537399&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
0
0
usync.html
eus.rubiconproject.com/ Frame 0947
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/usync/ Frame C630 		0
0
usync.html
eus.rubiconproject.com/ Frame 61AA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
0
0
/
de.tynt.com/deb/ Frame E6A7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26v...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
52b1559d2c6f9c0f52fe57d41567530adfa2ced71f77552ae176393a67497062

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2202
content-type
text/html
date
Thu, 11 Jan 2024 17:48:28 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 17:48:28 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8340000A
sync
ssbsync.smartadserver.com/api/ Frame 002C 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 54BD 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45059470&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
58ef34404e64bbb23aa99fda9f24d08fed30bcff3ab525be5cc2b1fba411232b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
de.tynt.com/deb/ Frame C24B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privac...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26g...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1d1dc2a2530f05dc7e17d01673aa22d76049c44cdd8fc0385b69edd7102b4918

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2167
content-type
text/html
date
Thu, 11 Jan 2024 17:48:27 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 17:48:28 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8340000A
event.png
tpsc-ue1.doubleverify.com/ Frame 750C 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=9d40a02776034a75be36a24640619527&flavor=0&gdpr=&gdpr_consent=&ee_dp_isom=1&ee_dp_cadl=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_tskt=ctdetms%2C278%2C9%3Biabletms%2C289%2C3%3Biadletms%2C293%2C0%3Biadcetms%2C293%2C1%3Bialeetms%2C294%2C1%3Bicifdetms%2C295%2C0%3Btsetms%2C257%2C32%3Bipvietms%2C273%2C3%3Bprvietms%2C257%2C30%3Bfvietms%2C287%2C2%3Bpovietms%2C289%2C0%3Bimaetms%2C278%2C11%3Biesuimestms%2C258%2C20%3Bsrbf%2C0%2C1%3Bal262144%2C319%2C1%3Bal65536%2C321%2C1%3Bal128%2C321%2C3%3Bundefined%2C325%2C0%3Bal8%2C325%2C0%3Bal256%2C325%2C167%3Bal262144%2C1321%2C2%3Bal65536%2C1324%2C0%3Bundefined%2C1325%2C1%3Bal262144%2C2323%2C1%3Bal65536%2C2328%2C0%3Bundefined%2C2329%2C1%3Bundefined%2C3329%2C1&ee_dp_asmm=1&vdur=644&eoid=26&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5226&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=34&tetms=12&msltms=157&vltms=644&sei=290&vetms=10&tuviims=304&tuviems=958&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2794&ismms=65&isumms=65&nvr=2&isgmmims=65&isgmv4mims=65&elmtp=1&isbxdms=2766&b0=2871&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&lftb=2871&sftb=2871&msrdp=2&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=64&dvp_dpr=1&vstsz=1001&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3678
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5226.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:21 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-10T17:48:21
PugMaster
image6.pubmatic.com/AdServer/ Frame 3B1B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61727217&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cea42459d5d020e032c183ffa51a8ee75e1cbd1155c06b064582c628de040f62

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 17:48:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
insights.bin
ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/59e9e597-f604-48fe-a820-4dfb58ab0659/ Frame 8EA9 		0
0
insights.bin
ins.connatix.com/737a22fc7c5afb523946183df66f63f4/ Frame 8EA9 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame FEAD
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame DC54
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:41:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 11 Jan 2024 17:48:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame F625
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4ed165a0-29ea-4700-bb4f-08ea52a9f0aa&gdpr=0&gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4ed165a0-29ea-4700-bb4f-08ea52a9f0aa&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:25 GMT
Expires
Thu, 11 Jan 2024 17:48:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x18 config_version:"289"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4ed165a0-29ea-4700-bb4f-08ea52a9f0aa&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E633
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-RMeC_llBMu0knnG6CmgZQ
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 117B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6221664910
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:23:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 11 Jan 2024 17:48:26 GMT
etag
RXccca562f4c954b60af7b70eceecab7c0005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame D897 		43 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 819C 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:23 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-6bba1104a071@version_1.581
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 4A70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:24 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 0F00
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:23462B3CBAF04524AD9AA3CE86103432&gdpr=0&gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:23462B3CBAF04524AD9AA3CE86103432&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 11 Jan 2024 17:48:27 GMT
expires
Wed, 10 Jan 2024 17:48:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:23462B3CBAF04524AD9AA3CE86103432&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 2462
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817042087204529&uid=Q758281704208720...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817042087204529
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817042087204529
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=78788
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 11 Jan 2024 17:48:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817042087204529
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
insync
thrtle.com/ Frame 54BD
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=46616087-0c0f-4688-be30-2e9b7418ccd7
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=46616087-0c0f-4688-be30-2e9b7418ccd7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
34.199.242.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-242-225.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 11 Jan 2024 17:48:29 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=46616087-0c0f-4688-be30-2e9b7418ccd7
date
Thu, 11 Jan 2024 17:48:29 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 54BD 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 54BD 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-34-250.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:24 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 54BD 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.191.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-191-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 54BD
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2fd0f783-1697-4859-bbd5-adc742a2c4ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2fd0f783-1697-4859-bbd5-adc742a2c4ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:26 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2fd0f783-1697-4859-bbd5-adc742a2c4ad&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 11 Jan 2024 17:48:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2998
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
insync
thrtle.com/ Frame 3B1B
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e59653d5-8a35-4c96-a109-9988975f2268
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e59653d5-8a35-4c96-a109-9988975f2268
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Server
34.199.242.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-242-225.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 11 Jan 2024 17:48:29 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e59653d5-8a35-4c96-a109-9988975f2268
date
Thu, 11 Jan 2024 17:48:29 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 3B1B 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 3B1B 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-34-250.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:24 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 3B1B 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.191.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-191-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:26 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EF89
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame FC72
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:52:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 11 Jan 2024 17:48:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 7325
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b1a65a0-29ea-4f00-9f66-cead3803449e&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b1a65a0-29ea-4f00-9f66-cead3803449e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:25 GMT
Expires
Thu, 11 Jan 2024 17:48:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x9 config_version:"289"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4b1a65a0-29ea-4f00-9f66-cead3803449e&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 93C7
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3faMmfx6ADmUE0p46CmgZQ
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame F4C0
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=249397562
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 11 Jan 2024 17:48:26 GMT
etag
RXccca562f4c954b60af7b70eceecab7c0005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame 947F 		43 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
pub
matching.truffle.bid/sync/ Frame 9873 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:24 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 98F6 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:24 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-07a073fd13bf@version_1.581
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame E864
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817051425115104&uid=Q758281705142511...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817051425115104
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817051425115104
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=78790
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 11 Jan 2024 17:48:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817051425115104
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 5F5D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7BD62B91F2D940F7840C91E37B722CEE&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7BD62B91F2D940F7840C91E37B722CEE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:54:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 11 Jan 2024 17:48:27 GMT
expires
Wed, 10 Jan 2024 17:48:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7BD62B91F2D940F7840C91E37B722CEE&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 3B1B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:abb3bad7-7728-4a3f-9c13-637241a3de83&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:abb3bad7-7728-4a3f-9c13-637241a3de83&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:25 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:abb3bad7-7728-4a3f-9c13-637241a3de83&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 11 Jan 2024 17:48:24 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
merge
ce.lijit.com/ Frame 41BC 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:22 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
Pug
image2.pubmatic.com/AdServer/ Frame E688
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E3F0
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 11 Jan 2024 17:48:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 2ABD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92e265a0-29e9-4500-8c51-497ee4e83fdb&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92e265a0-29e9-4500-8c51-497ee4e83fdb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:25 GMT
Expires
Thu, 11 Jan 2024 17:48:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x5 config_version:"289"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92e265a0-29e9-4500-8c51-497ee4e83fdb&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 50A5
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YTfzp79iB_2oQy096CmgZQ
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 73A6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2027425317
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 11 Jan 2024 17:48:26 GMT
etag
RXccca562f4c954b60af7b70eceecab7c0005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame 7D56 		43 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame CDEF 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:26 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-50677f0fb406@version_1.581
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 24BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:24 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 6A2F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2ACF2DB04BF94E848D798C75A4DD2C60&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2ACF2DB04BF94E848D798C75A4DD2C60&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:23:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 11 Jan 2024 17:48:27 GMT
expires
Wed, 10 Jan 2024 17:48:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2ACF2DB04BF94E848D798C75A4DD2C60&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ecc
px.owneriq.net/ Frame 1E49
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817051181789827&uid=Q758281705118178...
0
0
merge
ce.lijit.com/ Frame 67D3 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:22 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
insync
thrtle.com/ Frame D72C
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=8531ddff-aed5-4d92-b956-ee84a7deb16d
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=8531ddff-aed5-4d92-b956-ee84a7deb16d
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Server
34.199.242.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-242-225.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 11 Jan 2024 17:48:29 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=009A3FEC-B73C-4EC7-A044-95E0090D878D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=8531ddff-aed5-4d92-b956-ee84a7deb16d
date
Thu, 11 Jan 2024 17:48:29 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame D72C 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame D72C 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.34.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-34-250.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:24 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame D72C 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.191.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-191-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:26 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 45CA
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame A4D3
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 11 Jan 2024 17:48:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame CA7E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8dfd65a0-29e9-4800-b66d-7b5fb8fa6c49&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8dfd65a0-29e9-4800-b66d-7b5fb8fa6c49&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:52:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:25 GMT
Expires
Thu, 11 Jan 2024 17:48:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x23 config_version:"289"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8dfd65a0-29e9-4800-b66d-7b5fb8fa6c49&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 6C57
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O3nBDap-AJSuicTm6CmgZQ
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 65E4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2066450724
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:41:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 11 Jan 2024 17:48:26 GMT
etag
RXccca562f4c954b60af7b70eceecab7c0005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame 7537 		43 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame A6A5 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:26 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-16bd362fcbe0@version_1.581
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 3DD6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:24 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 5881
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EEF89568BE40E69630D5569492F6C0&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EEF89568BE40E69630D5569492F6C0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 11 Jan 2024 17:48:27 GMT
expires
Wed, 10 Jan 2024 17:48:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:07EEF89568BE40E69630D5569492F6C0&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 1DE7
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817062113318029&uid=Q758281706211331...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817062113318029
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817062113318029
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:55:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=78790
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 11 Jan 2024 17:48:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7582817062113318029
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame D72C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa885aaa-dd61-4324-946e-e0a6841f5de5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa885aaa-dd61-4324-946e-e0a6841f5de5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:26 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fa885aaa-dd61-4324-946e-e0a6841f5de5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 11 Jan 2024 17:48:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
merge
ce.lijit.com/ Frame 8801 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:22 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
Pug
image2.pubmatic.com/AdServer/ Frame ADC7
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2F6E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:56:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 11 Jan 2024 17:48:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame A5FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:22bd65a0-29ea-4c00-a972-deb98de33ff1&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:22bd65a0-29ea-4c00-a972-deb98de33ff1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 17:48:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 11 Jan 2024 17:48:25 GMT
Expires
Thu, 11 Jan 2024 17:48:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x13 config_version:"289"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:22bd65a0-29ea-4c00-a972-deb98de33ff1&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame A248
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t6cRicX4DU658x8J6CmgZQ
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0785
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5387949350
  • https://sync.1rx.io/usersync/tradedesk/138f948b-8a30-4e0d-950b-1c32400031db
  • https://sync.targeting.unrulymedia.com/csync/RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:54:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 11 Jan 2024 17:48:26 GMT
etag
RXccca562f4c954b60af7b70eceecab7c0005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame D3E5 		43 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 11 Jan 2024 17:48:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame AEB1 		0
0
pub
matching.truffle.bid/sync/ Frame E019 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 17:48:24 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 8926
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:91288307E87944BCA975396031B8E9C2&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:91288307E87944BCA975396031B8E9C2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 06:56:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 11 Jan 2024 17:48:27 GMT
expires
Wed, 10 Jan 2024 17:48:27 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:91288307E87944BCA975396031B8E9C2&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ecc
px.owneriq.net/ Frame B3D1
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817071542122437&uid=Q758281707154212...
0
0
event.png
tpsc-ue1.doubleverify.com/ Frame 750C 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=9d40a02776034a75be36a24640619527&flavor=0&gdpr=&gdpr_consent=&ee_dp_tskt=ctdetms%2C278%2C9%3Biabletms%2C289%2C3%3Biadletms%2C293%2C0%3Biadcetms%2C293%2C1%3Bialeetms%2C294%2C1%3Bicifdetms%2C295%2C0%3Btsetms%2C257%2C32%3Bipvietms%2C273%2C3%3Bprvietms%2C257%2C30%3Bfvietms%2C287%2C2%3Bpovietms%2C289%2C0%3Bimaetms%2C278%2C11%3Biesuimestms%2C258%2C20%3Bsrbf%2C0%2C1%3Bal262144%2C319%2C1%3Bal65536%2C321%2C1%3Bal128%2C321%2C3%3Bundefined%2C325%2C0%3Bal8%2C325%2C0%3Bal256%2C325%2C167%3Bal262144%2C1321%2C2%3Bal65536%2C1324%2C0%3Bundefined%2C1325%2C1%3Bal262144%2C2323%2C1%3Bal65536%2C2328%2C0%3Bundefined%2C2329%2C1%3Bundefined%2C3329%2C1%3Bundefined%2C4330%2C0&eoid=27
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5226.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:27 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-10T17:48:27
event.png
tpsc-ue1.doubleverify.com/ Frame 750C 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=9d40a02776034a75be36a24640619527&flavor=0&gdpr=&gdpr_consent=&ee_dp_tskt=ctdetms%2C278%2C9%3Biabletms%2C289%2C3%3Biadletms%2C293%2C0%3Biadcetms%2C293%2C1%3Bialeetms%2C294%2C1%3Bicifdetms%2C295%2C0%3Btsetms%2C257%2C32%3Bipvietms%2C273%2C3%3Bprvietms%2C257%2C30%3Bfvietms%2C287%2C2%3Bpovietms%2C289%2C0%3Bimaetms%2C278%2C11%3Biesuimestms%2C258%2C20%3Bsrbf%2C0%2C1%3Bal262144%2C319%2C1%3Bal65536%2C321%2C1%3Bal128%2C321%2C3%3Bundefined%2C325%2C0%3Bal8%2C325%2C0%3Bal256%2C325%2C167%3Bal262144%2C1321%2C2%3Bal65536%2C1324%2C0%3Bundefined%2C1325%2C1%3Bal262144%2C2323%2C1%3Bal65536%2C2328%2C0%3Bundefined%2C2329%2C1%3Bundefined%2C3329%2C1%3Bundefined%2C4330%2C0%3Bundefined%2C5364%2C1&eoid=28
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5226.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:27 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-10T17:48:27
us
capi.connatix.com/core/ Frame 8EA9 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efd889dd439f5-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
SPug
simage4.pubmatic.com/AdServer/ Frame 54BD 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:56:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 3B1B 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:56:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame D72C 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=137711&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 7C76 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:57:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event.png
tpsc-ue1.doubleverify.com/ Frame 750C 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=9d40a02776034a75be36a24640619527&flavor=0&gdpr=&gdpr_consent=&ee_dp_tskt=ctdetms%2C278%2C9%3Biabletms%2C289%2C3%3Biadletms%2C293%2C0%3Biadcetms%2C293%2C1%3Bialeetms%2C294%2C1%3Bicifdetms%2C295%2C0%3Btsetms%2C257%2C32%3Bipvietms%2C273%2C3%3Bprvietms%2C257%2C30%3Bfvietms%2C287%2C2%3Bpovietms%2C289%2C0%3Bimaetms%2C278%2C11%3Biesuimestms%2C258%2C20%3Bsrbf%2C0%2C1%3Bal262144%2C319%2C1%3Bal65536%2C321%2C1%3Bal128%2C321%2C3%3Bundefined%2C325%2C0%3Bal8%2C325%2C0%3Bal256%2C325%2C167%3Bal262144%2C1321%2C2%3Bal65536%2C1324%2C0%3Bundefined%2C1325%2C1%3Bal262144%2C2323%2C1%3Bal65536%2C2328%2C0%3Bundefined%2C2329%2C1%3Bundefined%2C3329%2C1%3Bundefined%2C4330%2C0%3Bundefined%2C5364%2C1%3Bundefined%2C6364%2C1&eoid=29
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5226.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 11 Jan 2024 17:48:27 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-10T17:48:27
PugMaster
image6.pubmatic.com/AdServer/ Frame D72C 		913 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2931857&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b30420ca9147d7473a7e634e81ba3a3a18639ac8f79d3a5939d377063ffabf9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 11 Jan 2024 17:48:25 GMT
content-length
913
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame 4F87 		0
0
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame D72C 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.87.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-87-86.mia3.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:29 GMT
via
1.1 6bcc5cb16e0756268a257daab0f6082c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MIA3-C1
content-length
0
x-amz-cf-id
q6WYCUen3gI2hPZHBEJ3V7Y_VqfTefMF2XFXH0Eyh5If-QjMqpIKog==
x-cache
Error from cloudfront
rcs
tags.rd.linksynergy.com/ Frame D72C
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDAwOUEzRkVDLUI3M0MtNEVDNy1BMDQ0LTk1RTAwOTBEODc4RBAAGg0I7NOArQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6b05cf4fb000754d269f16677a7cf8e6e35879d71595386ba89fa9ec3f91b37e791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2YjA1Y2Y0ZmIwMDA3NTRkMjY5ZjE2Njc3YTdjZjhlNmUzNTg3OWQ3MTU5NTM4NmJhODlmYTllYzNmOTFiMzdlNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2YjA1Y2Y0ZmIwMDA3NTRkMjY5ZjE2Njc3YTdjZjhlNmUzNTg3OWQ3MTU5NTM4NmJhODlmYTllYzNmOTFiMzdlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7dOArQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
0
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=009A3FEC-B73C-4EC7-A044-95E0090D878D/gdpr=0/ Frame D72C 		0
0
receive
pixel.tapad.com/idsync/ex/ Frame D72C 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=009A3FEC-B73C-4EC7-A044-95E0090D878D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:25 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
videojs.chunk.js
static.polarcdn.com/deck/v1.131.0/ Frame 8009 		0
0
659da9bc4f52a43f0aa0f003
polarcdn-terrax.com/image/v1.0.0/bin/ Frame 8009 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polarcdn-terrax.com/image/v1.0.0/bin/659da9bc4f52a43f0aa0f003?v=77035&w=40
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.127.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14a5488b8cc0a5b3cd9eca8ccf0d8b0e879b11e45ac1a1d56e51e0f934322fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:29 GMT
via
1.1 varnish
cf-cache-status
HIT
age
47705
content-length
2818
last-modified
Wed, 10 Jan 2024 14:50:42 GMT
server
cloudflare
access-control-max-age
432000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-varnish
280993106
cache-control
public, max-age=432000
vary
Accept-Encoding
accept-ranges
bytes
timing-allow-origin
*
cf-ray
843efdab6cf339f9-YYZ
4534f07e79b601cb390a42bcba7febf0.png
static.polarcdn.com/deck/v1.131.0/images/ Frame 8009 		0
0
thumbnail.jpg
customer-pp0t2fahc1hu8o6o.cloudflarestream.com/eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDQ5ODUzOTcsInN1YiI6ImVmOGM3NzNkZDFlNjA2MTRhYmFhYWY0M2VkNmRkMjRmIiwiZXhwIjoxNzA1MDIyMjk3LCJraWQiOiIzO... Frame 8009 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer-pp0t2fahc1hu8o6o.cloudflarestream.com/eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDQ5ODUzOTcsInN1YiI6ImVmOGM3NzNkZDFlNjA2MTRhYmFhYWY0M2VkNmRkMjRmIiwiZXhwIjoxNzA1MDIyMjk3LCJraWQiOiIzODBhZGJjZTllZDcwMTMxYzRhZTkwMjU5MWNlNDhhNCJ9.aSFO8Ez36n5DpW9A3orNRAYwPrzlgO3JSRwEVdr_4X66kdR4PS8QA1a5yP4BOz97gtC_E5znTq4zrOJ5I2CBz5RbkfYnTWqYe5hVOAA6fJT6EtzBDyj8G0wW4pbRnuz9fmqtu9aLCaC_Fzd39PyDV55P1h0p5N5LH3V6DnqW5E_KWVYwwK7hrcXv6S1uFNECbBBglePYZx6hqAjlAXV0oc1sE1NyqN_N1SZFK4nnFceFzB4oRh1mCwYnpxILqONDwy6vHEZFtxErvRD_9-gUE-4gGJ1yOvZPjZnDW69ixXlMz1mILiNboMyHNAHPAHcIEBqakNJJr5b6a8jQYZzKwg/thumbnails/thumbnail.jpg?time=2s&width=600
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc91d0d184df65b4b95c91096c451ce245ad377b54174633a159869dae9b299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:27 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
47683
stream-dw-version
2023.12.5
content-length
39226
core-cache-status
MISS
last-modified
Wed, 10 Jan 2024 14:50:44 GMT
server
cloudflare
vary
origin, referer, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=864000
access-control-expose-header
cf-ray
accept-ranges
bytes
cf-ray
843efd9ee8c1a228-YYZ
access-control-allow-headers
range
served-in-seconds
1.982
thumbnail.jpg
customer-pp0t2fahc1hu8o6o.cloudflarestream.com/eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDQ5ODUzOTcsInN1YiI6ImVmOGM3NzNkZDFlNjA2MTRhYmFhYWY0M2VkNmRkMjRmIiwiZXhwIjoxNzA1MDIyMjk3LCJraWQiOiIzO... Frame 8009 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer-pp0t2fahc1hu8o6o.cloudflarestream.com/eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MDQ5ODUzOTcsInN1YiI6ImVmOGM3NzNkZDFlNjA2MTRhYmFhYWY0M2VkNmRkMjRmIiwiZXhwIjoxNzA1MDIyMjk3LCJraWQiOiIzODBhZGJjZTllZDcwMTMxYzRhZTkwMjU5MWNlNDhhNCJ9.aSFO8Ez36n5DpW9A3orNRAYwPrzlgO3JSRwEVdr_4X66kdR4PS8QA1a5yP4BOz97gtC_E5znTq4zrOJ5I2CBz5RbkfYnTWqYe5hVOAA6fJT6EtzBDyj8G0wW4pbRnuz9fmqtu9aLCaC_Fzd39PyDV55P1h0p5N5LH3V6DnqW5E_KWVYwwK7hrcXv6S1uFNECbBBglePYZx6hqAjlAXV0oc1sE1NyqN_N1SZFK4nnFceFzB4oRh1mCwYnpxILqONDwy6vHEZFtxErvRD_9-gUE-4gGJ1yOvZPjZnDW69ixXlMz1mILiNboMyHNAHPAHcIEBqakNJJr5b6a8jQYZzKwg/thumbnails/thumbnail.jpg?time=0s&width=600
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30a33406629ccb8af053f506ec5aa412a5c13869b7e28568d9ac00986879056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:27 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
age
47683
stream-dw-version
2023.12.5
content-length
28994
core-cache-status
MISS
last-modified
Wed, 10 Jan 2024 14:50:43 GMT
server
cloudflare
vary
origin, referer, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=864000
access-control-expose-header
cf-ray
accept-ranges
bytes
cf-ray
843efd9ee8c0a228-YYZ
access-control-allow-headers
range
served-in-seconds
0.985
554ccc56c31c9288291267a878ee8be5.png
static.polarcdn.com/deck/v1.131.0/images/ Frame 8009 		0
0
videojs.chunk.js
static.polarcdn.com/deck/v1.131.0/ Frame 8009 		0
0
2fa1d138-8d41-4517-a764-e59ac838f030
https://www.bleepingcomputer.com/ Frame 8009 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bleepingcomputer.com/2fa1d138-8d41-4517-a764-e59ac838f030
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length
0
Content-Type
application/javascript
wt
polarcdn-engine.com/ Frame 8101 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame D72C 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=137711&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
us
capi.connatix.com/core/ Frame 8EA9 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efda13a6f39f5-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
increment
id5-sync.com/api/esp/ 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 11 Jan 2024 17:48:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
dc_oe=ChMI-a3ot_LVgwMV6FxHAR31qAaPEAAYACD_lNRdQhMIieTptvLVgwMV3SmKAx3GAQPO;dc_eps=AHas8cDIl3TLgmwZCQtbXL_K7iVJWZMRJXUW4g5LYTifgyevknnBFVeGw2icD-ReH1vpyeIyR7ebIvaDng;met=1;&timestamp=1704995308419;e...
ade.googlesyndication.com/ddm/activity/ Frame 092B 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-a3ot_LVgwMV6FxHAR31qAaPEAAYACD_lNRdQhMIieTptvLVgwMV3SmKAx3GAQPO;dc_eps=AHas8cDIl3TLgmwZCQtbXL_K7iVJWZMRJXUW4g5LYTifgyevknnBFVeGw2icD-ReH1vpyeIyR7ebIvaDng;met=1;&timestamp=1704995308419;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: 0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
URL: https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7C76 		47 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22630355&p=156696&s=269885&a=0&ptask=DSP&np=0&fp=1&rp=1&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 11 Jan 2024 17:48:28 GMT
content-length
47
content-type
text/html; charset=UTF-8
cm
us-u.openx.net/w/1.0/ Frame 2D74
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308575.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
199 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 11 Jan 2024 17:48:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 17:48:28 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP018
x-33x-status
40000000008200000A
setuid
s2s.t13.io/ Frame C24B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1704995308575.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3...
  • https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=212416160174736
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=212416160174736
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=212416160174736
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame C24B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707587309%26external_user_id%3D138f948b-8a30-4e0d-950b-1c32400031db
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:29 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C24B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308575.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3CDoOrCO6x%2Bt9kwVp4SIcX%2Bn9KyIVjjRO%2BI8flTZQJDS7b%2BPw8TlsxNTPHWVso4vFSES4Dsbz5Uxi%2BWIzOliUrwp7YcUSGmg%2BB97q2fXnOTwMIPaFgXYBUQRRx8oSF2ttHnAUN59kqMXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
cache-control
no-cache
cf-ray
843efda74b8aa211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C24B 		0
0
match
events-ssc.33across.com/ Frame C24B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=MuQSxz7cX3h97_2who1Td1YwD50
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C24B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308575.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
an-x-request-uuid
63e9bbd0-9ef6-46a0-9d6a-0a4e537d80cc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
match
cms-xch-chicago.33across.com/ Frame E6A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707587309%26external_user_id%3D138f948b-8a30-4e0d-950b-1c32400031db
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:29 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1707587309&external_user_id=138f948b-8a30-4e0d-950b-1c32400031db
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E6A7 		0
0
cm
us-u.openx.net/w/1.0/ Frame 734E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308578.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
199 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 11 Jan 2024 17:48:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 17:48:28 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP019
x-33x-status
40000000008200000A
match
events-ssc.33across.com/ Frame E6A7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=MuQSxz7cX3h97_2who1Td1YwD50
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=MuQSxz7cX3h97_2who1Td1YwD50&ts=1704995308&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame E6A7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1704995308578.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26t...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212416160174736&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212416160174736&gdpr=0&gdpr_consent=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=33ACROSS&ttl=720&uid=2f9442d7df2189f76c8b593d5f54ce95&visitor=212416160174736&gdpr=0&gdpr_consent=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E6A7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308578.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytd3oOUHUdhDfRGHjbAwH1iF6nfpPV23ldC65FcPPgqbCmlfqhYMH6wUaLPz09iqHdubVj8ta0ZW%2BuIGx1cLmdLDN7OJbjcWHzIJ8yalJhrj3N9dTlUnsGduJVo6FRa%2FuAFtau8x%2FDJHhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
cache-control
no-cache
cf-ray
843efda74b98a211-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
match
events-ssc.33across.com/ Frame E6A7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704995308578.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
an-x-request-uuid
3303a678-0ba6-4d76-8959-9b671b8d7309
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=9107686382435366279
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us
capi.connatix.com/core/ Frame 8EA9 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/402.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 11 Jan 2024 17:48:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
843efda74e2039f5-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
31e10b57c705c685deadbbb2187aa00443ec7af00a769cb539d5d10a8a947ed3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 11 Jan 2024 17:48:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
supply
events.browsiprod.com/events/v2/ 		0
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=gOfqyzrAK
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.119.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-119-126.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 11 Jan 2024 17:48:36 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=d_mapping&pk=freestar&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&bid=gOfqyzrAK%23SJRmgoFMEq&at=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&sw=1600&sh=1200
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.225.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-225-17.mia3.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
5901d397c8805c059c9abe886c5e86f76396e70eda9254cde2cd145c30835734

