urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/#entry5150714
Effective URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Submission: On October 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 10 countries across 101 domains to perform 353 HTTP transactions. The main IP is 104.20.59.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2020. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 104.20.59.209 13335 (CLOUDFLAR...)
5 104.26.13.6 13335 (CLOUDFLAR...)
1 142.250.185.200 15169 (GOOGLE)
4 104.26.1.139 13335 (CLOUDFLAR...)
1 52.222.139.5 16509 (AMAZON-02)
1 13.225.87.54 16509 (AMAZON-02)
2 142.250.185.142 15169 (GOOGLE)
5 13.227.220.35 16509 (AMAZON-02)
1 142.250.184.198 15169 (GOOGLE)
1 2.21.142.172 16625 (AKAMAI-AS)
1 10 151.101.130.137 54113 (FASTLY)
3 5 91.228.74.189 16509 (AMAZON-02)
1 143.204.98.113 16509 (AMAZON-02)
1 52.222.139.100 16509 (AMAZON-02)
1 13.225.87.110 16509 (AMAZON-02)
3 35.201.71.192 15169 (GOOGLE)
6 142.250.185.206 15169 (GOOGLE)
1 151.139.128.11 20446 (HIGHWINDS3)
1 104.16.94.65 13335 (CLOUDFLAR...)
3 18.116.108.37 16509 (AMAZON-02)
2 157.240.236.1 32934 (FACEBOOK)
1 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 13.227.220.37 16509 (AMAZON-02)
1 4 52.222.139.23 16509 (AMAZON-02)
2 34.120.117.212 15169 (GOOGLE)
1 142.250.186.77 15169 (GOOGLE)
1 157.240.236.35 32934 (FACEBOOK)
1 35.241.45.217 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 1 104.21.192.119 13335 (CLOUDFLAR...)
1 172.67.70.134 13335 (CLOUDFLAR...)
6 2.18.234.21 16625 (AKAMAI-AS)
1 142.250.185.196 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
3 142.250.185.98 15169 (GOOGLE)
9 52.212.133.238 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
4 142.250.186.106 15169 (GOOGLE)
1 54.228.109.135 16509 (AMAZON-02)
1 104.26.3.70 13335 (CLOUDFLAR...)
5 18.66.241.177 16509 (AMAZON-02)
3 13.227.220.71 16509 (AMAZON-02)
1 142.250.184.230 15169 (GOOGLE)
2 178.250.2.146 44788 (ASN-CRITE...)
1 13.227.211.228 16509 (AMAZON-02)
1 2.21.142.108 16625 (AKAMAI-AS)
4 104.16.68.69 13335 (CLOUDFLAR...)
8 35.157.246.167 16509 (AMAZON-02)
2 54.194.126.20 16509 (AMAZON-02)
2 34.107.148.139 15169 (GOOGLE)
2 184.31.84.150 16625 (AKAMAI-AS)
1 34.149.20.76 15169 (GOOGLE)
2 3.65.202.227 16509 (AMAZON-02)
8 52.29.20.215 16509 (AMAZON-02)
2 213.19.162.51 26667 (RUBICONPR...)
3 12 185.33.221.89 29990 (ASN-APPNEX)
2 18.192.135.64 16509 (AMAZON-02)
20 34.98.64.218 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 130.211.23.194 15169 (GOOGLE)
1 13.227.220.124 16509 (AMAZON-02)
6 151.101.66.133 54113 (FASTLY)
2 52.57.27.215 16509 (AMAZON-02)
1 34.200.155.146 14618 (AMAZON-AES)
2 151.101.194.133 54113 (FASTLY)
1 1 3.216.128.157 14618 (AMAZON-AES)
17 23 142.250.185.162 15169 (GOOGLE)
6 108.128.170.1 16509 (AMAZON-02)
4 13 76.223.111.131 16509 (AMAZON-02)
3 35.244.174.68 15169 (GOOGLE)
1 2 104.92.72.137 16625 (AKAMAI-AS)
6 7 3.122.214.165 16509 (AMAZON-02)
1 1 46.228.164.13 56396 (AMOBEE)
5 5 185.29.132.241 30419 (MEDIAMATH...)
4 5 151.101.66.49 54113 (FASTLY)
1 1 64.58.232.179 13649 (ASN-VINS)
1 64.58.232.180 13649 (ASN-VINS)
2 4 185.64.190.78 62713 (AS-PUBMATIC)
1 1 107.178.240.89 15169 (GOOGLE)
1 34.120.133.55 15169 (GOOGLE)
1 34.253.109.165 16509 (AMAZON-02)
1 34.210.245.148 16509 (AMAZON-02)
2 151.101.1.108 54113 (FASTLY)
3 2.18.233.180 16625 (AKAMAI-AS)
2 2.21.140.74 16625 (AKAMAI-AS)
4 14 13.248.245.213 16509 (AMAZON-02)
1 208.100.17.174 32748 (STEADFAST)
2 104.109.78.125 16625 (AKAMAI-AS)
8 11 18.195.106.43 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
2 9 2.21.141.232 16625 (AKAMAI-AS)
5 5 3.124.143.99 16509 (AMAZON-02)
2 2 35.210.178.101 19527 (GOOGLE-2)
19 19 52.16.151.94 16509 (AMAZON-02)
2 10 185.64.190.80 62713 (AS-PUBMATIC)
3 3 185.86.137.110 201081 (SMARTADSE...)
3 3 198.148.27.139 19189 (PULSEPOINT)
5 6 37.157.6.246 198622 (ADFORM)
2 2 51.255.68.171 16276 (OVH)
2 108.174.11.69 14413 (LINKEDIN)
3 5 212.82.100.176 34010 (YAHOO-IRD)
2 204.79.197.200 8068 (MICROSOFT...)
3 6 52.46.133.124 16509 (AMAZON-02)
2 2 64.202.112.127 23352 (SERVERCEN...)
4 4 46.228.164.11 56396 (AMOBEE)
2 104.26.11.209 13335 (CLOUDFLAR...)
1 2 185.33.220.242 29990 (ASN-APPNEX)
2 38.91.45.7 398989 (DEEPINTENT)
1 1 34.194.30.250 14618 (AMAZON-AES)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
15 185.64.189.110 62713 (AS-PUBMATIC)
1 1 162.55.6.212 24940 (HETZNER-AS)
3 3 213.19.147.45 3356 (LEVEL3)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 1 87.98.128.108 16276 (OVH)
1 2 104.18.13.5 13335 (CLOUDFLAR...)
1 2 151.101.129.44 54113 (FASTLY)
4 185.64.189.114 62713 (AS-PUBMATIC)
2 2 51.210.112.63 16276 (OVH)
1 3 169.50.137.190 36351 (SOFTLAYER)
2 3 3.126.56.137 16509 (AMAZON-02)
1 2 89.207.16.204 41041 (VCLK-EU-SE)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
1 34.254.122.11 16509 (AMAZON-02)
1 52.45.128.104 14618 (AMAZON-AES)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 87.248.118.23 34010 (YAHOO-IRD)
3 69.173.144.139 26667 (RUBICONPR...)
1 1 38.27.122.101 174 (COGENT-174)
1 1 3.228.133.61 14618 (AMAZON-AES)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 172.67.13.182 13335 (CLOUDFLAR...)
1 2 34.192.120.237 14618 (AMAZON-AES)
1 1 52.21.104.248 14618 (AMAZON-AES)
353 114
43    104.20.59.209 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
5    104.26.13.6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
1    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
4    104.26.1.139 (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    52.222.139.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-5.ams50.r.cloudfront.net
ecdn.analysis.fi
1    13.225.87.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-54.fra2.r.cloudfront.net
ecdn.firstimpression.io
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
5    13.227.220.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-35.ams54.r.cloudfront.net
quantcast.mgr.consensu.org
1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
1    2.21.142.172 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-172.deploy.static.akamaitechnologies.com
widgets.outbrain.com
10    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
img.connatix.com
5    91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net
cdn.firstimpression.io
1    52.222.139.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-100.ams50.r.cloudfront.net
rules.quantcount.com
1    13.225.87.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-110.fra2.r.cloudfront.net
test.quantcast.mgr.consensu.org
3    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
c.pub.network
6    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
apis.google.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
1    104.16.94.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    18.116.108.37 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-108-37.us-east-2.compute.amazonaws.com
capi.connatix.com
2    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    13.227.220.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-37.ams54.r.cloudfront.net
audit-tcfv2.quantcast.mgr.consensu.org
4    52.222.139.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-23.ams50.r.cloudfront.net
sb.scorecardresearch.com
2    34.120.117.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.117.120.34.bc.googleusercontent.com
ls.skimresources.com
1    142.250.186.77 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f13.1e100.net
accounts.google.com
1    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googletagservices.com
1    104.21.192.119 (None, )

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
6    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
dsum.casalemedia.com
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
ssl.gstatic.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
9    52.212.133.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
s.srvsynd.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
4    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
imasdk.googleapis.com
1    54.228.109.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-109-135.eu-west-1.compute.amazonaws.com
vid.springserve.com
1    104.26.3.70 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
5    18.66.241.177 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
3    13.227.220.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-71.ams54.r.cloudfront.net
tagan.adlightning.com
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
s0.2mdn.net
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    13.227.211.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-211-228.ams54.r.cloudfront.net
dggaenaawxe8z.cloudfront.net
1    2.21.142.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-108.deploy.static.akamaitechnologies.com
s.ntv.io
4    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
8    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    54.194.126.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    3.65.202.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-202-227.eu-central-1.compute.amazonaws.com
tlx.3lift.com
8    52.29.20.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
20    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
freestar-d.openx.net
eu-u.openx.net
us-u.openx.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    13.227.220.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-220-124.ams54.r.cloudfront.net
vpaid.springserve.com
6    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
2    52.57.27.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-27-215.eu-central-1.compute.amazonaws.com
uat5-b.investingchannel.com
1    34.200.155.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-155-146.compute-1.amazonaws.com
jadserve.postrelease.com
2    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
1    3.216.128.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-128-157.compute-1.amazonaws.com
usermatch.krxd.net
23    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
6    108.128.170.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
beacon.krxd.net
13    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
7    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
5    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    64.58.232.179 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    107.178.240.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.240.178.107.bc.googleusercontent.com
fei.pro-market.net
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    34.210.245.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-245-148.us-west-2.compute.amazonaws.com
id.sharedid.org
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2.21.140.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com
contextual.media.net
14    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    208.100.17.174 (United States)

ASN32748 (STEADFAST, US)
PTR: ip174.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    18.195.106.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
9    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5    3.124.143.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
19    52.16.151.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-151-94.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
10    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
2    108.174.11.69 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-69.fwd.linkedin.com
px.ads.linkedin.com
5    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
2    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
6    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    34.194.30.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-250.compute-1.amazonaws.com
sync.extend.tv
2    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
15    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    87.98.128.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-87-98-128.eu
green.erne.co
2    104.18.13.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
4    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
3    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    89.207.16.204 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-login.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
1    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    52.45.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-128-104.compute-1.amazonaws.com
rtb.adentifi.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    87.248.118.23 (Frankfurt am Main, Germany)