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:29 GMT
content-encoding
gzip
via
1.1 f7622d34f14a4da761ccec4819140f94.cloudfront.net (CloudFront)
server
akka-http/10.2.1
x-amz-cf-pop
MIA3-P8
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
x-amz-cf-id
BQp83eWsCN-mwt_XltW5NxYz4KTfapY46QvsNbenr5lzueUfnxgPcA==
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.174.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-174-54.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:24:28 GMT
content-encoding
gzip
via
1.1 3a2414373f9f4d776a13d38ae92e0be0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P4
age
1452
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
z6cK3eB5mciUu-RGbngmixzuOz3mPhjxuE9lN9yZedurW1DqqYHwYg==
middy-desktop-4.22.14.js
cdn.browsiprod.com/sd/apps/middy/ 		296 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.22.14.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.166.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-166-107.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa464839adf45e76d965f6c8e5242d5cd80d15713e5a5372f21d9fba1109976e

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 11:56:32 GMT
x-amz-version-id
FHCzIg28flu5cM4.XUw4A9.XX5obyJBB
content-encoding
br
via
1.1 8a904a0d16ba1d2d926b70585166d16e.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P7
age
2699521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 30 Nov 2023 13:00:47 GMT
server
AmazonS3
etag
W/"2a65a997e467dc83ecb470f8afb5c67a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
NV13FkeLwiC5mACi2DPIirHmYH1MQmHVEDElbzMzCMtYWIMkIAfyOg==
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
843efdb30ab03a0a-YYZ
content-length
0
content-type
application/json
date
Thu, 11 Jan 2024 17:48:30 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
843efdb30ab53a0a-YYZ
content-length
0
content-type
application/json
date
Thu, 11 Jan 2024 17:48:30 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
843efdb34b413a0a-YYZ
rtd
id.hadron.ad.gt/api/v1/ 		27 B
85 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
843efdb34b463a0a-YYZ
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
auction
s2s.t13.io/openrtb2/ 		13 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
163a044a2c2ec442da4756f99983129b0236a30609ec038b38f53bb66ed95ca2

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/2.3.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5597
expires
0
prebid
ib.adnxs.com/ut/v3/ 		16 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7fe929bad71e4a94696fe04739d967d26a25d59d1392ae09a1e2549dec14767f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
content-encoding
gzip
an-x-request-uuid
22c4f6fb-c1aa-41c2-b076-31f4708db005
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
86.48.15.157; 86.48.15.157; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
cdb
bidder.criteo.com/ 		0
0
bid-request
a.teads.tv/hb/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
prebid
prebid.media.net/rtb/ 		2 KB
814 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
2c4d3a8450b0f6fe87df64cacfc2a6f3edaca76c93cae58963612ed580f982ce

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
79
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 17:48:30 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=515868369306182&correlator=4332117015235662&eid=31079925%2C31080290%2C31080328%2C95320512%2C31080117&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=11&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd1f2070a49ad6848%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaFtMqY9OWy2WmADKZwuY4ne5b2oA&gpic=UID%3D00000db65bbc46a7%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaUJUPsLNYyi8sk9qxODpF-8vPJfA&abxe=1&dt=1704995310738&lmt=1704990948&adxs=315&adys=271&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&vis=1&psz=1170x280&msz=1170x250&fws=4&ohw=1170&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnu6A3e9YfRnjeB63Ik1cNkPjwobvqR1s0jpNxmCRc0QDpQZwUJuIltsX8Y1DtLbVy4Qq8JqLEHAPAJWkBUqst9XWcI%2CAOrYGslt23caDDzMKH0wKKAr2NRRJIstLEIcNAqvpvZ1G_XQjygJIhikvmXcXuYVyHUCq_UTdhih0mg3HZlIJRm9xFYz4uyk%2CAOrYGsm52mxIjgNd-vxlJb0ESDBx1kxDkJ_tUc99Cb-l1gmimFG_JmfNsJ1o6BONl3VctLBy8XfaVG-6bIo8lvY5i4ID6fLG&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRjuiI7NzzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjuiI7NzzFIAFICCGQSGQoKcHViY2lkLm9yZxjuiI7NzzFIAFICCGQSFwoIcnRiaG91c2UY7oiOzc8xSABSAghkEhQKBW9wZW54GO6Ijs3PMUgAUgIIZA..&dlt=1704995291291&idt=952&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3Ddf800a4c-ec24-4d4f-a5f0-051dfa005bc3%26floors_id%3D5cc9b1%26floors_hour%3D16%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26hb_auction_id%3D668067f5-1115-4f4b-8967-dc0abcb9208c%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dix_970x250%26amzniid%3DJKD7uMbkpwGwufPVh0mo_p0AAAGM-aOIaQEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBpPyKC%26amznp%3D19z1mo0%26amznsz%3D970x250%26amznbid%3D1gu9kw0%26amznactt%3DOPEN%26hb_format%3Dbanner%26hb_adid%3D243afdd0bf213655%26hb_bidder%3Dix%26hb_size%3D970x250%26hb_pb%3D0.16&cust_params=fsitf%3DYYYYYYYYYY-Y----------------------------%26fs_session_id%3D651698ff-6360-4841-84c4-71a1d46471f3%26fs_pageview_id%3D694e1c785cfe718668203a81fde9ba15%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D220332232231232202112%26fs_testgroup%3Doptimised&adks=3680082436&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
69ab862d465ba1bf8ed7e281abd2cb97f38fda7d89f8a33274f9f2cf59ea3728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25173
x-xss-protection
0
google-lineitem-id
6409910766
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138460889091
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
auction
s2s.t13.io/openrtb2/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1484bbe69a22d38cb11ec73d5c5224412addcac31803c1e159415c8d137907bc

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/2.3.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5623
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e2c9edd75dcd7ce6152ca0eeef49d8efc8a4cb472093d08893e661cb57c0916b

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid-request
a.teads.tv/hb/ 		0
0
cdb
bidder.criteo.com/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
prebid
prebid.media.net/rtb/ 		2 KB
813 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
1a99ccf8de5fc2d7103678af0a5a146f2889b1083cd297b00348346ff862baa8

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:30 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
55
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 17:48:30 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:30 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
view
securepubads.g.doubleclick.net/pcs/ Frame F683 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssg0BHhqlc8dPwz3YFVLQnqTWfllGEuVPNGIOY1p24hnGG157nT21QItVZ6BifarMb6ET45yTaIAGdNs2HQ6MO1k7nIojUmh-s1X3XmrzKUCuqqnAZD9EAqrKoo15HiCpVUlkNLea3puBPy9pcdGXxDVgpvbKTN4roSyqTsunLiNX6EvxDyqAQGFLoqkBl9_MEyI_ZiZUOij6VsbaOMvNp950FAnfD5YIxUgwRGafz5we66Oy2RvH9yl_-G7-QbnBXwWqb312xxPCe_6XT3O4f8HT1FvjfY4-hrr3cDGlsck_ylJ3nnt5clE6xkfm8sg-DR-7jiUwZ--4D08UadkMYnYo1MDeoq750Ftlfvuwb1okiVAyufOG6qm8cZ7rBgEg2Novxpkx2Sk02GSmhKgcLtLGp8GLuiiNM3jPXaB-50WOmBIxppkzh4ZUbeGcXLGOg&sai=AMfl-YSHB1PFMkSNChQoGPTvGB5L5TzW0PGqQ0pJTrKVFITxkk0aDdhSZgv83MCtVmzI-ZTt0YUVcWSPws04sRkoy8n-Txs7IPRbklR0n6NquyEVpoJeW6DMfAbRnOrpYy8&sig=Cg0ArKJSzEZ9yiU9xTMuEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame F683 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F683 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F683 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:31 GMT
13334590403387888119
tpc.googlesyndication.com/simgad/ Frame F683 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13334590403387888119
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
9048b4ab9d358dfa749a9f39130352fcfaa3dd6235336d30d2da0455f32ae2c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 16:00:43 GMT
date
Thu, 11 Jan 2024 16:00:43 GMT
x-content-type-options
nosniff
age
6468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26554
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 12:46:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame F683 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14b641b975d6844479200afe33e65d0b06f9817b0c0fde83feffc92e8dfd1220

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F683 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslmn6y-Cc3-sSD0nfxXyf9FK6OYeQb-auuvB6lZ4BpfYvt2vG6_rkvF96p4sWlXoDagLiuUrD9ai_kNydhNNaSvSD1V5-A84T0rAK7KMYwrVj4rYW539USLtHHiI8YI_0QD_e8kb9PK_b2ozs21M7irqioIuwnzFUzsMc-NjOXmg17M03BbStSv7pz3URVtUMfdTlKH4Ihw04_9oQpJvoN_oF7oth7M6VHtRuFo5nCwQzHCaZf4sYd1xmLPoHsn7PS1KNeNO-SI6-G6ooRwl8mjNNWsHnqRRy2tW6CPQbDEFwarEDCw-wgjyv8Gyt1Wg-mTsLWrDz1kxDsmikznL2eUTISCHszssGa9XEmwUQVpYaeiZ_ZEsZoEMI_qLPdEU6kDhH4IrzcTO8XZmNSO54uAEsOGAx4zJiGILN0vA9zzgNJ-kA&sai=AMfl-YR5DeK-kK4nhdkr1yNJ53wJ8_mr2ZOORzS2CQ1fFnONE8cMU2E2SXia2PwGyPl5IcABMkK5SZKonDcvnKpJCCIt82ifQEVngEgxQAXIQzRWS_hxklXOGJP-ePSMoMg&sig=Cg0ArKJSzJKfHIO1v6vVEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=515868369306182&correlator=4332117015235662&eid=31079925%2C31080290%2C31080328%2C95320512%2C31080117&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C554x312%7C728x90&fluid=height&ifi=12&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Dd1f2070a49ad6848%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaFtMqY9OWy2WmADKZwuY4ne5b2oA&gpic=UID%3D00000db65bbc46a7%3AT%3D1704995292%3ART%3D1704995292%3AS%3DALNI_MaUJUPsLNYyi8sk9qxODpF-8vPJfA&abxe=1&dt=1704995311326&lmt=1704990948&adxs=315&adys=5345&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&vis=1&psz=1200x250&msz=1170x250&fws=4&ohw=1170&psts=AOrYGskUbOvgWNRRhjKrXQN4TcIZpYP5LpiJjsjXNjxo_C9zNObURYz-zRuU3-UzwQCDBkcz_5-OHnzQmMQRVrk%2CAOrYGsnu6A3e9YfRnjeB63Ik1cNkPjwobvqR1s0jpNxmCRc0QDpQZwUJuIltsX8Y1DtLbVy4Qq8JqLEHAPAJWkBUqst9XWcI%2CAOrYGslt23caDDzMKH0wKKAr2NRRJIstLEIcNAqvpvZ1G_XQjygJIhikvmXcXuYVyHUCq_UTdhih0mg3HZlIJRm9xFYz4uyk%2CAOrYGsm52mxIjgNd-vxlJb0ESDBx1kxDkJ_tUc99Cb-l1gmimFG_JmfNsJ1o6BONl3VctLBy8XfaVG-6bIo8lvY5i4ID6fLG&ga_vid=1419357324.1704995292&ga_sid=1704995292&ga_hid=1811137004&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRjuiI7NzzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjuiI7NzzFIAFICCGQSGQoKcHViY2lkLm9yZxjuiI7NzzFIAFICCGQSFwoIcnRiaG91c2UY7oiOzc8xSABSAghkEhQKBW9wZW54GO6Ijs3PMUgAUgIIZA..&dlt=1704995291291&idt=952&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D2f131dd4-3c19-4406-9695-d8924b38406a%26floors_id%3D24deaa%26floors_hour%3D16%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_BTF%26fs_ad_product%3Dbanner%26fsbid%3D0%26fspbg%3Dfreestar%26hb_auction_id%3D6445f017-7fd8-40aa-ab20-b3ef986bfc82%26freestar_path%3D%252Fnews%252Fsecurity%252Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dix_970x250%26amzniid%3DJAkWBEAjutssZpxxtwoVpZcAAAGM-aOIbgEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICA23TFL%26amznp%3D19z1mo0%26amznsz%3D970x250%26amznbid%3Dhbpjwg%26amznactt%3DOPEN%26hb_format%3Dbanner%26hb_adid%3D357a934b2767828f%26hb_bidder%3Dix%26hb_size%3D970x250%26hb_pb%3D0.20&cust_params=fsitf%3DYYYYYYYYYY-Y----------------------------%26fs_session_id%3D651698ff-6360-4841-84c4-71a1d46471f3%26fs_pageview_id%3D694e1c785cfe718668203a81fde9ba15%26user-agent%3DChrome%26fs_iiq_enabled%3Dtrue%26section%3Dnews%252Csecurity%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D220332232231232202112%26fs_testgroup%3Doptimised&adks=3772282542&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
77fa0cead908a5b8d2b29ea0e0faa0d3352ec96662099222d4c3a83c472ed765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25135
x-xss-protection
0
google-lineitem-id
6398388431
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138451034105
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/ 		268 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
190
expires
Mon, 1 Jan 1990 12:00:00 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:31 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:31 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:31 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame FB48 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2vQ-3UUuqz51M1ZVNNsV_hxgFeHemynrrBL28bfBQYcppge6HuJsQ04RqhV1NLOu_fH2uj79vpegEgG1i5zgfo_yyew9c1p_U5aGkE3qrdf74POBfYM4vSdNQU7EJJMWWEKmGaHJJo_J0ZgCYrksMxfFwBnEUEeXbHGCvkjK8WfaKiVKaSJ8otULdy4YN6dvOBFkTVcseawRSex0LjhJ955WeyL-1Hn7-3Jy1z9d-_gd__05krufBBv56XBRlX0fo__4crpmx6-HlPFsH_U0eM9sKLfVeo_xdrnBtbzKNR118ZjNA-HHybkcHK-kl2_uYscVkgNzSoaKLX5EpAfLPj2eaTEoort8PE1Qu1D8QwtLyYFQYQkKIoeR3lHcUcQTYWLuh9PlldmSTW_MvRkK-2zroVXNWPAaElZR89BuudECaVOapozVBTBR8c8mwx48&sai=AMfl-YTrvl_fFjLQ2PIk1DIQ68xxxH5QFe4d3B_lb5eHotHZ5x9joftK7Ti8SVBBAnHsIlglgpAPZsViRR8wkiNgSTLGedckRit4BdrRFdH9sFm9BSk7vd-mUcnJtkI1HRo&sig=Cg0ArKJSzDpuU-OyXqqtEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame FB48 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame FB48 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
67572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FB48 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:31 GMT
12847875648814186549
tpc.googlesyndication.com/simgad/ Frame FB48 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12847875648814186549
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
1e7fba4a969ecede82636b7386729b86a408ca8a9ab5201a010eaaba2abaff7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:53:01 GMT
date
Wed, 10 Jan 2024 08:53:01 GMT
x-content-type-options
nosniff
age
118530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65379
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 20:49:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
demand-source
d.pub.network/ 		54 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
773023393899dcee5044f57ac1ca5cee2fe4659436e7765a5d8e84c4629e7ad6

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
demand-source
d.pub.network/ 		54 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
773023393899dcee5044f57ac1ca5cee2fe4659436e7765a5d8e84c4629e7ad6

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame FB48 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7160536d777f7953583535401f513a15029d2ed16f5db3240e10ea3bd30d1289

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FB48 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuCbraNSCXsByrmcN2c60ruesFm69mz2Y8l5A5l2r_lHGEp6dLAVDFnmc2Ywi09yZsDT_WEuGV5JvdElER1ssFbSx63luG87HO3MD9_TYCgWppLuPHeCTXWXKkbQUXV8L1ujKrsbq2_vsNig3g82LiR0Ljb6pppI9uzoqHSamqiwhFAvuK6hkLETOicSkcAZiLPfSOehJUB1Xkr8EGk2sdCG2B5UL2ag_azvwa6LroqDBTekO6CFCQ8Igrl8zT6mzlAwsElLk8QlcsBnFszL57wH6mdeuvbgFYznJJDFCQK6swLg8ipu9UyT-jBX9AtmV1uCq7NQMOsWDhRorx7x7TmhBVBFw8N5zyqdoo5MxDTGUE3vVBLX4UZdK93kPeb5_ZdifXAEh-DEAIAXelph580vTl7a3IW_3CM7zB8zic3yU0W0o&sai=AMfl-YSflYnzpG4NlYlx-SwaCOuF1stIALBzijQ4VfKVq8QED38kILE8WgZn0AlO6fN9YG3g9wBSgZINR3blbdrRn7DH-ANA1NuZegkLrjxaEYQKBfBNGap2elhOc4WFgyU&sig=Cg0ArKJSzF6v67JG3BlfEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 17:48:31 GMT
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:31 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:31 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
activeview
pagead2.googlesyndication.com/pcs/ Frame F683 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTeCJDm4eRPRiriBpD3khCXX9klGMELrRih43zhtODx_YBMKdFampahmHnCze37b59FHzSicB6VCio75XCtKeWmNqKIm0YlJMR2spVyOA-JvYtgQpuKbn9mfDIAxZiVivjTudyz4vOhgU6g-eGBn0tFts7&sig=Cg0ArKJSzPwlQMfjn-f6EAE&id=lidar2&mcvt=1000&p=226,436,316,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3680082436&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704995311101&rpt=113&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
474
p.ad.gt/api/v1/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509402ee61575261a665985ed227545ac8be4a06bfdc9fc950f4d522befdf525

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 17:44:22 GMT
server
cloudflare
age
257
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
843efdea6c4936d8-YYZ
halo_match
ids.ad.gt/api/v1/ 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&halo_id=0606egheb6d7kjkglg99elgk8ai6ibikdlj0mqsmg0k2ywyq0q66m0qy4eu0uguyk
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:39 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843efdea1967398a-YYZ
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&adnxs_id=$UID&gdpr=0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&adnxs_id=9107686382435366279&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&adnxs_id=9107686382435366279&gdpr=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843efdbead7c398a-YYZ
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:32 GMT
an-x-request-uuid
bee8c1e4-5ad1-4840-abf1-9d2097d6fb27
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&adnxs_id=9107686382435366279&gdpr=0
x-proxy-origin
86.48.15.157; 86.48.15.157; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704995312-C58PAGSQ-A6ZH&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=138f948b-8a30-4e0d-950b-1c32400031db&id=AU1D-0100-001704995312-C58PAGSQ-A6ZH
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=138f948b-8a30-4e0d-950b-1c32400031db&id=AU1D-0100-001704995312-C58PAGSQ-A6ZH
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843efdbead71398a-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=138f948b-8a30-4e0d-950b-1c32400031db&id=AU1D-0100-001704995312-C58PAGSQ-A6ZH
date
Thu, 11 Jan 2024 17:48:32 GMT
server
Kestrel
content-length
259
UCookieSetPug
image2.pubmatic.com/AdServer/ 		0
0
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704995312-C58PAGSQ-A6ZH&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&rub=LR9I6ECV-6-CY2O&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&rub=LR9I6ECV-6-CY2O&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:43 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843efe06387c398a-YYZ
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&rub=LR9I6ECV-6-CY2O&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704995312...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5e7dc5a8-b403-4def-beab-c9401343ad17%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9107686382435366279&pt=5e7dc5a8-b403-4def-beab-c9401343ad17%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&tapad_id=5e7dc5a8-b403-4def-beab-c9401343ad17
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&tapad_id=5e7dc5a8-b403-4def-beab-c9401343ad17
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843efdbf9f86398a-YYZ
content-length
43
content-type
image/gif

Redirect headers

date
Thu, 11 Jan 2024 17:48:32 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&tapad_id=5e7dc5a8-b403-4def-beab-c9401343ad17
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704995312-C58PAGSQ-A6ZH
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&google_gid=CAESEFGs3gjBcxRmTOjP0odyttY&google_cver=1&google_ula=450542624,0
43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&google_gid=CAESEFGs3gjBcxRmTOjP0odyttY&google_cver=1&google_ula=450542624,0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843efdbe2c4a398a-YYZ
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&google_gid=CAESEFGs3gjBcxRmTOjP0odyttY&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDk5NTMxMi1DNThQQUdTUS1BNlpI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDk5NTMxMi1DNThQQUdTUS1BNlpI
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDk5NTMxMi1DNThQQUdTUS1BNlpI
date
Thu, 11 Jan 2024 17:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
843efe055e88398a-YYZ
content-type
text/html; charset=utf-8
ebfa23da174faa55634171c5e49d0152.gif
sync.colossusssp.com/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001704995312-C58PAGSQ-A6ZH&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001704995312-C58PAGSQ-A6ZH
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.108 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 17:48:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
0
sync.1rx.io/usersync/audigent/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001704995312-C58PAGSQ-A6ZH%26unruly_id%3D%5BRX_UUID%5D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:33 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001704995312-C58PAGSQ-A6ZH%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
23.105.12.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:43 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704995312-C58PAGSQ-A6ZH&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Thu, 11 Jan 2024 17:48:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
demand-source
d.pub.network/ 		54 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.33.0/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
63da38b438073d467b7f1313cd9c116ac68f2f349982a7b5062b490a686f7e34