ASN34010 (YAHOO-IRD, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    3.228.133.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    172.67.13.182 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    34.192.120.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-120-237.compute-1.amazonaws.com
a.audrte.com
1    52.21.104.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-104-248.compute-1.amazonaws.com
sync.ipredictive.com
Apex Domain
Subdomains		 Transfer
43 bleepingcomputer.com
www.bleepingcomputer.com
209 KB
39 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
58 KB
27 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
152 KB
20 openx.net
freestar-d.openx.net
eu-u.openx.net
us-u.openx.net
4 KB
19 bidr.io
match.prod.bidr.io
9 KB
17 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
9 KB
16 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
45 KB
16 3lift.com
tlx.3lift.com
eb2.3lift.com
6 KB
15 krxd.net
cdn.krxd.net
consumer.krxd.net
usermatch.krxd.net
beacon.krxd.net
178 KB
14 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
409 KB
13 adsrvr.org
match.adsrvr.org
5 KB
13 bidswitch.net
grid.bidswitch.net
x.bidswitch.net
5 KB
12 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
13 KB
11 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
16 KB
11 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
43 KB
9 srvsynd.com
s.srvsynd.com
51 KB
9 skimresources.com
s.skimresources.com
r.skimresources.com
t.skimresources.com
p.skimresources.com
ls.skimresources.com
17 KB
8 sharethrough.com
btlr.sharethrough.com
953 B
8 google.com
apis.google.com
accounts.google.com
www.google.com
133 KB
7 eyeota.net
ps.eyeota.net
4 KB
7 consensu.org
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
278 KB
7 pub.network
a.pub.network
d.pub.network
c.pub.network
346 KB
6 adform.net
c1.adform.net
3 KB
5 w55c.net
pm.w55c.net
4 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 turn.com
d.turn.com
ad.turn.com
2 KB
5 indexww.com
js-sec.indexww.com
4 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
19 KB
5 bleepstatic.com
www.bleepstatic.com
16 KB
4 rlcdn.com
idsync.rlcdn.com
api.rlcdn.com
id.rlcdn.com
794 B
4 media.net
prebid.media.net
contextual.media.net
18 KB
4 districtm.io
dmx.districtm.io
cdn.districtm.io
349 B
4 googleapis.com
imasdk.googleapis.com
123 KB
4 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 simpli.fi
um.simpli.fi
1 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 smartadserver.com
rtb-csync.smartadserver.com
2 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
982 B
3 adlightning.com
tagan.adlightning.com
73 KB
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
290 B
2 onaudience.com
pixel.onaudience.com
719 B
2 taboola.com
trc.taboola.com
match.taboola.com
557 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 deepintent.com
match.deepintent.com
83 B
2 ad4m.at
ad4m.at
147 B
2 zemanta.com
b1sync.zemanta.com
602 B
2 bing.com
c.bing.com
737 B
2 linkedin.com
px.ads.linkedin.com
613 B
2 nrich.ai
dsp.nrich.ai
975 B
2 volvelle.tech
a.volvelle.tech
1 KB
2 tapad.com
pixel.tapad.com
890 B
2 bluekai.com
stags.bluekai.com
tags.bluekai.com
1020 B
2 investingchannel.com
uat5-b.investingchannel.com
455 B
2 33across.com
ssc.33across.com
ssc-cms.33across.com
295 B
2 yieldmo.com
ads.yieldmo.com
461 B
2 springserve.com
vid.springserve.com
vpaid.springserve.com
88 KB
2 btloader.com
btloader.com
api.btloader.com
23 KB
2 facebook.net
connect.facebook.net
78 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 firstimpression.io
ecdn.firstimpression.io
cdn.firstimpression.io
98 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 zeotap.com
mwzeom.zeotap.com
456 B
1 stackadapt.com
sync.srv.stackadapt.com
647 B
1 bnmla.com
match.bnmla.com
917 B
1 adentifi.com
rtb.adentifi.com
88 B
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
485 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 erne.co
green.erne.co
326 B
1 adgrx.com
cm.adgrx.com
408 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
218 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 extend.tv
sync.extend.tv
546 B
1 sharedid.org
id.sharedid.org
379 B
1 crwdcntrl.net
id.crwdcntrl.net
912 B
1 pro-market.net
fei.pro-market.net
327 B
1 mookie1.com
ib.mookie1.com
992 B
1 ib-ibi.com
global.ib-ibi.com
489 B
1 postrelease.com
jadserve.postrelease.com
610 B
1 ntv.io
s.ntv.io
113 KB
1 cloudfront.net
dggaenaawxe8z.cloudfront.net
3 KB
1 2mdn.net
s0.2mdn.net
1 ad-delivery.net
ad-delivery.net
928 B
1 gstatic.com
ssl.gstatic.com
5 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com
525 B
1 googletagservices.com
www.googletagservices.com
27 KB
1 pghub.io
pghub.io
2 KB
1 facebook.com
www.facebook.com
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 quantcount.com
rules.quantcount.com
354 B
1 outbrain.com
widgets.outbrain.com
3 KB
1 analysis.fi
ecdn.analysis.fi
2 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
353 101
Domain Requested by
43 www.bleepingcomputer.com www.bleepingcomputer.com
23 cm.g.doubleclick.net 17 redirects eu-u.openx.net
eb2.3lift.com
www.bleepingcomputer.com
19 match.prod.bidr.io 19 redirects
15 simage2.pubmatic.com ads.pubmatic.com
www.bleepingcomputer.com
14 eb2.3lift.com 4 redirects a.pub.network
eb2.3lift.com
13 match.adsrvr.org 4 redirects www.bleepingcomputer.com
a.pub.network
eu-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
12 ib.adnxs.com 3 redirects a.pub.network
www.bleepingcomputer.com
acdn.adnxs.com
11 x.bidswitch.net 8 redirects www.bleepingcomputer.com
eb2.3lift.com
10 image2.pubmatic.com 2 redirects ads.pubmatic.com
10 eu-u.openx.net a.pub.network
eu-u.openx.net
9 s.srvsynd.com cd.connatix.com
s.srvsynd.com
8 us-u.openx.net eu-u.openx.net
8 btlr.sharethrough.com a.pub.network
8 c2shb.ssp.yahoo.com a.pub.network
7 ps.eyeota.net 6 redirects www.bleepingcomputer.com
7 img.connatix.com www.bleepingcomputer.com
6 s.amazon-adsystem.com 3 redirects eb2.3lift.com
ssum-sec.casalemedia.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 beacon.krxd.net www.bleepingcomputer.com
cdn.krxd.net
6 cdn.krxd.net www.bleepingcomputer.com
cdn.krxd.net
tagan.adlightning.com
6 apis.google.com www.bleepingcomputer.com
apis.google.com
accounts.google.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 pm.w55c.net 5 redirects
5 sync-tm.everesttech.net 4 redirects ssum-sec.casalemedia.com
5 sync.mathtag.com 5 redirects
5 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
5 js-sec.indexww.com a.pub.network
ssum-sec.casalemedia.com
5 quantcast.mgr.consensu.org www.bleepstatic.com
quantcast.mgr.consensu.org
5 www.bleepstatic.com www.bleepingcomputer.com
4 token.rubiconproject.com 4 redirects
4 ad.turn.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
4 a.pub.network www.bleepingcomputer.com
a.pub.network
tagan.adlightning.com
3 pixel.rubiconproject.com www.bleepingcomputer.com
3 ups.analytics.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 um.simpli.fi 1 redirects ads.pubmatic.com
3 pixel.quantserve.com 3 redirects
3 bh.contextweb.com 3 redirects
3 rtb-csync.smartadserver.com 3 redirects
3 ads.pubmatic.com a.pub.network
ads.pubmatic.com
3 tagan.adlightning.com a.pub.network
tagan.adlightning.com
3 securepubads.g.doubleclick.net www.googletagservices.com
cd.connatix.com
3 t.skimresources.com www.bleepingcomputer.com
s.skimresources.com
3 capi.connatix.com cd.connatix.com
2 a.audrte.com 1 redirects www.bleepingcomputer.com
2 uipglob.semasio.net 1 redirects www.bleepingcomputer.com
2 visitor.fiftyt.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 match.deepintent.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 ad4m.at ssum-sec.casalemedia.com
ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 px.ads.linkedin.com eb2.3lift.com
2 dsp.nrich.ai 2 redirects
2 a.volvelle.tech 2 redirects
2 pixel.tapad.com 2 redirects
2 eus.rubiconproject.com a.pub.network
eus.rubiconproject.com
2 contextual.media.net a.pub.network
2 acdn.adnxs.com a.pub.network
2 cdn.districtm.io a.pub.network
2 idsync.rlcdn.com www.bleepingcomputer.com
2 c.pub.network a.pub.network
2 consumer.krxd.net cdn.krxd.net
2 uat5-b.investingchannel.com dggaenaawxe8z.cloudfront.net
2 hbopenbid.pubmatic.com a.pub.network
2 freestar-d.openx.net a.pub.network
2 grid.bidswitch.net a.pub.network
2 fastlane.rubiconproject.com a.pub.network
2 tlx.3lift.com a.pub.network
2 htlb.casalemedia.com a.pub.network
2 prebid.media.net a.pub.network
2 ads.yieldmo.com a.pub.network
2 dmx.districtm.io a.pub.network
2 gum.criteo.com a.pub.network
2 ls.skimresources.com s.skimresources.com
2 p.skimresources.com www.bleepingcomputer.com
2 connect.facebook.net www.bleepingcomputer.com
connect.facebook.net
2 secure.quantserve.com quantcast.mgr.consensu.org
a.pub.network
2 cds.connatix.com www.bleepingcomputer.com
cd.connatix.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 sync.ipredictive.com 1 redirects
1 mwzeom.zeotap.com www.bleepingcomputer.com
1 aud.pubmatic.com www.bleepingcomputer.com
1 sync.srv.stackadapt.com 1 redirects
1 match.bnmla.com 1 redirects
1 id.rlcdn.com www.bleepingcomputer.com
1 ads.yahoo.com www.bleepingcomputer.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.extend.tv 1 redirects
1 ssc-cms.33across.com a.pub.network
1 id.sharedid.org a.pub.network
1 id.crwdcntrl.net a.pub.network
1 api.rlcdn.com a.pub.network
1 fei.pro-market.net 1 redirects
1 ib.mookie1.com www.bleepingcomputer.com
1 global.ib-ibi.com 1 redirects
1 d.turn.com 1 redirects
1 stags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 jadserve.postrelease.com tagan.adlightning.com
1 vpaid.springserve.com cd.connatix.com
1 api.btloader.com freestar-io.videoplayerhub.com
1 ssc.33across.com a.pub.network
1 s.ntv.io a.pub.network
1 dggaenaawxe8z.cloudfront.net a.pub.network
1 s0.2mdn.net imasdk.googleapis.com
1 ad-delivery.net www.bleepingcomputer.com
1 vid.springserve.com cd.connatix.com
1 vid.connatix.com cd.connatix.com
1 ssl.gstatic.com accounts.google.com
1 www.google.com apis.google.com
1 btloader.com www.bleepingcomputer.com
1 freestar-io.videoplayerhub.com 1 redirects
1 www.googletagservices.com a.pub.network
1 pghub.io a.pub.network
1 www.facebook.com connect.facebook.net
1 accounts.google.com apis.google.com
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 r.skimresources.com s.skimresources.com
1 static.cloudflareinsights.com www.bleepingcomputer.com
1 s.skimresources.com www.bleepingcomputer.com
1 d.pub.network a.pub.network
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 rules.quantcount.com secure.quantserve.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 cd.connatix.com 1 redirects
1 widgets.outbrain.com www.bleepingcomputer.com
1 ad.doubleclick.net www.bleepingcomputer.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
353 158