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 8EA9 		0
0
81549
i.liadm.com/s/ Frame 8EA9 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/407440/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
9e652bd9e9a209619cf02dea22e719eaac952fcde55a5438b34bd38da813a49c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29580
x-xss-protection
0
server
cafe
etag
166 / 19733 / 31080327 / config-hash: 12547216135074222120
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 17:48:32 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8EA9 		0
0
59e9e597-f604-48fe-a820-4dfb58ab0659.bin
vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 8EA9 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F683 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 092B 		0
0
dc_oe=ChMI-a3ot_LVgwMV6FxHAR31qAaPEAAYACD_lNRdQhMIieTptvLVgwMV3SmKAx3GAQPO;dc_eps=AHas8cDIl3TLgmwZCQtbXL_K7iVJWZMRJXUW4g5LYTifgyevknnBFVeGw2icD-ReH1vpyeIyR7ebIvaDng;met=1;&timestamp=1704995312437;e...
ade.googlesyndication.com/ddm/activity/ Frame 092B 		0
0
event.png
tpsc-ue1.doubleverify.com/ Frame 750C 		0
0
event.png
tpsc-ue1.doubleverify.com/ Frame 750C 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B18 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 776E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 776E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 776E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8101 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FB48 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C44 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 19EC 		0
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 17:48:32 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jan 2024 17:48:32 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
v3
id5-sync.com/gm/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e949bb8675cff3ef5dcb2dfb5a5cf8706f5f2807345462d8f5cff30e1f5405da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 11 Jan 2024 17:48:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 12 Jan 2024 17:48:35 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je4180v878037826&_p=1704995291466&gcd=11l1l1l1l1&dma=0&cid=1419357324.1704995292&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1704995291&sct=1&seg=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&dt=Ivanti%20warns%20of%20Connect%20Secure%20zero-days%20exploited%20in%20attacks&_s=3&tfd=25173
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/ 		85 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=about%3Ablank&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
57fc070163104ef9f158d39478699d79a54d2b870057eb581180371c3bbef432

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 17:48:43 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-uwUcoizFOy3jqqksxfqtFzuRxtk"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
map
bcp.crwdcntrl.net/6/ 		156 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17331/sync.min.js?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.158.19 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f0b12a8fe1690e2a6268a26d460c592b738164e70c9b8edd38016a838ecc5b8c

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 17:48:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
x-server
10.40.58.4
access-control-allow-credentials
true
content-length
156
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ins.connatix.com
URL
https://ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/59e9e597-f604-48fe-a820-4dfb58ab0659/insights.bin
Domain
ins.connatix.com
URL
https://ins.connatix.com/737a22fc7c5afb523946183df66f63f4/insights.bin
Domain
i.ctnsnet.com
URL
https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DAdelphic%26api-tier%3D2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/712202.gif?cparams=46a0c9ae7afa44739d3ed7a9bacd8f25&gdpr=0
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=46a0c9ae7afa44739d3ed7a9bacd8f25&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DColossus%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Domain
33across-match.dotomi.com
URL
https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=39968150785&lsavail=1
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&tmax=518
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293031&to=480&aun=bleepingcomputer_970x90_728x90_320x50_sticky&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&maxw=970&maxh=90&si=1041556&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293031&to=480&aun=bleepingcomputer_970x90_728x90_320x50_sticky&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&maxw=970&maxh=90&si=1041555&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293031&to=480&aun=bleepingcomputer_970x90_728x90_320x50_sticky&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&maxw=970&maxh=90&si=1041557&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293032&to=480&aun=bleepingcomputer_970x90_728x90_320x50_sticky&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&maxw=970&maxh=90&si=1041559&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293032&to=480&aun=bleepingcomputer_970x90_728x90_320x50_sticky&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&maxw=970&maxh=90&si=1041560&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293032&to=480&aun=bleepingcomputer_970x90_728x90_320x50_sticky&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&maxw=970&maxh=90&si=1041561&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
prebid.media.net
URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Ogury_rx_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_pm-db5_n-simpli.fi_ym_rbd_n-vmg_n-baidu_n-nativo_an-db5_sovrn_n-Rise_3lift_n-Outbrain
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293560&to=480&aun=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF&maxw=970&maxh=250&si=1041556&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF&maxw=970&maxh=250&si=1041555&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&maxw=970&maxh=250&si=1041556&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&maxw=970&maxh=250&si=1041555&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_300x250_300x600_160x600_Right_1&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1&maxw=300&maxh=600&si=1041558&pi=3&bf=300x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_300x250_300x600_160x600_Right_1&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%2Fbleepingcomputer_300x250_300x600_160x600_Right_1&maxw=300&maxh=600&si=1041553&pi=3&bf=300x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_300x250_300x600_160x600_Right_2&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2&maxw=300&maxh=600&si=1041558&pi=3&bf=300x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_300x250_300x600_160x600_Right_2&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2&maxw=300&maxh=600&si=1041553&pi=3&bf=300x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_728x90_320x50_InContent_1&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1&maxw=728&maxh=90&si=1041555&pi=3&bf=728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_300x250_300x600_160x600_Right_3&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&maxw=300&maxh=600&si=1041558&pi=3&bf=300x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995293561&to=480&aun=bleepingcomputer_300x250_300x600_160x600_Right_3&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&gpid=%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3&maxw=300&maxh=600&si=1041553&pi=3&bf=300x600%2C300x250&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=77971619168&lsavail=1
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&tmax=518
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
z.moatads.com
URL
https://z.moatads.com/openxdisplay970503469688/moatad.js
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11167212900636;ec=11167214155259;adv.a=6492373;c.a=30790706;s.a=6555772;p.a=385367412;a.a=576121694;cache=770723588;
Domain
polarcdn-engine.com
URL
https://polarcdn-engine.com/wt?e=1&n=3&p=UNKNOWN&s=1&u=3fe9b7c1-630b-4566-bac6-28f65d38233d&v=1%2F7daea8b&w=1.240.0&y=w&z=v1.7.10&pas=asa-web-dv360&pag1=default&pag2=default&padva=ABAjH0h850gs7kTrsUuR8lQYfFsF&padvg=20708194792&padvc=544085116&padve=9&padvio=1014570801&padvis=OX-XPT-wCfpC6&padvp=9&padvu=101267032151&pae=w&pai=3d636&d=www.bleepingcomputer.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&cu=4882999719c6405ffcd5312574fc834f&t=arx&parcid=0aa53&parid=82755&parin=1&partm=1&par=s&maxts=0.011&pvhref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&_=1704995295308
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11167212900636;ec=11167214155259;adv.a=6492373;c.a=30790706;s.a=6555772;p.a=385096202;a.a=576121697;cache=2721232515;
Domain
polarcdn-engine.com
URL
https://polarcdn-engine.com/wt?e=2&n=3&p=UNKNOWN&s=1&u=3fe9b7c1-630b-4566-bac6-28f65d38233d&v=1%2F7daea8b&w=1.240.0&y=w&z=v1.7.10&pas=asa-web-dv360&pag1=default&pag2=default&padva=ABAjH0isiA8BjxPSvsaekzrmh-Oj&padvg=20704411829&padvc=544083922&padve=6&padvio=1014570801&padvis=&padvp=6&padvu=101267032151&pae=w&pai=ca4e9&d=www.bleepingcomputer.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&cu=4882999719c6405ffcd5312574fc834f&t=arx&parcid=85d71&parid=2e1cb&parin=1&partm=1&par=s&maxts=0.004&pvhref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&_=1704995295642
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBxidOOCJfb-wBmSRuiW3Oo&google_cver=1&google_push=AXcoOmR7QKu8tRvmHZ8eqxu3Ll4_pRl3rpBRhOkMqHhDSmbSEhK1qlGQDvCppQ03jVxcI8HZlVF3k5SQVyDHtnU6JjDf-g1pFQQ
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAKukKfouTcwqKLqrvouAPs&google_cver=1&google_push=AXcoOmQhfK6nBRVARKKTePRBljIe2LENa93A-I0Oa4ftddKHnChYEQy8NjrgeYEyjMl7Jcwoj4DQgAe7F8TfKY8fXVrZQw4lwTUV
Domain
rtbc-ue1.doubleverify.com
URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=2ec639bdcb7946fba2c83063083a4280&vfdur=433&cbust=1704995296382490
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?id=LR9I6ECV-6-CY2O&ex=d-rubiconproject.com&status=ok&gdpr=0
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid/magnite?uid=LR9I6ECV-6-CY2O&gdpr=0
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEfQFSARw3AqjSxJUwvGYoI&google_cver=1&google_push=AXcoOmQiUgRkJUMx1Ol_acdHso5rCQ_79lHfotLudQ05BEjP2RC-l13NkgS5QzvB6CG8a2fxC4N8ybn348Phecw6TfuCFjnlyDo
Domain
cc.adingo.jp
URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEPt7KN7sXjlrBPiEITclzI8&google_cver=1&google_push=AXcoOmTXIWjcT8WpE31xUgi_sJQ29iefS4zU5ngIPWIzX2Txz08A1eKui7ac6rSKPpO3smbxX9i_j8acFYX4zWkKdqcCoECPEbY
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=009A3FEC-B73C-4EC7-A044-95E0090D878D&redir=true&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
a.clickcertain.com
URL
https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=243ab276-5ae4-4fe2-ab14-44d4a1348492
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
us01.z.antigena.com
URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20009A3FEC-B73C-4EC7-A044-95E0090D878D&rnd=RND
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLKNLRNIoMiKa9CR4D0xRE&google_cver=1
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:322EA64EEBF542918DEB5120DC7B8982
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMLKNLRNIoMiKa9CR4D0xRE&google_cver=1
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:8655C5B6C3374A6381394AEA34A93C41
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=F3FBC320-45DC-436D-B9CD-920A7D846725&redir=true&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PQKlczkOoXImB6chbQHpcD0EpyAmAvJzaQBHAYsV
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
us01.z.antigena.com
URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20F3FBC320-45DC-436D-B9CD-920A7D846725&rnd=RND
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB&gpp=&gpp_sid=
Domain
s.company-target.com
URL
https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Domain
cdn.doubleverify.com
URL
https://cdn.doubleverify.com/redirect/?host=tpsc-ue1&param=akipv6&impid=9d40a02776034a75be36a24640619527&dup=&eoid=1000
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZaAp4OT30KaT8BN13UvvzwAA%263838
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Domain
cdn.indexww.com
URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZaAp4OT30KaT8BN13UvvzwAA%263838
Domain
z.moatads.com
URL
https://z.moatads.com/polar822lQSh10/moatad.js?moatClientLevel1=UNKNOWN&moatClientLevel2=BMO%20Financial%20Group&moatClientLevel3=Social%20Creative&moatClientLevel4=&moatClientSlicer1=Fallback%20rule%20for%20542600f1d4ae43b888941379b5a435e2.
Domain
z.moatads.com
URL
https://z.moatads.com/polar822lQSh10/moatad.js?moatClientLevel1=UNKNOWN&moatClientLevel2=BMO%20Financial%20Group&moatClientLevel3=Social%20Creative&moatClientLevel4=&moatClientSlicer1=Fallback%20rule%20for%20542600f1d4ae43b888941379b5a435e2.
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=adyoulike&bsw=243ab276-5ae4-4fe2-ab14-44d4a1348492&chk=1
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/aul
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=138f948b-8a30-4e0d-950b-1c32400031db&name=THE_TRADE_DESK
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=afa9d49b-c70e-426b-a900-dd582d537399&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Domain
ins.connatix.com
URL
https://ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/59e9e597-f604-48fe-a820-4dfb58ab0659/insights.bin
Domain
ins.connatix.com
URL
https://ins.connatix.com/737a22fc7c5afb523946183df66f63f4/insights.bin
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=-RMeC_llBMu0knnG6CmgZQ
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=3faMmfx6ADmUE0p46CmgZQ
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YTfzp79iB_2oQy096CmgZQ
Domain
px.owneriq.net
URL
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817051181789827&uid=Q7582817051181789827&ref=%2Fepm
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=O3nBDap-AJSuicTm6CmgZQ
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU93a389850d0f496d8f8bd1d1fc25d9e5
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=t6cRicX4DU658x8J6CmgZQ
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
px.owneriq.net
URL
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7582817071542122437&uid=Q7582817071542122437&ref=%2Fepm
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=58&3pid=009A3FEC-B73C-4EC7-A044-95E0090D878D
Domain
tags.rd.linksynergy.com
URL
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=009A3FEC-B73C-4EC7-A044-95E0090D878D/gdpr=0/gdpr_consent=
Domain
static.polarcdn.com
URL
https://static.polarcdn.com/deck/v1.131.0/videojs.chunk.js
Domain
static.polarcdn.com
URL
https://static.polarcdn.com/deck/v1.131.0/images/4534f07e79b601cb390a42bcba7febf0.png
Domain
static.polarcdn.com
URL
https://static.polarcdn.com/deck/v1.131.0/images/554ccc56c31c9288291267a878ee8be5.png
Domain
static.polarcdn.com
URL
https://static.polarcdn.com/deck/v1.131.0/videojs.chunk.js
Domain
polarcdn-engine.com
URL
https://polarcdn-engine.com/wt?e=5&n=3&p=UNKNOWN&s=1&u=3fe9b7c1-630b-4566-bac6-28f65d38233d&v=1%2F7daea8b&w=1.240.0&y=w&z=v1.7.10&pas=asa-web-dv360&pag1=default&pag2=default&padva=ABAjH0isiA8BjxPSvsaekzrmh-Oj&padvg=20704411829&padvc=544083922&padve=6&padvio=1014570801&padvis=&padvp=6&padvu=101267032151&pae=w&pai=ca4e9&d=www.bleepingcomputer.com&l=Fallback+rule+for+542600f1d4ae43b888941379b5a435e2.&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&paprf=pe&paprfm=s&paprft=l&paprfv=1.131.0&paprfvpt=cf&paprsmt=v&paprsid=b59c2c5fa1d2411596f804020756f740&paprsix=1&paprstv=1&paprstc=1&paprosid=b59c2c5fa1d2411596f804020756f740&paprosix=1&paprfsn=fb&pasf=0&paio=1&pasb=1&pecy=CA&c=908eed724b1449b1b2f1b945d02abdd1&t=v&pasp=542600f1d4ae43b888941379b5a435e2&peet=pe&pevid=775c2c145f9140bbbde1be8eef8aad80&pevimp=4fcjm&pevt=ld&mevct=0&pevmu=1&pevpl=1&pevst=ld&pvhref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&_=1704995295644
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=18655257446&lsavail=1
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995310279&to=480&pubProvidedId=%5B%5D&aun=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&hadronId=0606egheb6d7kjkglg99elgk8ai6ibikdlj0mqsmg0k2ywyq0q66m0qy4eu0uguyk&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&tdid=138f948b-8a30-4e0d-950b-1c32400031db&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF&maxw=970&maxh=250&si=1041556&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995310279&to=480&pubProvidedId=%5B%5D&aun=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&hadronId=0606egheb6d7kjkglg99elgk8ai6ibikdlj0mqsmg0k2ywyq0q66m0qy4eu0uguyk&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&tdid=138f948b-8a30-4e0d-950b-1c32400031db&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF&maxw=970&maxh=250&si=1041555&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&tmax=518