This site contains links to these domains. Also see Links.

Domain
www.adlightning.com
Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-16 -
2022-05-15		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
analysis.fi
Amazon		 2021-01-03 -
2022-02-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-05 -
2021-12-05		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2021-03-17 -
2022-04-18		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-09 -
2022-02-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
srvsynd.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.springserve.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-27 -
2022-10-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2021-08-28 -
2021-11-26		 3 months crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
*.investingchannel.com
Go Daddy Secure Certificate Authority - G2		 2020-05-26 -
2022-06-01		 2 years crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
ib.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-14 -
2022-11-14		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
id.sharedid.org
Amazon		 2021-01-08 -
2022-02-06		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh

This page contains 45 frames:

Primary Page: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Frame ID: 43491B260F7C88C12242D97E352693D3
Requests: 182 HTTP requests in this frame

Frame: https://cds.connatix.com/p/133322/connatix.playspace.dc.js
Frame ID: BB6A17C3455D0A3BB97835549A2DDF96
Requests: 9 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.059808999670171836
Frame ID: 14C568B2ACEA5B59FB10C207278F52E4
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 4A16AA443A3BABE4DC256909FE812F83
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Frame ID: 5890754C6579AA0AB0A42E4D69FE4B87
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 062E6792873F45683DE49F3694F4F846
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 58D4649DADC107FE70D85AA87A5175E2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: AEDDACDC07C4379FE8B3DD87A7A305F8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 32ABB95677BF68913565F946DA5188B2
Requests: 15 HTTP requests in this frame

Frame: data://truncated
Frame ID: F50FD9B5C4F90B7F54D50091F7DA46DD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 6BADBDF5ADC8E87F59CC82042D3C3899
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A9F292868AE43E41D74F8EE031E91E87
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8F5B122E2F0ADFDE76979D24EAACFFE1
Requests: 24 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 29A652C21B7C95D0AB460D56BAFD98AF
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 84B2859009A4C94180FB7543E95E6DDF
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: D808F124A9C48E1DB2CEF005730D6A98
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 631BC8BF8A43971AEC0A4F68F48D2B1E
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 0D86DA3A242937BE72A6F4F065EF280C
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 207928F41ECA0F6911B188EADDA2DD20
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 42ECC5C856AFBAB4A59FD9990C48DA5B
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 9361B6D7873F2F1FA08E919178AD36FD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 98421870FA7F88A260DFE1CD321E6EB8
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7B9B82B86D78BAE0C288B5E47484743F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4E357DD6F563FFC9B95E689B7FBC0466
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 994BFE3D02C608FCA2A33144AE4C6CE9
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C3EFC6915E8ECC7AC07BC7328BAA15F3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3588EBDA76EE59EF918AD23639E03A6B
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4876CF8F8E8AA589DEBD0D4481F3F80B
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
Frame ID: BF2C8BAD13B41B4CB8817B5A503ADE5A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5531915616025366357
Frame ID: A5B8DE178E1B5BD612F08F91D7E765AE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CB441A7B0A773A4490D689CD2A310954
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7019367156123433112
Frame ID: 699BEBD7EAAD62128CD41857DA390789
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw
Frame ID: 804CBEC25C179BE2FFE963A278397134
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: CB9BC7FBAE8F2E2EF2CAD1DBEC9D9DCC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003
Frame ID: C42D1E54D26B330E64C7BFBF1DF6A8B0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F6BEB4C4B6435F236D0319166E355397
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=zPjfQq89gweOD7f9x2amXpwJ
Frame ID: 8DB407A874095C802444C517A4D014DC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: CF7065C8094F231B3E8EB652FD02A502
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6BC22CDA8ACE9071F5D0945F7D8647F2
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: ED4C32766A9C41BC26634FA1BEC378ED
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: C843BD2048D9BEB14559553B47B240E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iW9Inr9v1MBsgR5&gdpr=0&gdpr_consent=
Frame ID: EB63A4CA80ED5CE43A15A8183604402C
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Frame ID: 00BEFC7F7670BB866ECB659FF7D4E5C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:24A503229D114C95A54092D5C5EE27B1
Frame ID: B456EB06AA60C44B6C88C4C741B3587D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kBS3QpnVTE5vDFGynrH4BNiDcpE
Frame ID: 5A9F9BF6904489245D3EFDA727406743
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /(?:scriptaculous|protoaculous)(?:\.js|/)