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=43210142675&lsavail=1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995310810&to=480&pubProvidedId=%5B%5D&aun=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&hadronId=0606egheb6d7kjkglg99elgk8ai6ibikdlj0mqsmg0k2ywyq0q66m0qy4eu0uguyk&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&tdid=138f948b-8a30-4e0d-950b-1c32400031db&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&maxw=970&maxh=250&si=1041556&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?lt=1704995310810&to=480&pubProvidedId=%5B%5D&aun=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&hadronId=0606egheb6d7kjkglg99elgk8ai6ibikdlj0mqsmg0k2ywyq0q66m0qy4eu0uguyk&pubcid=9daa989a-a550-4b66-840d-61b30ded0628&tdid=138f948b-8a30-4e0d-950b-1c32400031db&gpid=%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&maxw=970&maxh=250&si=1041555&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&ns=10240
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fivanti-warns-of-connect-secure-zero-days-exploited-in-attacks%2F&tmax=518
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704995312-C58PAGSQ-A6ZH
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=46a0c9ae7afa44739d3ed7a9bacd8f25
Domain
i.liadm.com
URL
https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=46a0c9ae7afa44739d3ed7a9bacd8f25
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/59e9e597-f604-48fe-a820-4dfb58ab0659.bin
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTeCJDm4eRPRiriBpD3khCXX9klGMELrRih43zhtODx_YBMKdFampahmHnCze37b59FHzSicB6VCio75XCtKeWmNqKIm0YlJMR2spVyOA-JvYtgQpuKbn9mfDIAxZiVivjTudyz4vOhgU6g-eGBn0tFts7&sig=Cg0ArKJSzPwlQMfjn-f6EAE&id=lidartos&mcvt=1202&p=226,436,316,1164&mtos=1202,1202,1202,1202,1202&tos=1202,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3680082436&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1704995311101&rpt=113&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAO0x3YRQiXzpJwKNB-zNd_KPFlbz9CBsLo2Y1UEPJwDy_sFoE1cxGoTCchjcuA1MbnfEk9WuXYKAMJ8FrTGudbIUMrALdeNZNTtS78pjsDUSlVaeS8dY05if_OnXIkFfGyU1hhqJMfdHnWONMm7ALRJkq&sai=AMfl-YRp0tEeTMaVbxAoHKcSbX5R3avRtdsTYz2wPWCAPHMESnwRGFqb297ANPxcfcuDRhqSwbVLXI2YTMr2tclqD9jwcDNrRfmeKtLnhO7zj4ZTVHNdBSMXLUyfRNks&sig=Cg0ArKJSzJA8MpsPQ_poEAE&cid=CAQSPAAvHhf_vFYDf53vwlFxspz1XsSskK8ONeg8rfI4IrP9zMjucBPkD33oXAF1kdhiMv5YvR0KRqJsH__KfhgB&id=lidartos&mcvt=0&p=3796,268,3886,996&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=1460056452&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995294692&rpt=1920&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-a3ot_LVgwMV6FxHAR31qAaPEAAYACD_lNRdQhMIieTptvLVgwMV3SmKAx3GAQPO;dc_eps=AHas8cDIl3TLgmwZCQtbXL_K7iVJWZMRJXUW4g5LYTifgyevknnBFVeGw2icD-ReH1vpyeIyR7ebIvaDng;met=1;&timestamp=1704995312437;eid1=2;ecn1=0;etm1=4;
Domain
tpsc-ue1.doubleverify.com
URL
https://tpsc-ue1.doubleverify.com/event.png?impid=9d40a02776034a75be36a24640619527&flavor=0&gdpr=&gdpr_consent=&yld_phnpms=14880&eoid=31&sdf=67108900&tmet=14880
Domain
tpsc-ue1.doubleverify.com
URL
https://tpsc-ue1.doubleverify.com/event.png?impid=9d40a02776034a75be36a24640619527&flavor=0&gdpr=&gdpr_consent=&isbxdms=14766&b0=14948&lftb=14948&sftb=14948&tuums=14881&dvp_noEng=true&eoid=32&tmet=14881
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8p8A5bqnsq9XM8QNRWDwK8_Ug5Pz_V_3YHzp1n8k1OSWayW5gwr8Z02Kbkb39XymJyM2j8NdnJniLkqkiaT4WYVyYkcoY19RfUC6687DzRfntTU-LdYaGpvclc6kVqSM6Sa-dfAQAAgXU6aNiRT6PpY9t&sai=AMfl-YSQeO-j-XJZ76c8B56UcW-Jk8z7i_YSOy7V3sm_9dedNH0s6vp5AyNrPa-XssThzAOHCKhWaFt03tYhWLfwMYljMWV4v82JR1FXte5N0UYKXMX7mD0Eo1Sdu_l6JWsXjktNxwgDMau5MILdiLgCpA&sig=Cg0ArKJSzN7wsvIMXvWtEAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=17,1,254.5,203.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1337&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXcOA0vzmgsoJNWq6a-q9CgEJlRfNNYtJ_UIQuY_pTStFPiHKe9ALUgPie93NGCMlCGR5QVL1HwwBv1UVm8gePrJ_wfEnWFu5yfG2jnZwehEkzzPjfjYI1F7GlGIBLFuDGafzRAc624K-1Cf5dSeURT9-w&sai=AMfl-YSJdPECrW52WWc7v41S3qZqwCrJKiwiDUKdCv3sqGKwwvI3ajJNhDxeGjozXvGFbfv1awSmUvS9Oto-KQUSuVwARay14Qk1GgBFsh7TDexsK1aXajPVwG8UIyUz_KgkKsdojObe9SuCqGUtAsODuw&sig=Cg0ArKJSzJIwwVx90FmnEAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=17,211,254.5,413.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1343&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzBHPOqZVqYlEAjYsFWyEth6yWDFiL_LT43fq9RTim2NBYBX1QYhVzAYa-U2WaeTHEIXDxMx3t5c2osNb7h7RzKamhotCWTQkkWzlDWX2MC8NACc9Mog0BNZmzGOd4z8rkffrAgRYtpuyJV9kJaGIlOd_U&sai=AMfl-YQlrAAImu4fQxAJOCYmNTqK_xZrEZ25xXePKjJhBRCU_Z9nTF1znBVmFC72wn_6xKpq54-MwCISzPBfxnZuhqLF4MwA42pdVmZ6BNkLhwmxCbvqm1p-tgfSRZZkSqCi_U0gJj6CQcg1Ld5QHBAn9A&sig=Cg0ArKJSzCfY3uifFPyZEAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=17,421,254.5,623.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1345&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6AfgZTCpqh22gVdpnG8v8VHjdj00i0vHoK61G8fOLciM-rvnX_6Em4cWByCWxP_OrF1H8ox26-6w6kfeE0qgcPjf7sg_9iesozKFXoLQQ7cLtiJb6iulIh744aL9UtUZO3fzJJant2XQ_PADCNwy94hSB&sai=AMfl-YRvKWtjtVvwA3xWgHe44p5KSdN-VYKmOQ2Y1j0UvLjXWpR1QTi4qSIiykeYkY-aSdvZiAf55EuHiy8NCp43TDbjVdbF3qm1rUrYOjo9kNCsNcDHNp0CaD82qcW4ao-owpJ859XgrWdnB0adiWc_1g&sig=Cg0ArKJSzAfKYWhoyV5-EAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=17,630,254.5,832.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1346&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEXGfGpA0V1tl2wIEYcp1MK1UslD2UF9zUAfJkPOhB4b8LQntyIsedLXMR2fvNzwbBRL4SGVSqu3fLnP5rmMFDB2ubDmrw3miix7lzHWRxvjFM_rXtGd6w6Fi-xs1rTqem3De6oVBiGs5kOhnGEu8z7VLl&sai=AMfl-YQ5FlTFhml1JlHAOllt3uc757qEL8JkGjwrMduEV-6u2wjtT4K9weF8WkKAkDqmb-E2Vd8Qjzm40GjKQfJMbSK9XOgsVQpSFrdJTng9odkSNGcm5UlZWU_ZSJlKUNcmvdOgafzWHKLjJL3HMmxYUA&sig=Cg0ArKJSzAZ5rYdEE9v_EAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=262,1,499.5,203.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1348&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumvbBtMmaNOPissp5Egz5QNOli-r1okmGnoCOzQCeZ_DMPQ0mvVQ0zl-VXZkaxoRK9SQuNvUCMEOCc0m3iYQitYupFLgF4muxpm9yblZv5utLJgOj5DtqBfPgE9P92_Megg5_t9cEq7-P980LsRW4G7bAp&sai=AMfl-YTG-btD_iEsoJUSBOugchVRa0IKY-mXH7FetlW0bhBlRI-aW1FFfI8EF4OBub3dxJG_XMSXScnnQy4mcxTOLEh_iwhJhWMXOLLmQ6gqE0175gBuHJEYThcSRk2NUbKUxpBDPTHd5PAnRYLCKFiswQ&sig=Cg0ArKJSzMylYkbRczGnEAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=262,211,499.5,413.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1350&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGxlgtdpqahob13Do5iiPShxukDxJLfg2jjWIrPWDQzMtUlrKCr5xyWnVVAO8E7mszNt7FdBZdsHsjwCaQ4j0RfBmHbRdarmG6p9YfDJwtql5IAnozXauWTS8C0nvMPkjpUPgYtH_W2x-g_oury7Rxtpzo&sai=AMfl-YR5vDujIEKryrwc8dW6YrcGIre9hGlF9VUJyZkZVliE6NvhgcvvLwB9quDWNMARlHXdBFw4_ivJPvYFZrSPqETSGa1GvDvTiGPoye-H4AiWnq6N53GoNkq9Yre6qUpWV-Mp0EpVpe5lBglvkJ4xag&sig=Cg0ArKJSzFFp1-HzMcRtEAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=262,421,499.5,623.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1351&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXQqeETBzr-AejME50ZAA08Snq1qsmRsP9IRAVeq4uxkdEp88hs4Mr_v8UwVbqdAV5U56BxLGkPcGKToJUAbGBraHTvlg_blIqDLLs_puKi2cPK5bGBjLlRFkFF2be0hDMCC7qfdKc1I4ZyGSRsUxZzEEd&sai=AMfl-YSsysKWXqEL_qwsPb4WUWDZDNYMkLCbPvtdLnfqt5p_W2jr1T1ICCPE9RsGqzf0J5mwXBrLtlh6c5rqH_iomlVD5eIegG3ZGCcBii6E-h0TUkgZ1p5zs8NHFDz3uAjsjhfZWPMaBP6UfTiMMzsrsw&sig=Cg0ArKJSzJmu9Zzj3EO1EAE&cid=CAQSTwAvHhf_zj-aZhgywcXH6Yaj6Own90Qb401qfok3kHWBh7x080QoR37VwuCku0u07fLjBx66rf4mzPKNQqZyXmfUQ_Pl6f_Bu9Fv07F7nGMYAQ&id=lidartos&mcvt=0&p=262,630,499.5,832.5&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3764243768&rs=2&la=1&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995291994&rpt=1353&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTFbNaWupw_cW9Hwf56oqy8gTRSSDWCJvebbvAJRqHZQVTIJFvrdNZulW-XVt532MfKxZddPrIikJzBxwascSbobLLvQJ5fwjke6gEVxnoAxLLg7v8mE6hh7SHwp20fwDo_rozU3uuZs64FWraif7x26m1&sig=Cg0ArKJSzGa39kFU7Q9kEAE&id=lidartos&mcvt=13703&p=482,1341,522,1382&mtos=13703,13703,13703,13703,13703&tos=13703,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1431339665&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1704995294711&rpt=802&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMFVyMOgFMKapBxysledjRpd6zYejHYsWL2qWKc1-moCo20YdDD00nmFEGDoRplfi7np3Umv7NeaGSwJWWJJdXTBfKxleJcV_TiA5QZo_G3nkl-1ZkX4HakG0l7kG2q0V6EXOV_j1_YV_PsTmSLQ5EnUeg&sig=Cg0ArKJSzNqxyPtUvVHZEAE&id=lidartos&mcvt=0&p=1642,1082,2242,1382&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3504722123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995294725&rpt=834&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu5-BO4gY6AaaWLcLJ9Jb9ffrHTH_bZZy34WxD0O0Zk-zhLhth7_8xj_f-QlOGnFuiZDxIga9W5j5xF99Y1bMVwElp1E-GPbanHvJn2Lkiz1Q60YywTOBHLi4n2Fo&sig=Cg0ArKJSzI0J0ixgPM72EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=32&adk=787121071&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995294725&rpt=17743&ec=1&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWO5hGRVdfzADJeaBDnUASCMUV-nVqa910ggw9Pod9SweLT2rKRZdGC3f_3VC_GbEPz5KfTLc8Wh1NMNEVmu0ok7le3Pzz_hJm69ecy0Ux-kOk4iQmeJG00Eih&sig=Cg0ArKJSzDbZljyzo0b0EAE&id=lidartos&mcvt=0&p=0,0,600,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=32&adk=4272585447&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995294725&rpt=2720&ec=1&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLoKARc1khfWKcEUHAR9Gnh5jJlvDSNcHXba4kAgwutH1b1yqDABQReAaE7wCrJiqHO1JMxiELZdufxCzuqO_hyjQZNiR9-tQUf58kYyQeBJhAAsCsqirvY6_Rf8ALKQDsEhykgX8S7KpHbZXcWGx2zIV4&sig=Cg0ArKJSzDKEIHhVHMTsEAE&id=lidartos&mcvt=0&p=2262,1041,2302,1082&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=810916176&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995294733&rpt=1044&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYs3eI6qkKMgIAK9b6LooMX8zpOwkfIZODXiUI7N7som-UwbkdFNDdNzBJ7rqdYrSfDpujs5Dos92QX839GJNUCJuwKyqr2vO7YdgNWQwkEUJHcsh4KLb-aqt_rCUqZHsOZU4oHVT8zMABTXDZyGy3P2fL&sig=Cg0ArKJSzEAwQz-zRGngEAE&id=lidartos&mcvt=0&p=5300,436,5390,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=3&adk=3772282542&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704995311519&rpt=103&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTaqVxp4SzjD0DruqRfd6460wmiABL6thJF1kWJfzJ3-sCLcrLaoW30ZXTn8k1tqIp4vV5P0xLWpP_uxOXYCVwbEQEVLKiAIHKKLaYuZ3LtEXlrJFBOzHxS6UFI2Sq11qcqlkqba2XRFpxBiIUixFoKenIWNrjVdWHSi0vcqHoMTl8BRUCaS7qTdLThs1Rz7q0aVyHYrZMJirLsCYQTWhzPdSAZmMJNK4RXsac13fcX5fzD3P7Qk-NF_EGZiGCNKQDnMucnM3Gwe0KTK3qyW8QVaTUDQlgDA-XY9spnbuujAUdlPDRf53jO3XruTf9JMzclIFxv5F7qir3_HAhYsEouF67BoYiN3JHBY4Qmw1OpRh38ofd9UC2PQrgHmzKwctT1qQwgf7e1mXdjvFCsLcLYtwVlfICgFWPxh99HoVfdZrCMeqo1AWA92DNfKP0FOvV5kb8887GgdfLLFy2Z-3P5jvRRjfw5fyvJC0Y-Qr6Hjc3q5fFFIgQq67NWHbS5gSs1VojsED_h2AUZjNxyNd_Qf8K8qo5X-DkGgCpieePZeg7tzKYLD4UDDrQxLBKDK0KpN40J5MvwowV8RYiLsU042an8ccEL05PbsANyyVtVHw7wnP0kVy2rdCzJVL3IXrMnd-T5VCMKhj0T7Dq0u1ovfPUjIunVyZ0XsNkM9agiJty3VbUaEfk-zUja1PwwqJoYTam2sQXhMS5YFZbtvJE1u8vzkpNqsoobzleQPZDpt5pFZPW31XwRC2-Qdh_fa4c9g3ncVBc4XBnz-KZ_XCko9f5fzhuOFGCfq59kUpOICX1gxKIYO3W7Jxtw3ChX6pZ7U6bnf9rIVgW29C7H5RYN6sXIlw4KNgTx7how-uv9UMFPvtR6uFKz98gWKeR5SLzB1c5dvuAvmawEGRW_Ws7r_LNIK4MgnyTQG9oyWECMfueMt-VW39CbqZABCNHHmXHtp59H2BsS8yaIh-ob1KX9jFrY0qnCdxb9M07v5vXwSswPngmAZZBOHXYqIKAJMTwNDNYo4uMiFp3btt6Hj90LS8C48DE1UW_1Un95PGmloYEUoGqGR239yDe3A69jK388Nz1E-lFIfRAMKowFOCGeUtkbQ7soYPB_HClm9WsSi3uSY7kGBlKt3CPt6hU1OerKRbThb9IZWNV2rAWBIFjMpovu7XTGaCJNy0PGfCDlUjKw-fQfNS8-emJ7cPu3JgXBjm14jL8CS27rQ5wzT_vHORLZpYOi9BVbiwuatqHPe52Ct5Tp5s2u0jcoyFVyNdoCxqg0KrhBjfm72hBvbqYUZ6B3t8lTFPEMl6mJS33Sk_JoCmRUDLAkV3tuyxAskbbW2wWTsF9epJMh1-6Anqja3uVS9-7iAnuYy0oyXQmtbMb6yAZM2Eoa6lb1j3J0yFchXl5yn6ga_CteG4l7ACX5fjCgsLP981LFkHyw2AR6XmkVgq9V-BAXilzRqMq2L7bx_syRtJIX9-LmGOSJwjNRp0-zmU2ZEIfiO96w-3Sz1XLss82CFMpmemac0b8U9O62_PPn3JY3_lnfiG-teKALHCKkjHZoXbjoWHAjqLJV9w&sai=AMfl-YTrvSByfnXNPGwqcd7RbJL-1FM_w83Vzt660sleNVi5eNAehMczhHDWC_li5NqzpURJh_CRij8yiyF-K8IskGjypGLSuVc_lPYpxM6NX6ein-vJgQEqcFhZjW6De8GhD2T7YyolAKhWhw&sig=Cg0ArKJSzLWGLnSB5-mvEAE&cid=CAQSPAAvHhf_TAdCAOaWBxxurE5ZB4TX7Qx1XF1ZyR3vvSx13EZvaSjZWOdyKrDBeZMermIOPXbFtIREkHAbvhgB&id=lidartos&mcvt=17172&p=1110,296,1200,1266&mtos=17172,17172,17172,17172,17172&tos=17172,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1085809260&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1704995293798&rpt=1441&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWEIG-TIxJo1gVP34NFozZ3iQHo8H4LH0UKe_MY0Ut4JpZvYwnUj5NwTuPv-ct2wK0lRU7tdpneusPVMu0XjlnPdJ7of_d7rnzNOyZGS_vNYDbx_MnP5If48hs&sig=Cg0ArKJSzMUuESGT_gljEAE&id=lidartos&mcvt=16433&p=0,0,90,970&mtos=16433,16433,16433,16433,16433&tos=16433,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=1526426640&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1704995295196&rpt=867&ec=1&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| cnxps object| freestar object| apd_options function| gtag object| dataLayer object| adsbygoogle function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf function| admiral object| googletag object| _pubfigInstanceManagerConfig object| _comscore object| fsprebid object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| 4dm1r11545242527 boolean| fifabAlready function| fi_fab function| load_script undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery function| onYouTubeIframeAPIReady object| gaGlobal object| confiant object| cnx_player_usr_storage object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| COMSCORE object| ns_p object| google_image_requests object| fsprebidChunk object| _pbjsGlobals object| mnet object| regeneratorRuntime object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| cnx_usr_storage boolean| __bt_already_invoked function| _hadron object| apstag function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array object| lotame_sync_17331 object| fiUtils object| $customVisiblity object| $waitOn object| _aps boolean| apstagLOADED object| apscustom object| google_llp boolean| creativeVendorLibraryLoaded function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _qevents function| pubHadronCb object| Criteo object| googDdmPs object| NATIVEADS_STORE number| depth object| hadron boolean| __halo_loaded__ object| au object| ID5 object| __id5_instances object| PublisherCommonId object| browsitag string| browsi_bootstrap_loaded boolean| BrowsiScriptLoaded function| quantserve function| __qc object| ezt object| _qoptions object| _middyo undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| auvars object| player_instance_b356a4c009784a89a48eb01c76faff33 object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 function| docReady object| autag function| cnxAddEventListener

177 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQhKyOzc8xCgoIkQIQhKyOzc8xCgoItAIQhKyOzc8xCgoI5gEQhKyOzc8xCgoIhwIQhKyOzc8xCgoItwIQhKyOzc8xCgkIOhCErI7NzzEKCgiMAhCErI7NzzEKCQhfEISsjs3PMQoJCB8QhKyOzc8x
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARD5Fg
.bleepingcomputer.com/ Name: session_id
Value: 9cbbe32347a6aa253738df110f9ce3d4
www.bleepingcomputer.com/ Name: lav
Value: 18963
.pub.network/ Name: _fsuid
Value: 0288dd0b-9f08-469b-8319-81e2f8a02a47
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.1419357324.1704995292
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.853973529.1704995292
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
.scorecardresearch.com/ Name: UID
Value: 151250f2848126e732361f11704995292
.connatix.com/ Name: cnx_userId
Value: 46a0c9ae7afa44739d3ed7a9bacd8f25
www.bleepingcomputer.com/ Name: cnx_userId
Value: 46a0c9ae7afa44739d3ed7a9bacd8f25
cdn.firstimpression.io/ Name: OAID
Value: 981424bdcee381b517f82c63fc039bf5
.bleepingcomputer.com/ Name: _awl
Value: 2.1704995292.5-1d0222d2187470e1a2be1686e06d870c-6763652d75732d63656e7472616c31-0
.33across.com/ Name: 33x_ps
Value: u%3D212416160174736%3As1%3D1704995292448%3Ats%3D1704995292448
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: FFcbJQcctd
.doubleclick.net/ Name: IDE
Value: AHWqTUkyZ0dpCS4qkWLYDsK-haUT48_lTjDNd8GBwvWjdIzTCyI202VmUmBR0gd8JlA
.intentiq.com/ Name: IQPData
Value: 1445990301#1704995292587#0#1704995292587
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwNzJfMCZVMTRzVVUy
.intentiq.com/ Name: ASDT
Value: 0
.turn.com/ Name: uid
Value: 7015515884507246864
.tynt.com/ Name: uid
Value: v/8YZmWgKdxI1XAuCjGWVw==
.bleepingcomputer.com/ Name: cookie
Value: 9daa989a-a550-4b66-840d-61b30ded0628
.bleepingcomputer.com/ Name: cookie_cst
Value: zix7LPQsHA%3D%3D
.bleepingcomputer.com/ Name: __gads
Value: ID=d1f2070a49ad6848:T=1704995292:RT=1704995292:S=ALNI_MaFtMqY9OWy2WmADKZwuY4ne5b2oA
.bleepingcomputer.com/ Name: __gpi
Value: UID=00000db65bbc46a7:T=1704995292:RT=1704995292:S=ALNI_MaUJUPsLNYyi8sk9qxODpF-8vPJfA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adsrvr.org/ Name: TDID
Value: 138f948b-8a30-4e0d-950b-1c32400031db
.bidswitch.net/ Name: tuuid
Value: 243ab276-5ae4-4fe2-ab14-44d4a1348492
.bidswitch.net/ Name: c
Value: 1704995293
.bidswitch.net/ Name: tuuid_lu
Value: 1704995293
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: a3e064a2-744e-530b-90de-7274f57e5ba9
.betweendigital.com/ Name: ss
Value: 1
.yellowblue.io/ Name: wrvUserID
Value: CrPh8Cg-Cp_s
.betweendigital.com/ Name: ut
Value: ZaAp3QAHM8CUiSlHo7PCefvFyxh7OaVDpwR6Jg==
.googleadservices.com/ Name: ar_debug
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: b0cab3d8-2d2d-4827-ae69-ab2d0987cb55
.go.sonobi.com/ Name: __uis
Value: 02a617af-ef2a-4fe4-8acf-c6dc244beedb
.go.sonobi.com/ Name: HAPLB8G
Value: s85127|ZaAp4
.media.net/ Name: visitor-id
Value: 3479968939030167000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005%22%7D
.smartadserver.com/ Name: pid
Value: 1693987427671510040
.lijit.com/ Name: ljt_reader
Value: H-YMjTZH1GTxRA4NTu6VhOUq
.lijit.com/ Name: ljtrtbexp
Value: eJxdjLERwCAMA3dxTSGDDTKr5bJ7LqmCyn%2F96TLCti%2FMjmBlM58ncwiH9OinWK6BPCQ%2FTgzGyyF7VfFv7geP6yDB
.doubleclick.net/ Name: APC
Value: AfxxVi7iuuJ34qI2tXcl4FLnlailVVnScWtKdNG6rNQ0PVS3rZAAog
.teads.tv/ Name: tt_viewer
Value: 53de4665-3070-4941-a08b-99b47107ef0d
.doubleclick.net/ Name: ar_debug
Value: 1
.intentiq.com/ Name: intentIQCDate
Value: 1704995295566
.adx.opera.com/ Name: UID
Value: OPU93a389850d0f496d8f8bd1d1fc25d9e5
.lijit.com/ Name: _ljtrtb_103
Value: OPU93a389850d0f496d8f8bd1d1fc25d9e5
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_83
Value: LR9I6E4X-N-5Z4I
.3lift.com/ Name: tluid
Value: 1659511742632576896244
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZaAp4OT30KaT8BN13UvvzwAA
.casalemedia.com/ Name: CMPS
Value: 3838
.casalemedia.com/ Name: CMPRO
Value: 3838
.rubiconproject.com/ Name: khaos
Value: LR9I6ECV-6-CY2O
.lijit.com/ Name: _ljtrtb_80
Value: LR9I6ECV-6-CY2O
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 009A3FEC-B73C-4EC7-A044-95E0090D878D
.quantserve.com/ Name: mc
Value: 65a029e1-0cbf6-363cc-560b7
.lijit.com/ Name: _ljtrtb_43
Value: tCO3G7AvsxqvJrVJ5CD7GLQltUivI-Ab4CGQL32S
.ctnsnet.com/ Name: gid_CAESEMvSg0VQhvgDHajGkTMgMg8
Value: 1
.openx.net/ Name: i
Value: 491642a7-dddf-4b10-b017-31912d829540|1704995297
.linkedin.com/ Name: li_sugr
Value: 7ed095d9-c66a-4fa2-a898-d2803de3366a
.linkedin.com/ Name: bcookie
Value: "v=2&be5ec286-991f-4789-8d4f-3754e2d5bf76"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3221:u=1:x=1:i=1704995297:t=1705081697:v=2:sig=AQEeYuIStsC6D_KnEtHE9T_Rm2ZMap6z"
.quantserve.com/ Name: d
Value: EK0BEgHwKvijDejbEA
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1184864%7Ct%3D1184864%7Ctapad%3D1184864%7Cpub%3D1184864%7Cdv360%3D1184864
.yieldmo.com/ Name: yieldmo_id
Value: VEF7sqqnn7qb8OH3EekL%7C1704931200000%7C0
.acuityplatform.com/ Name: auid
Value: 875782531506
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRj40OUiwmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUY+NDlIsI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTnpESmxydEFKUDNPWEFKV3Nja1puOPv7hnZlcnNpb27C+w=="
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4138458503621837899
.ads.yieldmo.com/ Name: ptrrc
Value: LR9I6ECV-6-CY2O
.ads.yieldmo.com/ Name: ptrt
Value: 138f948b-8a30-4e0d-950b-1c32400031db
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2g4h:19e0~2g4h"
.eqads.com/ Name: EQUser
Value: UID=1cbbcdce-331f-4816-9363-5122770f6354
.sharethrough.com/ Name: stx_user_id
Value: a84a6b5e-9b64-41f7-b5c4-81c622fcbf85
.tapad.com/ Name: TapAd_TS
Value: 1704995298892
.tapad.com/ Name: TapAd_DID
Value: 5e7dc5a8-b403-4def-beab-c9401343ad17
.adgrx.com/ Name: ADGRX_UID
Value: 9af340be-b0a9-11ee-b4f5-5307866aad86
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.hb.yahoo.net/ Name: visitor-id
Value: 3479968999030179000V10
.hb.yahoo.net/ Name: data-mag
Value: LR9I6ECV-6-CY2O~~63
.omnitagjs.com/ Name: ayl_visitor
Value: ea83a82bfd5e8fb40afa5f0518b77717
.amazon-adsystem.com/ Name: ad-id
Value: AymYSn_ZB0grr_deuKUjXnY|t
.creative-serving.com/ Name: tuuid
Value: 34124dd9-d2af-4023-bab1-8b876a6c7394
.creative-serving.com/ Name: c
Value: 1704995300
.creative-serving.com/ Name: tuuid_lu
Value: 1704995300
.yahoo.com/ Name: A3
Value: d=AQABBOQpoGUCEKLQCRbJekKBLnxKP4pHCUEFEgEBAQF7oWWqZQAAAAAA_eMAAA&S=AQAAAhHzEMH9UqJghSKirp7awtQ
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2E>2L2lMy!@wnf-Te9(SNOfY2^u31Es^ipFpm@uHMV0lGm1=zErtGhE:CgToHw1E5D8-cP)j.gB6LU4
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxNjU5NTExNzQyNjMyNTc2ODk2MjQ0IiwiZXhwaXJlcyI6IjIwMjQtMDQtMTBUMTc6NDg6MjBaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMTFUMTc6NDg6MjBaIn0=
.w55c.net/ Name: matchpubmatic
Value: 5
.w55c.net/ Name: wfivefivec
Value: YML5kxHZ1RnZac5
.w55c.net/ Name: matchcasale
Value: 5
.ctnsnet.com/ Name: cid
Value: 847de9649502473087472d6b04e61a4a
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-32e412c7-3edc-5f78-7def-fdb0868d5377.Gmwb9NfMPJxcBH1Owgjsr%2B9MkxSIaoOrkNiFo7X0b80
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-32e412c7-3edc-5f78-7def-fdb0868d5377.Gmwb9NfMPJxcBH1Owgjsr%2B9MkxSIaoOrkNiFo7X0b80
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AMuQSxz7cX3h97_2who1Td1YwD50.uuVdPtd9NMD33fOg4eh%2FwBCqK5JojWvlvU0zTWCQfNg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AMuQSxz7cX3h97_2who1Td1YwD50.uuVdPtd9NMD33fOg4eh%2FwBCqK5JojWvlvU0zTWCQfNg
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFLXwPU7NFtQ3B4etU7KdGkN6aXhoLCocrsG2LHt2EpgEHwYBCDl04CtBjABOgRvD7diQgRRrEpd.2jbzkKXSJqkWHEb1h7TOAcGluFrAxQ5sYqPwyOOuLr0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFLXwPU7NFtQ3B4etU7KdGkN6aXhoLCocrsG2LHt2EpgEHwYBCDl04CtBjABOgRvD7diQgRRrEpd.2jbzkKXSJqkWHEb1h7TOAcGluFrAxQ5sYqPwyOOuLr0
.adotmob.com/ Name: uid
Value: 0a0622040020cf49b74725fd
.adotmob.com/ Name: uuid
Value: 0a0622040020cf49b74725fd
.adotmob.com/ Name: partners
Value: AYL%3A1704995301667
.liadm.com/ Name: lidid
Value: 8ad41628-2bd1-4769-8fe3-c5a11940e4bc
.lijit.com/ Name: _ljtrtb_84
Value: c:cc55153a871c385da363984f8a60da22
.lijit.com/ Name: ljtrtb
Value: eJw9zEELgjAYgOH%2FsnODbd%2B%2B%2Bc1brBBFMgulus2tQdClEgmi%2F55euj68vB8mBbCcNfvOggeyhCKKpK2JlGiIMsoUFEZ7RbZiJOa0PtjSbF3PDXdn1SwMf9YnvuN40eXCeuaQh4AoETxlMgBh9GDAkk7kjYheqbnUy2B0DRTZenq9H1P17Ct0m6yo2%2FvY3aaSrwftirYGdWTfHwj5LuY%3D
.lijit.com/ Name: _ljtrtb_71
Value: 009A3FEC-B73C-4EC7-A044-95E0090D878D
.lijit.com/ Name: _ljtrtb_58
Value: 009A3FEC-B73C-4EC7-A044-95E0090D878D
.krushmedia.com/ Name: krm_usr
Value: 0b0d3463-e0c3-50be-9a86-96445368d063
.krushmedia.com/ Name: krm_r
Value: 572
.mfadsrvr.com/ Name: tuuid
Value: c43e51ad-deb1-45e6-b233-ed165521eb63
.mfadsrvr.com/ Name: c
Value: 1704995303
.mfadsrvr.com/ Name: tuuid_lu
Value: 1704995303
.c.appier.net/ Name: _auid
Value: t6cRicX4DU658x8J6CmgZQ
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.kargo.com/ Name: ktcid
Value: ee1c2d0f-34cf-0e40-5c3a-e3f9a09369d7
.postrelease.com/ Name: visitor
Value: 5ca428c9-85cf-440e-9b99-d27e793fd798
.postrelease.com/ Name: status
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 2fd0f783-1697-4859-bbd5-adc742a2c4ad.474209305
.pubmatic.com/ Name: DPSync3
Value: 1706140800%3A259_201_263_258_262_260_256_261%7C1705017600%3A248_255%7C1705536000%3A265%7C1705968000%3A257
.pubmatic.com/ Name: SyncRTB3
Value: 1705795200%3A63%7C1706140800%3A71_8_5_250_220_266_99_13_55_104_233_96_234_243_178_249_3_166_176_231_22_214_21_240_264_46_81_48_165_56_7_238_54%7C1705536000%3A38_15_223_2%7C1707523200%3A224%7C1706227200%3A35%7C1710115200%3A69
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 5d190c386dfa2338
.mathtag.com/ Name: uuid
Value: 388b65a0-29ea-4200-b8b7-81ea8f58fb38
.admixer.net/ Name: am-uid
Value: 1f0b40c19d084a74a891b7901b0efda3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005%22%2C%22nxtrdr%22%3Afalse%7D
.owneriq.net/ Name: si
Value: Q7582817071542122437P
.bfmio.com/ Name: __187_cid
Value: 009A3FEC-B73C-4EC7-A044-95E0090D878D
.bfmio.com/ Name: __io_cid
Value: 945cb8056201254481116acafacfb7ac1489b525
.simpli.fi/ Name: suid
Value: CFE6577F4E63416F8D5515A5B968D3A7
.resetdigital.co/ Name: ckbk
Value: 00000128123BA352
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1704995292828%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1704995308579%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1704995292828%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1704995308579%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1704995308579%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1704995292828%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1704995308579%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1704995292828%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1704995292828%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1704995308579%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1704995292828%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1704995308579%7D%5D
.adnxs.com/ Name: uuid2
Value: 9107686382435366279
.iqzone.com/ Name: xuid
Value: f06f826d-c037-4ccc-b480-8e8cbf5fa712
.rlcdn.com/ Name: rlas3
Value: 1WcyL76trZv95eEZgXfd2TnJsl5pNw7W3OdLYO9izas=
.rlcdn.com/ Name: pxrc
Value: COzTgK0GEgUI6AcQABIFCOhHEAA=
.thrtle.com/ Name: mc
Value: eyJpZCI6IjQ2NjE2MDg3LTBjMGYtNDY4OC1iZTMwLTJlOWI3NDE4Y2NkNyIsImwiOjE3MDQ5OTUzMDk0NDMsInQiOjF9
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1705016909547
www.bleepingcomputer.com/ Name: __browsiSessionID
Value: d65cf75c-0055-454d-b8de-f1d7b27403ec&false&false&DEFAULT&ca&desktop-4.22.14&false
www.bleepingcomputer.com/ Name: __browsiUID
Value: a1350fee-4bdf-43fb-90ad-dd040e243407
.pippio.com/ Name: did
Value: vKEREDbWmPPOZXC-
.pippio.com/ Name: didts
Value: 1704995309
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CO7TgK0GEgQIAhAAEgYI7OsBEAA=
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYASABKAEw7tOArQY4AUABSAEQ7tOArQYYAA..
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZaAp4OT30KaT8BN13UvvzwAADv4AAAAB
.ads.stickyadstv.com/ Name: UID
Value: c49495f9991e88aeb616a9625e85cb39
.openx.net/ Name: receive-cookie-deprecation
Value: 1
www.bleepingcomputer.com/ Name: ntvSession
Value: {}
.postrelease.com/ Name: ver
Value: 1
.bleepingcomputer.com/ Name: _ga_GD465VRQLD
Value: GS1.1.1704995291.1.1.1704995311.0.0.0
.rubiconproject.com/ Name: audit
Value: 1|vSuVCzPy+7q4IJNTUeH2+NHGwCH0b4K7OvQDtwZZLEwhGZT+DLU/uz0c5Mf5FGTybVOPqtgJbN2M1KxoLazIt//Ckd+Nfacsls1z19n8HnRMqJO5mR56Fa/DtorAT8PFQSw+BjwbbE9maczOfiAU/welv3dRal9rLn6AKWuadVGI9C38dslqnsV/tEEj5KQHN6JXMcYuiJM=
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnX3u9mpz_hHIEX1D8CHU4nQjNIkOOPT9scPPDKv6z4RrS53CuJGr266p1-pQC4TM1
.bleepingcomputer.com/ Name: _au_1d
Value: AU1D-0100-001704995312-C58PAGSQ-A6ZH
.bleepingcomputer.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDQ5OTUzMTIsInR0ZCI6MTcwNDk5NTMxMiwicHViIjoxNzA0OTk1MzEyLCJydWIiOjE3MDQ5OTUzMTIsInRhcGFkIjoxNzA0OTk1MzEyLCJhZHgiOjE3MDQ5OTUzMTIsImdvbyI6MTcwNDk5NTMxMiwiY29sb3NzdXMiOjE3MDQ5OTUzMTIsInVucnVseSI6MTcwNDk5NTMxMiwic21hcnQiOjE3MDQ5OTUzMTJ9
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCJTH3OLwtck8EAUSFgoHc3Z4OXQ1MBILCNyr1-Twtck8EAUSFQoGY2FzYWxlEgsIhO3U6PC1yTwQBRIUCgV0YXBhZBILCLaix7vxtck8EAUYASABKAIyCwiss8CiiLbJPBAFOAFaBzhna3hiNm5gAg..
.adnxs.com/ Name: XANDR_PANID
Value: WL5hT3xY2IGgrAkOPzEHbyc6V0qqe-c_-_k0hlNTPIAsuS70_w13aywbkSJGGa1DtR6jUWqUhYUdxeno4ZA_yCxexfZV3cweZzcPFTOzsgE.
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!281-2!281
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 34b0c65a-326c-7735-a2e6-fe8c870f7983#1704995313501#1
.sundaysky.com/ Name: sskyu
Value: d6.3a423d9d15914479b103dbb2981c7ed6
.sundaysky.com/ Name: sskyCreationTime
Value: 1704995314797
.tremorhub.com/ Name: tvid
Value: 80607689d5304054a4ca1613b2e4fdb9
.tremorhub.com/ Name: tv_UISCX
Value: 46a0c9ae7afa44739d3ed7a9bacd8f25
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNDZ2MDR5Iix0OiJuaSJ9fQ=="
.media.net/ Name: data-pbs
Value: setstatuscode~~1
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWR5b3VsaWtlIjp7InVpZCI6ImVhODNhODJiZmQ1ZThmYjQwYWZhNWYwNTE4Yjc3NzE3IiwiZXhwaXJlcyI6IjIwMjQtMDEtMjVUMTc6NDg6MTkuOTQ3NDEwOTg2WiJ9LCJtZWRpYW5ldCI6eyJ1aWQiOiIzNDc5OTY4OTM5MDMwMTY3MDAwVjEwIiwiZXhwaXJlcyI6IjIwMjQtMDEtMjVUMTc6NDg6MzUuMTE2MDQ1MDA3WiJ9LCJncmlkIjp7InVpZCI6IjI0M2FiMjc2LTVhZTQtNGZlMi1hYjE0LTQ0ZDRhMTM0ODQ5MiIsImV4cGlyZXMiOiIyMDI0LTAxLTI1VDE3OjQ4OjM4Ljk1MTE2ODc4WiJ9LCIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTI0MTYxNjAxNzQ3MzYiLCJleHBpcmVzIjoiMjAyNC0wMS0yNVQxNzo0ODoyOC43MDcwNDYyN1oifSwicnViaWNvbiI6eyJ1aWQiOiJMUjlJNkVDVi02LUNZMk8iLCJleHBpcmVzIjoiMjAyNC0wMS0yNVQxNzo0ODozMi4wMDY4MzAyMDlaIn0sInNvdnJuIjp7InVpZCI6IkgtWU1qVFpIMUdUeFJBNE5UdTZWaE9VcSIsImV4cGlyZXMiOiIyMDI0LTAxLTI1VDE3OjQ4OjE1LjQwODcyMzMxNloifSwiaXgiOnsidWlkIjoiWmFBcDRPVDMwS2FUOEJOMTNVdnZ6d0FBJjM4MzgiLCJleHBpcmVzIjoiMjAyNC0wMS0yNVQxNzo0ODoxOC4wMDE4MjI0NTlaIn0sInlpZWxkbW8iOnsidWlkIjoiVkVGN3NxcW5uN3FiOE9IM0Vla0wiLCJleHBpcmVzIjoiMjAyNC0wMS0yNVQxNzo0ODozMC43ODE0Njc0MDZaIn19fQ==
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1704995319