Page Statistics

353
Requests

99 %
HTTPS

0 %
IPv6

101
Domains

158
Subdomains

114
IPs

10
Countries

2730 kB
Transfer

9244 kB
Size

143
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/133322/connatix.playspace.dc.js
Request Chain 85
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634323766474&ns_c=windows-1252&cv=3.5&c8=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware%2C%20and%20Malware%20Removal%20Help&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634323766474&ns_c=windows-1252&cv=3.5&c8=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware%2C%20and%20Malware%20Removal%20Help&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&c9=
Request Chain 92
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 197
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2JFQVNZRnc HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECxb_WoLuH70tP7J62YD0Zw&google_cver=1
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2JFQVNZRnc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T2JFQVNZRnc&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM69PaaP_6xO3zgveHLAl_M&google_cver=1
Request Chain 201
  • https://stags.bluekai.com/site/26357?id=ObEASYFw&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DObEASYFw%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=ObEASYFw&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 203
  • https://ps.eyeota.net/match?bid=i0r4o4v&uid=ObEASYFw HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=ObEASYFw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnhzdWFJMk5HMHhfQ3FsVE5uMFgzSF9qVGVVNEtkbjhJZHh1NFByb1hZem8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESEG3H_oGs4Y7_cOipWZvUywc&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7372097554783087026&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=0dea6169-cd38-4600-8192-098030217b7a&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26&_test=YWnNOAAAAlAWNwA6 HTTP 302
  • https://ps.eyeota.net/match?uid=YWnNOAAAAlAWNwA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v&&_test=YWnNOAAAAlAWNwA6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://ps.eyeota.net/match?uid=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&bid=1e2n4ou
Request Chain 205
  • https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=ObEASYFw HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=ObEASYFw
Request Chain 206
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
Request Chain 207
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=ObEASYFw HTTP 302
  • https://idsync.rlcdn.com/398696.gif?partner_uid=-4095404235742952701
Request Chain 224
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 230
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 232
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid%26user_id%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
Request Chain 233
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 237
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
Request Chain 238
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=81214b04-8c93-4f18-943a-e92aef2e03b1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
Request Chain 239
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
Request Chain 240
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDLWJFN0MwNW9BQURFbGR0Tnh6Zw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABKh07C05oAABSROjN1Yw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=255172983778019631 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABKh07C05oAABSROjN1Yw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D255172983778019631%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=255172983778019631&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABKh07C05oAABSROjN1Yw&pid=558502&do=add HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
Request Chain 241
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
Request Chain 242
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jcoWWdifEwSWzhhZ2p0NAo-ZFlOWyxcBjc1huxdS
Request Chain 243
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2312625173357055989
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
Request Chain 247
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
Request Chain 248
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c653fe07-7514-44f0-b09c-8712ec50e4ca&expires=1&user_group=5&ssp=openx&bsw_param=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
Request Chain 249
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
Request Chain 250
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFES24wN0MwNW9BQURQVmR0Tnh6Zw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABKh07C05oAABSROjN1Yw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABKh07C05oAABSROjN1Yw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABKh07C05oAABSROjN1Yw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=255172983778019631 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
Request Chain 252
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=bWCvbjg1qjN2ZKE2azW0ZGM1qDF2YftlaWM7rHR-
Request Chain 253
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8221450259768736028
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 261
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
Request Chain 263
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1632140073887346678?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z0y__eJE2oRzx9tW0NTB7Z35snzO7KknAhrgFV9TYQ--~A&dongle=0883
Request Chain 266
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1632140073887346678 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
Request Chain 267
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 268
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 271
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
Request Chain 273
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1632140073887346678?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-k7iMo2JE2oTTkpcv2dvMGdW3wyq_oyMTqY81kQsVwQ--~A&dongle=0883
Request Chain 276
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1632140073887346678 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
Request Chain 277
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 278
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMNFzk48ZWhtlfLY8-5FQG0&google_cver=1
Request Chain 280
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB&dcc=t
Request Chain 282
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YWnNPSdLuJu2qfwAnhk2VgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByUIcXimrN9DIegoG4ANrc&google_cver=1&gdpr=1
Request Chain 286
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bcaa0e28-a8de-4bfd-8db0-d1b5c111f261
Request Chain 289
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5531915616025366357
Request Chain 291
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7019367156123433112
Request Chain 292
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS2hrN0MwNW9BQUJTUk9qTjFZdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC-bE7C05oAADEldtNxzg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC-bE7C05oAADEldtNxzg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABKh07C05oAABSROjN1Yw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=255172983778019631 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw
Request Chain 293
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 294
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3628734973 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e56c97bb-27cc-40e8-a10a-5cbb9d22bad1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1e91b432-bbc1-4067-ae35-f3af13502f81-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003
Request Chain 296
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=zPjfQq89gweOD7f9x2amXpwJ
Request Chain 298
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 299
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UMxc0cNRS3yomGqD_BUCrQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 302
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0dea6169-cd38-4600-8192-098030217b7a
Request Chain 303
  • https://pixel.onaudience.com/?partner=214&mapped=50CC5CD1-C351-4B7C-A898-6A83FC1502AD HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=cdce44c28e9341da
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTBDQzVDRDEtQzM1MS00QjdDLUE4OTgtNkE4M0ZDMTUwMkFE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELyZ0c9LO2Pq2onZUvTJwKY&google_cver=1
Request Chain 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1
Request Chain 308
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6387407011618905459
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0dea6169-cd38-4600-8192-098030217b7a&gdpr=0&gdpr_consent=
Request Chain 310
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6234528353970784364&gdpr=0&gdpr_consent=
Request Chain 311
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D5wkr8RE2uW1bu3oOPVdbisDm.IpQDo-~A&gdpr=0&gdpr_consent=
Request Chain 314
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d6f3e5f9-6036-4706-abc3-15942b8a3adf&expires=1&user_group=5&ssp=pubmatic&bsw_param=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 315
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWnNOAAAAlAWNwA6&gdpr=0&gdpr_consent=
Request Chain 317
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553&gdpr=0&gdpr_consent=
Request Chain 318
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7372097554783087026&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 319
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acc23499-cfc0-468e-a972-224396f1aa23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 320
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6234528353970784364
Request Chain 323
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7372097554783087026
Request Chain 325
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABKh07C05oAABSROjN1Yw&expiration=1635533373&gdpr=1
Request Chain 328
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634410173&gdpr=1
Request Chain 331
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjcwMmFjYjkyZjljOGExY2Y5Y2M3NzE3NGI1YTI4ODAzMGUyYzI0YQ
Request Chain 333
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUSQ69HJ-U-853L&sigv=1&esig=2~8c554419ce76b1992b7fa80744177d29bacee2ca
Request Chain 334
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/x5Wi1VNtV7fCZttLCh-BLg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3858969390269344995
Request Chain 335
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWnNOAAAAlAWNwA6
Request Chain 337
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUTY5SEotVS04NTNM
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGxbtZ73zh2oGXjG1zITeRQ&google_cver=1
Request Chain 344
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iW9Inr9v1MBsgR5&gdpr=0&gdpr_consent=
Request Chain 345
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Request Chain 346
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:24A503229D114C95A54092D5C5EE27B1
Request Chain 347
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kBS3QpnVTE5vDFGynrH4BNiDcpE
Request Chain 348
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&addseg=10,33,39
Request Chain 349
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 351
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD HTTP 302
  • https://a.audrte.com/p
Request Chain 352
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a522179f-2de8-11ec-a460-1fd3399e748d&gdpr=0&gdpr_consent=

353 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/ 		575 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc3c01bc1b339113279c023d5a19c783f729a4c42fd9e415e495fff3ffc90d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/forums/t/746914/viruses-preventing-my-windows-to-update/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-type
text/html;charset=ISO-8859-1
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate, max-age=0
expires
Thu, 14 Oct 2021 18:49:25 GMT
pragma
no-cache
vary
Accept-Encoding,User-Agent
set-cookie
session_id=ea76e36f320a22b3920421a09f9007aa; path=/; domain=.bleepingcomputer.com; httponly;Secure modpids=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bleepingcomputer.com;Secure
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69eb3a214924d6f5-FRA
content-encoding
br
prettify.css
www.bleepingcomputer.com/forums/public/style_css/ 		1 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/style_css/prettify.css?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd753d445592a633d4e3b8f74fe6e4ca85ab95a1f0b2fc00f11afeaaeed8194
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_css/prettify.css?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
5467
cf-polished
origSize=2207
last-modified
Wed, 29 May 2013 16:10:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"89f-4dddda0323b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a2f8c02d6f5-FRA
cf-bgj
minify
prototype.js
www.bleepingcomputer.com/forums/public/js/3rd_party/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/3rd_party/prototype.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a0ed3ea5aebdf80781e96b0e677656f9db72ea592b679299953852fef84b02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/3rd_party/prototype.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
6152
cf-polished
origSize=180829
last-modified
Wed, 29 May 2013 16:10:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2c25d-4dddd9fb82900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a2f9c07d6f5-FRA
cf-bgj
minify
ipb.js
www.bleepingcomputer.com/forums/public/js/ 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff&load=quickpm,hovercard,sharelinks,topic,like
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d813e6becda7ebe8b6bf1a54e7b83aa2a2551dc41bf4f07877834984a293958e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/ipb.js?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff&load=quickpm,hovercard,sharelinks,topic,like
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4724
cf-polished
origSize=128896
last-modified
Sun, 15 Nov 2020 20:33:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1f780-5b42b2d2db890-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a2f9c0ad6f5-FRA
cf-bgj
minify
scriptaculous-cache.js
www.bleepingcomputer.com/forums/public/js/3rd_party/scriptaculous/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/3rd_party/scriptaculous/scriptaculous-cache.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a10fb2699752353ba3f55bdb022589d690843ebbbf9f3b80789f2a57010475e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/3rd_party/scriptaculous/scriptaculous-cache.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4724
cf-polished
origSize=79650
last-modified
Mon, 16 Nov 2020 16:14:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"13722-5b43baa8f0d38-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a2f9c0dd6f5-FRA
cf-bgj
minify
ipb.lang.js
www.bleepingcomputer.com/forums/cache/lang_cache/1/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/cache/lang_cache/1/ipb.lang.js?nck=4b93cd7f1f76df9c2c1783aae5cc39b1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebbdc09f56e8b9cba9117f0d84b4903fdc89508496a9b5d5b8d6bf59ff13ebbf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/cache/lang_cache/1/ipb.lang.js?nck=4b93cd7f1f76df9c2c1783aae5cc39b1
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4724
cf-polished
origSize=30126
last-modified
Sun, 15 Nov 2020 20:48:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"75ae-5b42b61fceb0a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a2f9c0fd6f5-FRA
cf-bgj
minify
qc-consent.js
www.bleepstatic.com/js/qc-consent/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d4e8c1043164607dcdeb358e2a08c9565fe286ceeeabea79e67f8c680187e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4008
cf-polished
origSize=3904
last-modified
Mon, 05 Oct 2020 20:38:13 GMT
server
cloudflare
etag
W/"2345400546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJ6coNoLhPLs4Zu24%2BUiUw8Lu6eHf8%2F6Mq1N3hFO8fFd%2BABuQ5JWdkwbDKx0ypKYNpsWl2R52KMkTPN3GAPOTlnn9%2Bd3w1glvRJ6YwshGJTcBR9KpApsiVHD896DmMjSC6PtOus%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Fri, 28 May 2021 05:37:52 GMT
cache-control
max-age=3024000
cf-ray
69eb3a302a7b277c-PRG
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d0f4f9d060bc75bf02c5beee9c65df4c299614a831a698c3ea600c7171559747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38455
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 18:19:31 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Oct 2021 18:49:25 GMT
twitter.png
www.bleepingcomputer.com/forums/public/style_images/master/loginmethods/ 		575 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/loginmethods/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe9d30276e3d66a71219ad2b0ed5a9663020a5c534557dd0f5c8ba71da4ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/loginmethods/twitter.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10411
cf-polished
status=not_needed
content-length
575
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"23f-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:54 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a303cdcd6f5-FRA
cf-bgj
imgq:100,h2pri
forum-logo.png
www.bleepstatic.com/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/logo/forum-logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e5a1148e6ba00dec0218671857bc04820e1a4628a6de00a659ece715a6ed2f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
693038
cf-polished
origFmt=png, origSize=9361
content-disposition
inline; filename="forum-logo.webp"
content-length
4656
last-modified
Fri, 26 Nov 2010 18:53:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMtpXU4%2FUvX8%2FMEg5HzPycpjaxmfoLtqGy2zYkhWJHYe7ZmdQfwxXHR7X2OKZjcJCDzzAMlzTuy16jRtvNTPI91LPWMaNAiB3uFLgVUdF2UD6qiJDVkPmqMutGHJTRa5GKqoLk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 06 Nov 2021 18:18:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69eb3a304ab0277c-PRG
cf-bgj
imgq:85,h2pri
useropts_arrow.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		81 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/useropts_arrow.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7451690fed2a104bf6ff86e5ab0b3a7d8393d26a859a4bad6ba81b1d7aa339d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/useropts_arrow.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10410
cf-polished
origSize=129, status=vary_header_present
content-length
81
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"81-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304cded6f5-FRA
cf-bgj
imgq:100,h2pri
default_large.png
www.bleepingcomputer.com/forums/public/style_images/master/profile/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/profile/default_large.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7ad438c88cd0653af6066d4c148e00824961112a865f9611e258b9f3cc0981
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/profile/default_large.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10563
cf-polished
origSize=2589, status=vary_header_present
content-length
2456
last-modified
Wed, 09 Mar 2011 20:59:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"a1d-49e13027a9d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:53:22 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304ce0d6f5-FRA
cf-bgj
imgq:100,h2pri
lock.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		729 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/lock.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28119ca11bc23f972f8e463761547044174823430b09a0f1fbfed91acbeb35d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/lock.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
397281
cf-polished
status=not_needed
content-length
729
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"2d9-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Wed, 10 Nov 2021 04:28:04 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304ce1d6f5-FRA
cf-bgj
imgq:85,h2pri
icon_share.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		188 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/icon_share.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1832b7da0292ab076dfe046f8b1c2d5fcfd1bfb5628b7e21a3754a20308aa57
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/icon_share.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10410
cf-polished
origSize=1201, status=vary_header_present
content-length
188
last-modified
Fri, 12 Oct 2012 09:31:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"4b1-4cbd95ac45280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304ce4d6f5-FRA
cf-bgj
imgq:100,h2pri
ips.quickpm.js