9 Console Messages

Source Level URL
Text
security error URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=RX-ccca562f-4c95-4b60-af7b-70eceecab7c0-005&pId=44' because its MIME type ('image/gif') is not executable.
security error URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=1693987427671510040&pId=40&gdpr=0&gdpr_consent=' because its MIME type ('image/gif') is not executable.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://www.bleepingcomputer.com/news/security/ivanti-warns-of-connect-secure-zero-days-exploited-in-attacks/
Message:
Refused to execute script from 'https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D46a0c9ae7afa44739d3ed7a9bacd8f25%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0' because its MIME type ('image/gif') is not executable.
network error URL: https://ad.atdmt.com/i/img;adv=11167212900636;ec=11167214155259;adv.a=6492373;c.a=30790706;s.a=6555772;p.a=385367412;a.a=576121694;cache=770723588;
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ad.atdmt.com/i/img;adv=11167212900636;ec=11167214155259;adv.a=6492373;c.a=30790706;s.a=6555772;p.a=385096202;a.a=576121697;cache=2721232515;
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://p.ad.gt/api/v1/p/474
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0518dd1c6a0662a4e952514b6b00589d.safeframe.googlesyndication.com
33across-match.dotomi.com
a.ad.gt
a.clickcertain.com
a.pub.network
a.teads.tv
a.tribalfusion.com
a1008.casalemedia.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.atdmt.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
aorta.clickagy.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
api.floors.dev
api.intentiq.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cc.adingo.jp
cd.connatix.com
cdn.browsiprod.com
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.firstimpression.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cds.connatix.com
ce.lijit.com
ck.connatix.com
cks.connatix.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connatix-supply-partners.tremorhub.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.iqzone.com
cs.krushmedia.com
cs.lkqd.net
cs.media.net
cs.yellowblue.io
csync.loopme.me
customer-pp0t2fahc1hu8o6o.cloudflarestream.com
d.pub.network
de.tynt.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
events-ssc.33across.com
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
functionalfeather.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
i.ctnsnet.com
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ins.connatix.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
ius.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
optimise.net
ox-rtb-us-east4.openx.net
p.ad.gt
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
polarcdn-engine.com
polarcdn-pentos.com
polarcdn-terrax.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxdrop.lijit.com
qsearch-a.akamaihd.net
reports.intentiq.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rtb2-useast.e-volution.ai
rtbc-ue1.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.ntv.io
s0.2mdn.net
s2s.t13.io
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
st.pubmatic.com
static.adsafeprotected.com
static.criteo.net
static.polarcdn.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.colossusssp.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tag.escalated.io
tags.crwdcntrl.net
tags.rd.linksynergy.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
u.openx.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
vap3ord1.lijit.com
vid.connatix.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
vop.sundaysky.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.temu.com
x.bidswitch.net
xsync.iqzone.com
yield-manager.browsiprod.com
z.moatads.com
33across-match.dotomi.com
a.clickcertain.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.atdmt.com
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
btlr.sharethrough.com
c2shb.pubgw.yahoo.com
cc.adingo.jp
cdn.doubleverify.com
cdn.indexww.com
ce.lijit.com
cms.quantserve.com
core.iprom.net
creativecdn.com
eus.rubiconproject.com
g2.gumgum.com
gum.criteo.com
hbopenbid.pubmatic.com
i.ctnsnet.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ins.connatix.com
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pmp.mxptint.net
polarcdn-engine.com
prebid.a-mo.net
prebid.media.net
px.owneriq.net
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtbc-ue1.doubleverify.com
s.amazon-adsystem.com
s.company-target.com
s2s.t13.io
ssbsync.smartadserver.com
static.polarcdn.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.colossusssp.com
sync.intentiq.com
sync.ipredictive.com
tags.rd.linksynergy.com
tlx.3lift.com
tpsc-ue1.doubleverify.com
us01.z.antigena.com
vid.connatix.com
visitor.omnitagjs.com
z.moatads.com
104.16.119.60
104.16.201.63
104.16.94.114
104.18.127.192
104.18.20.206
104.18.36.155
104.18.41.104
104.20.60.209
104.22.5.69
104.22.53.173
104.22.53.86
104.22.74.216
104.26.13.6
104.26.2.70
104.26.9.50
104.36.115.111
104.96.165.48
108.157.162.29
108.157.162.92
108.157.168.203
13.107.42.14
13.249.96.211
13.249.98.27
13.249.98.32
13.32.87.78
13.32.87.86
130.211.23.194
141.95.98.64
142.234.204.77
142.250.31.156
142.250.31.95
142.251.111.97
142.251.16.149
142.251.16.94
142.251.163.155
142.251.163.94
142.251.167.132
142.251.167.149
142.251.167.156
15.197.193.217
151.101.129.229
159.203.147.11
162.19.138.120
162.248.18.36
162.55.120.196
172.240.127.130
172.240.155.108
172.253.122.101
172.253.122.105
172.253.122.155
172.253.63.155
172.64.144.166
172.64.146.152
172.64.149.180
172.64.151.101
172.67.23.234
173.231.178.115
174.137.133.49
18.173.166.107
18.173.166.7
18.235.26.124
18.239.225.17
18.239.225.7
18.64.174.3
18.64.174.54
18.64.174.91
185.167.164.39
192.184.68.134
192.184.68.166
195.244.31.10
195.5.165.20
198.148.27.131
20.237.30.240
209.204.232.140
213.19.162.80
216.219.92.22
216.34.207.201
23.105.12.158
23.105.12.173
23.194.228.145
23.204.76.188
23.204.76.201
23.204.77.79
23.205.2.235
23.212.251.26
23.215.200.26
23.220.120.23
23.222.5.74
23.40.207.42
23.43.238.38
23.58.232.192
23.62.165.176
23.62.230.196
3.131.10.225
3.225.218.10
3.226.158.19
3.81.176.252
34.102.146.192
34.107.140.113
34.110.189.112
34.111.113.62
34.111.152.239
34.117.228.201
34.117.239.71
34.120.107.143
34.120.63.153
34.160.128.112
34.160.152.31
34.193.251.250
34.199.242.225
34.203.113.223
34.238.95.105
34.95.113.183
34.96.70.87
34.98.64.218
35.186.193.173
35.207.24.140
35.211.178.172
35.214.142.250
35.227.252.103
35.236.220.17
35.244.159.8
44.215.192.137
44.215.45.69
45.137.176.88
50.116.194.21
52.204.91.144
52.223.22.214
52.23.23.251
52.3.191.88
52.40.119.126
52.5.202.159
52.71.125.247
54.146.92.239
54.147.254.41
54.152.0.153
54.163.157.65
54.80.204.71
54.89.198.103
54.90.34.250
54.90.95.251
63.251.28.134
63.251.86.49
63.251.86.51
64.227.64.62
67.202.105.23
67.202.105.31
68.67.160.132
68.67.161.208
69.166.1.35
69.173.151.100
69.175.41.32
69.194.240.13
69.20.43.192
69.90.254.78
74.119.119.131
74.119.119.150
74.121.140.211
8.2.110.134
8.2.111.13
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.98
82.145.213.8
99.84.252.87
0018a1cfecc3338c4606d88e26d4fb8ee1b75e46afd4ded845ccc508d3e8a78e
0267f39be7f6a52b8dbcb124970751d6f4806009ccf837cfa1e52422952e0bec
035d5c057e1d42850d93c9727c2dc5bddaef0799a7b04018d68a7af2691703a4
047cb5f8f72e6e81f721ddfb126d8a44fbda19b37edfa45d7680e1e00cb423b6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a91868f91f3e2a76cb683429b4832c8c06846f2bfc9ac692dd42a71bf81f5af
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf0781b1cbcbf720404b2d19c3cf4691110436717a2441ec673ec8c86961ded
0c6f71f769be84f8861a11d0a9d1650906aa45cb31a0ca6ca97f8ae0812cb774
0eda13bf855220cdec6aaace454f32733f52fcac0bacb575e459b5b081ee9c52
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
1484bbe69a22d38cb11ec73d5c5224412addcac31803c1e159415c8d137907bc
14b641b975d6844479200afe33e65d0b06f9817b0c0fde83feffc92e8dfd1220
150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7
163a044a2c2ec442da4756f99983129b0236a30609ec038b38f53bb66ed95ca2
17947283bf668871c43b0b11443e540a4b4900e522766496777dedd5255900c6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190b4aa4ed57e68734a92c054a55bd4689bc2a0d0c225adfb9b2244ab55f3543
1935a6708f5c1899fdacd54dca1550f2a2477d1eac6a470bf1f710690cda2625
199781a53ec8660f226377a7390e95a3e55dcd1404329262bdffe3e9365e0f0c
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1a99ccf8de5fc2d7103678af0a5a146f2889b1083cd297b00348346ff862baa8
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b8078837bc1f2d90aba7d9ba8cf9e7770408a3a481d2f1ada591a70054dc6af
1bf5435c55a81e3f050dc22ed008eb354bcecd1c042316e81a95a488a6c0ae43
1cc0716b08a37c6b275d9c81ba700edcdf84fafa85a46bffc68e7116124172f7
1d03979ff535f8dd6adb4ba8ddc894d78907ed45031e078c2caf5d34338c80d0
1d1dc2a2530f05dc7e17d01673aa22d76049c44cdd8fc0385b69edd7102b4918
1e7fba4a969ecede82636b7386729b86a408ca8a9ab5201a010eaaba2abaff7b
215cec71325fdcd1acd71c902d3b4487b72b206c6edcb2b1b76be8a6b8435292
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
24a79456bdb426127f89fc99d705236c33c7e54d70a58d0a434445f4ba92b02b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c0495a57663c420645febd01e4ce37cc62c6512df6732d06880d74f0e1761a0
2c14d5026837184e44692d6968e77f376350a3931135d3e905126cbfd7fd4763
2c4d3a8450b0f6fe87df64cacfc2a6f3edaca76c93cae58963612ed580f982ce
2cad75bcadab41aa256dfadac5f7fb293a6c3a73ccdf7f48ecb06017c8833144
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0dc1487247c5693cb0a467b83d37c45f24da2838e142627529a05c862588a6
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31e10b57c705c685deadbbb2187aa00443ec7af00a769cb539d5d10a8a947ed3
320afb4599d0c6913c1d0f7ad16609b48bd357898f5a6db56441e9d4bd8ecddf
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
32f5acbeaf7ccddc8ce13c49068b369302a2911e785fccba112eacb95524d90c
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
33ecb511db9e2443b8429c7679838882d6ed0c6468204fe46b0535dd34d87899
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
37ca13adfc531c2a4b34ee2d45e2c65c128807ca624531dc89678b087542f37f
38a762181e26dd8bdfb8d016bcb37444853b404339bd65131c97b73ffed0eb1e
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39701757b0e1dd58ec88add57b1be1a36c5652f5ed12ce3fe3c1e042271ed5eb
39f747435d860e4c17c69751fd796ed648ff1ddb862b805702cb6380c4a4c5b0
3b8f4b58094b9315a22a444e36163f291be4f2f63514fe0a5dd4107e1aaab4bf
3bcc78c28638c7500c7f6ac759ee979e9dcbc49559d7766a99ff763aaef8f051
3cb2dccfaf1a0f59709c76703bfb2b54c4a7eacd417d478fe4273c73d573b265
3d2a1dec8ebeb25490d007c4d2996ed6102573ef452cc86dc75353d1ec0e3a41
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9a07d6fb5cd9c016e0b8cb2a748db84df32cd365060a1e3c75e2c5d9dbfbb1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
402ed8b113fb611ba49968305f66e1fd5d6cef15c1149e3d677653b59d5bf9f1
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
467b5616b4b6c9ea667313934635fbe5d618dc44f6640e68924bbe0670c0cb5e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471d2c3e827b60f7c780d6baa69020576dd69a51041eea876c8e9ef7913720c2
483355a69c608e93ad24b1ad80d3df5ada39f0b3c919ada3bf13c116f38ac7da
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b276cfb3e278b921e5aba3d9c475b977b04dded5324b5d102b3fad66a336fa
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4905cbb3e5593e9fa5a750b9994681fc9077bd3dc1d3fae4d19db282ceeecf6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9eed05d0b640cd38adcf8a775824bf08b71b813f0f8784031c0a98da958d32
4dc91d0d184df65b4b95c91096c451ce245ad377b54174633a159869dae9b299
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f89bf445339a7cc03f7e840a20cfeb41dc537fd8bc5b3437dd1cf72cdd987e1
509402ee61575261a665985ed227545ac8be4a06bfdc9fc950f4d522befdf525
52b1559d2c6f9c0f52fe57d41567530adfa2ced71f77552ae176393a67497062
53f480f01dcb676ccdf0d432f8b341b422d1e0436edf4d276d46414fbef723ef
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55624974ea2688b420c9461696f4190f38766674a6a2abfd5e16382847782e35
56acccb87305824a853252a5ff5a4efef7a04df5f435da955399afa5900cc714
57fc070163104ef9f158d39478699d79a54d2b870057eb581180371c3bbef432
58ef34404e64bbb23aa99fda9f24d08fed30bcff3ab525be5cc2b1fba411232b
5901d397c8805c059c9abe886c5e86f76396e70eda9254cde2cd145c30835734
5a1cf6259640742cd17cfecd298cf47e838bb4889d9b2f0f6f8825294fa9a096
5be1b370c7bbd106b2ce45c855c570c80b493896aa5cf8958fb8392f3b0fc151
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cea85aed8d98be932532d3523408134ebd08d4e4dd2cbb7c7b052d69e667558
5ecad8f4fe2cc621b72625c5a14a1c58e3848cefafbac3224c4392bffd7bae44
5fba5efef8502b6094d42c832d50d1033983675699aa2406c6121654c7af5da9
5fbf07176fcd04063ca0806230fb9b68a7982e117f4e78f258db7c1cc2dc3cbd
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60cafa05c97da06116c9164ae946addfe8812d8b104b0d4260cfd5e3884eeab7
61687269a3714cfb62fabe1d82270e03508d2dcbda0fa4fda1dd90f7bc45a936
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eba80821f78e3b99d39db643133072ed51bb328772a5e52a8a3c0533f80962
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6338a84d607c6e3440f3e02e5e4b1e1c1001fb1fbe72976175e7d091021e67c6
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63da38b438073d467b7f1313cd9c116ac68f2f349982a7b5062b490a686f7e34
651f66033d05c4c874bf7325fc0923e4c5cb0bfc33e4565b2a4c282c2230d4f9
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
675b6d11fa6a048205913ccaa002e67e6ed208cec5b060bc69cb99b74ddf11a3
67701500afb3980c34fc70d8ea1cf355620e66f0f8661ec3b1f0506ee2179bc0
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
688b1ae04781d634c0b8131b2c0ae0bbd676b77b8d531b2c1761ac8ee583dbaa
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6954a987089c18b6080b8c0cba35621994ef7c4fb975e89519e953272077a5b5
69ab862d465ba1bf8ed7e281abd2cb97f38fda7d89f8a33274f9f2cf59ea3728
6a16dfe9e92661a05f6798c8520a71e2f68c4675ffd6428d60e9d4fc71744dc7
6a20c3f487a7b757f8cdca8b5a6f2b516756fab40edb5c7486270cc010a99358
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb2b288adf345540fd86820671236f035ab935c4937f2a255d424b7b211147d
6cc5851758ac9f463cdc2fc3f76298fe17e16d607788e6e2bf486f19288413eb
6cdf3d5e98f778d116d2a9be4de6eff15c99166149e85ddc15e21ba44be0dbcf
6cec64f6b030e332b9d358a6f6196c8d1f387aa516dbf95d29cd7509776022e7
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
7079373474cfa2f6aa159181a4895296e0ca6c233aa3db6b954a6b0b2da18b5b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7160536d777f7953583535401f513a15029d2ed16f5db3240e10ea3bd30d1289
71e4b57fee0e36a0fd80e8836284f53bbb5c143f247c4702146b1a25da9f905f
726148273317d2080c2bd42b2a0742ac83df6bcdd5fc96e2c0e6e3a8a31a0444
76a2b11d6b7ee8a043ed03c34d84257e967968b11c7781c1a590f19f6ca9aece
7721e5519f03025c6b8f10f1ee951d67cf9cfea7cdca67ad0ce47b6d91e8c543
773023393899dcee5044f57ac1ca5cee2fe4659436e7765a5d8e84c4629e7ad6
7770a49531cec967fd45e976e08174a12fa2d42544cfb017f4373bcc41266b82
77fa0cead908a5b8d2b29ea0e0faa0d3352ec96662099222d4c3a83c472ed765
78d7c7931a82954c6093d8c0f8ad52c5d003740d947e5ad0d9a26c478b155094
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b
7c61f67b1b1399af6d07e49e904a0e5ed88698441a36e5aaae5d35deb90b35e5
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7fe929bad71e4a94696fe04739d967d26a25d59d1392ae09a1e2549dec14767f
81ad0b9df7515fa3306e9d7be329bc2668e04dda4e0a454b0fc842468697ed82
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509
868ba79554a417daf825ba46df8f6138a1bd2f0ab12d9fb0e947a04c1b05d3bc
8850868d209c4c086eca4579b496846168800fe4ac4728162508e0dc35fa3537
8a30d7f7abbc1036b2f87d49840af70ac7aa6aa2f62a6553edfa849bc2661714
8badb6a34d7b32d59231c6a23a584483d95d98472466fc64187f0930d25d3797
8bd69d0dddab8bc553263c254faad469c2a3e08bfb0b737e763f7feabe571225
8c213b0433668a3ae68c1bcd57701995f898bd71659e7d9cc2de9c24deccc763
8d59600c71819efd9513ea48d57eb86572a2c6f2a71020c00b5cee27c46766cd
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8fc0af52e0f57747801c9fce52c542111088c8c9777cdd47eecd2e4c2d65d2b4
8fdf52c64d6574cbec494064f827750defb0db77f1f5f4ea568bd45629006278
9048b4ab9d358dfa749a9f39130352fcfaa3dd6235336d30d2da0455f32ae2c0
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
95f90de10b7949670538a5dbe49d28aa63bd5409dd5f0bee249ebdf20f83303f
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9936db31f973b0e45eb34c65cd0c6c87b8dc687dc602ca3721c4f9329fa23bf3
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e652bd9e9a209619cf02dea22e719eaac952fcde55a5438b34bd38da813a49c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fdd69e7dedeaa9eaff455125ca38f2f374a2e6829c94422f8e1457a8b905a2
a1d3706fff682b407df7e0ad01ba328b3d9ccca2c6e7c6502c0dd77e0d573966
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d
a3f96325e633a8322f21f3186dd49c7ed2a6e6b14bf4726df988606f4ba984a0
a453ade31af0118629c4b7686eaae4e4248a1768b707e033d8d0f4eaf177c01a
a5174cf4a6709a452cad608d28e564f1be42ec26890f18319401e7f0202a19e5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58f15789e19bd759c2869912cf304895a6efebb6545285f39be7282efd8f943
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
aa26788f5136afe887c8047296a3ff023762940af75f73d0b565e9499d47d258
aa464839adf45e76d965f6c8e5242d5cd80d15713e5a5372f21d9fba1109976e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab6e66a3861d1538d68efc8a23324fa1692c16d1c219d268931364acc0522161
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b146cc983ad9851d0e42245405eee5af0f5eb68a87b72d7e28f45d7831a3d4b7
b30420ca9147d7473a7e634e81ba3a3a18639ac8f79d3a5939d377063ffabf9a
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b4c1fe8cd89ab270efbc0050631a2ddaa761834d102cb53a04ff788b0f5c78a4
b5ca18e2886474b70e2a549f345e739dd25b77d0c0203151582a1f7849047768
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b7f0075bb5495ed04ea33f2843bcaad18a45c187fd35c20169b53033cd7fb76b
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
b9925192c6187b115ed5c505921116fb64ff970c99231b56d6fca5867687ba8a
ba0f53cd9c2d7edf40f8eab8d0ebdffc3792d2bbfbb8ef4e79426e8f45829fd8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bc230f841c13475a013be8a664ae91d156f8c6feebe2c05d24ac47235bdf5a7b
bd97bd47a2b3377c198e1da589adbdd95f7c0c42a6f56611d874ca7b4a1f1d7c
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c14a5488b8cc0a5b3cd9eca8ccf0d8b0e879b11e45ac1a1d56e51e0f934322fc
c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe
c2bde4aed9f263d00f47756391f02b34995a80dd79b93e26ddbc5317910744ff
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3c05707d186d8fd07bbab644560b59e89342d55427210b3cc25f055b83b17ec
c49341ae4918f989cbb9f7803a89f34f42bbe30973f1d09bdb3493ddf55b12f7
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
c701c6751a1e78dc066557c01c7bf74bab9dd1f84f0ac3fdf8e3db5f43e26684
c7b9d14f22510bb18fce8e9c30fcfe48b050a2fd4334ec1f47f8e3ff443a54ae
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb7cd073065a3b1f01b4467f80251ea7d85ffc6c2e7b3283e84d83fad83bbd83
ccd942f13d3ea0b62269c35726f2d4ce75993d4fb8dd0e3f3a9e708d13b374a7
ce70a83af3123d8f4d0614092cd54233ff4569d638e6c94d7cc3a3e767c30ea3
cea42459d5d020e032c183ffa51a8ee75e1cbd1155c06b064582c628de040f62
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf96848fa9b432bf0ec267c2a614e25174dc8af4a39e6ab5ab654ab22227bd6a
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d0baf2fda134682e4f9accf13a7ef20a35f7797afbd9fcc2117bea4e07d934e6
d0d523bcc6d601a62421c4ca9d6f59b9d8a864436968106f6c5c2a9e22bd8a8d
d0f551ce3f3162a0db0deb76fddc8517a1fff2cd332317326e68d60a134feb29
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
d2386601c167c213ca793afa2b8e27eb95e2c0ae083c95185b41ca4af1e3b347
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe2a39ade2a09afd73d8dce25248e2fe1f31e3abea133fb17f7e3bc163f5f18
dd7f9dca60ecf05a93994f8454b4215381f019632bec6d48fd63d68fe0c660d7
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded5deda2d5981c7202928c4d71e569bf8f9dbcc9b8770b86f4723d54bc2c7ec
df6e516e80929d2585f278be25c28d8e848940c31aa628930fbfe91a5a25b767
e2c9edd75dcd7ce6152ca0eeef49d8efc8a4cb472093d08893e661cb57c0916b
e30a33406629ccb8af053f506ec5aa412a5c13869b7e28568d9ac00986879056
e3ab153c4332010bbdf1d4a13fd98cc5876133df1892ab4fdfeafa7a8470e999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d
e597828cfb639e9d02ef8a6f7ee3ff32c0322805d22d0b9367a8340b64d33855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e72ba23c3e939cf75cfcd6892a5b560da5510b2bb422b5ce99a5e156f6fbe4a9
e7b1d3fec510908a7eb6e4baf8dd34e15b0762c9003e639a46a79ef56fd6fdf1
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e910af5525a7583bf6017bcb284684759653ab1a230faca211b5d42336c95d9c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e949bb8675cff3ef5dcb2dfb5a5cf8706f5f2807345462d8f5cff30e1f5405da
eb20c4389eac84df94fd376a45b22d02b81403729b15e626f0809b00ec6411b7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec28ff9286afef04d31857735b4766fa760103e95cd7e61d95c7aab2a8f23416
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b12a8fe1690e2a6268a26d460c592b738164e70c9b8edd38016a838ecc5b8c
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67
f3561f99ff8037cc787cc4236b681e72caf6487f87ec92d78a4c576df1b49368
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f76f20e03ab2b3d908bb3b083af35f3f4701a6b88d86652e58e5bb12e976a2bd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f81a2d7e788e2bf34a2216b6f4b3078f83f4d5f9b5ad54bc56806506630e0a0c
fc4a0832bbaf61390180d330873598b0993d78ad92ee5ba3a56c3f947f3b7229
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1
ff2053e2a175a8cae7780c8f03f2283ab845d9b7994d6658e54ce54d25b6761e