www.bleepingcomputer.com/forums/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/ips.quickpm.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff&load=quickpm,hovercard,sharelinks,topic,like
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34544ddb27241b3eccb8e06d7447230005e8718b463a30d9dd83d1e8bada1a1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/ips.quickpm.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4723
cf-polished
origSize=7306
last-modified
Wed, 29 May 2013 16:10:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1c8a-4dddda0323b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a300c9bd6f5-FRA
cf-bgj
minify
ips.hovercard.js
www.bleepingcomputer.com/forums/public/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/ips.hovercard.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff&load=quickpm,hovercard,sharelinks,topic,like
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3b8f6c06d2d74cc294ee6439e67b08890587be0081249a158469ace2eaeaaf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/ips.hovercard.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4723
cf-polished
origSize=12576
last-modified
Wed, 29 May 2013 16:10:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3120-4dddda0323b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a300c9ed6f5-FRA
cf-bgj
minify
ips.sharelinks.js
www.bleepingcomputer.com/forums/public/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/ips.sharelinks.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff&load=quickpm,hovercard,sharelinks,topic,like
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1e90548e911e24dedcb2ca0ffee6847a49a8648e9c615bcd0582bb7c7993fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/ips.sharelinks.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4723
cf-polished
origSize=5869
last-modified
Wed, 29 May 2013 16:10:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"16ed-4dddd9fb82900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a300ca1d6f5-FRA
cf-bgj
minify
ips.topic.js
www.bleepingcomputer.com/forums/public/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/ips.topic.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff&load=quickpm,hovercard,sharelinks,topic,like
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51f645170637f10f3eba218020318af3fff3ad8e7087db87ef607896f19a940
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/ips.topic.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4723
cf-polished
origSize=45653
last-modified
Tue, 29 Dec 2015 18:39:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"b255-5280dbeb879c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a300ca3d6f5-FRA
cf-bgj
minify
ips.like.js
www.bleepingcomputer.com/forums/public/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/ips.like.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/public/js/ipb.js?ipbv=18e5d60f30c17fd4f0e4e13ab81cc8ff&load=quickpm,hovercard,sharelinks,topic,like
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf50c94253085740a5cce42e9c14f7b897cfc384303b38a5d9d7a0ab8ea5160f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/ips.like.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4723
cf-polished
origSize=6287
last-modified
Wed, 29 May 2013 16:10:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"188f-4dddd9fb82900-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a300ca6d6f5-FRA
cf-bgj
minify
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d980e19674df7b00e34973a7b32244e7614164da2dc77ef9950734efbcb325df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=NoVyGA==, md5=z+b4C1PfMJVn5dBno+52QQ==
date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdt9oOVEhWY3y32t_oEu2FbPsNpmkVz7qx50Vlk62y1LPA_Z3OzeI7H_2JI7Ii5eX_oIyb9bgd6g6pGVdI9DkN643pWZ9w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 07 Oct 2021 17:53:20 GMT
server
cloudflare
etag
W/"cfe6f80b53df309567e5d067a3ee7641"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQkOZkfk2tU8MCxnfaHcsDEecc6861p6nSLnMdbuMu324S2vTzj1wQlhoEyTQwv3cdfJdOvEZYRbWiKMXun%2FcKIBp4JRXE9fA6retU%2Bxvalqu0nubCGkIrvmm6%2BchLA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1633629200448055
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
113776
cf-ray
69eb3a308dc72774-PRG
expires
Fri, 15 Oct 2021 05:27:56 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-5.ams50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:29:23 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 15:59:53 GMT
server
nginx/1.18.0
age
1202
etag
W/"6169a579-10af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
qNGnP6wrMUzZ4ijqTTnPJ4S7jj0j7MrY1uIqqaV2elMSLYGaGZqn_w==
via
1.1 24562ce7bb1d06e6505e84aac2d66ac7.cloudfront.net (CloudFront)
expires
Fri, 15 Oct 2021 19:29:23 GMT
fi_client.js
ecdn.firstimpression.io/ 		344 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-54.fra2.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
cfd9e05ccae63e480530aecea92a49a8d12411dd497a7a4bd609c908248753e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:24:08 GMT
content-encoding
br
age
1517
x-powered-by
PHP/7.3.23
x-cache
Hit from cloudfront
x-xss-protection
0
access-control-allow-origin
*
last-modified
Fri, 15 Oct 2021 18:24:08 UTC
server
nginx/1.18.0
etag
W/"91c3fad8083b0955aad9c8bec9d50738"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
jsjATRl0QMLWguXp1BoZyQaNMpskYc6sRpk2NDcwYokIb5BcvHgv7w==
expires
Fri, 15 Oct 2021 19:24:08 GMT
ipb_print.css
www.bleepingcomputer.com/forums/public/style_css/css_7/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/style_css/css_7/ipb_print.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd8236978dd3f165bc49566f78c460e3937e552df38787439c1ef2797c4c709
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_css/css_7/ipb_print.css
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
br
cf-cache-status
HIT
age
4722
cf-polished
origSize=3158
last-modified
Mon, 16 Nov 2020 21:40:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"c56-5b4403b241acc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a304ce6d6f5-FRA
cf-bgj
minify
user_navigation.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		189 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/user_navigation.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6274abac1820c8bd99f826cf35a60aeaa56b962500486acc5665f98005031e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/user_navigation.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10412
cf-polished
origSize=282, status=vary_header_present
content-length
189
last-modified
Tue, 01 Mar 2011 13:54:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11a-49d6c2153a000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:53 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304ce9d6f5-FRA
cf-bgj
imgq:100,h2pri
advanced_search.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		261 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/advanced_search.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14dcce7abfc690cecd57a737a8af6fd712c2b7fec668b772d9f014f6ded77ef8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/advanced_search.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10411
cf-polished
origSize=293, status=vary_header_present
content-length
261
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"125-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:54 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304cecd6f5-FRA
cf-bgj
imgq:100,h2pri
search_icon.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		202 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/search_icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f20d95dad9ea1473e4f877b5f7a7d8bcd589f1f989b8875ffddd83ae716a21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/search_icon.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10411
cf-polished
origSize=223, status=vary_header_present
content-length
202
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"df-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:54 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304ceed6f5-FRA
cf-bgj
imgq:100,h2pri
icon_quicknav.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		489 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/icon_quicknav.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1731db9016f326daff11d0045c86fd068ec9e72cc4c6ec56a7c856a3a3d28c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/icon_quicknav.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
1961174
cf-polished
status=not_needed
content-length
489
last-modified
Fri, 01 Jul 2011 10:17:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1e9-4a6ff53f0bd80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sat, 23 Oct 2021 02:03:11 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a304cf0d6f5-FRA
cf-bgj
imgq:85,h2pri
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
148
date
Fri, 15 Oct 2021 18:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 15 Oct 2021 20:46:57 GMT
choice.js
quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/choice.js
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-35.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5ad4fb0d40625889969083053d32ab1191e66c11bb4aebfde2643954c0f5673

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 15 Oct 2021 18:48:57 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 21:51:23 GMT
server
AmazonS3
age
29
etag
W/"2a272bfedaf02360b78846550b427698"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
sh75eC4C-JJ4r2Jb2X0fx5xsKWDlKbwzAHnt2huORnSuDgOH79YIiw==
topic_button_closed.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		168 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/topic_button_closed.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e58ef84b3994aa5d6238df46b20e480c270cdd6094a41166583f7491665152a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/topic_button_closed.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
2205732
cf-polished
origSize=251, status=vary_header_present
content-length
168
last-modified
Wed, 20 Apr 2011 17:38:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"fb-4a15d163d7700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Wed, 20 Oct 2021 06:07:13 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a308d57d6f5-FRA
cf-bgj
imgq:100,h2pri
maintitle.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		192 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/maintitle.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a2c5bd701224851deca6029998517a35d091922217a90241fd0c7f244e8f11
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/maintitle.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
10412
cf-polished
origSize=295, status=vary_header_present
content-length
192
last-modified
Tue, 01 Mar 2011 13:54:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"127-49d6c2153a000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:53 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a308d59d6f5-FRA
cf-bgj
imgq:100,h2pri
favicon.ico
ad.doubleclick.net/ 		1 KB
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 08:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 08:47:55 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
last-modified
Thu, 24 Jun 2021 14:35:21 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 14 Nov 2021 18:49:26 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1460699939&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F&ul=en-us&de=windows-1252&dt=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware%2C%20and%20Malware%20Removal%20Help&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1152072161&gjid=1700952301&cid=735264623.1634323766&tid=UA-91740-1&_gid=1832010490.1634323766&_r=1&gtm=2ouad0&z=1179691766
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
post_top.png
www.bleepstatic.com/skin_images/bc/ 		226 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/skin_images/bc/post_top.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc6361ebe5a559578c83bf197d5407b7f6bf44f74d35c4ee8eb22c810fb34a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
693038
cf-polished
origFmt=png, origSize=3076
content-disposition
inline; filename="post_top.webp"
content-length
226
last-modified
Wed, 09 Jun 2010 03:08:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS8OVuZD4GnM1ySxUPe40cZOmjmEm9j73jwZm6VaAjqwKOUXY7GWrJwlFs00ij7io6U%2F4N729BFu%2BgUWEqFp1QUBIE9S%2B1SizDvKarJQLTyt2mNRNhGsPnGAMWFgt1eNdjM6jig%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 06 Nov 2021 18:18:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69eb3a30fbcc277c-PRG
cf-bgj
imgq:85,h2pri
bot.jpg
www.bleepstatic.com/images/site/forum/bots/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/forum/bots/bot.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e2dfceaeeb7e8b933fa7fe96048fac66ad3fab6ab270b8e4a28ce02c1b73ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2244927
cf-polished
qual=85, origFmt=jpeg, origSize=1566
content-disposition
inline; filename="bot.webp"
content-length
934
last-modified
Tue, 20 Oct 2009 04:08:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fy%2B2EFDHgBQnYZkdyt94aop4IX5n57Fp4C%2F8ger8NF7zbul5r9%2FSsuqQ8pmZ5CnJKfxhhKyog%2BnnFjrLCfLarLNGzH62%2BfVw33r%2BmYdLL1UwCQH0u7dQq%2BjYp9k7dQsObgfxvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 19 Oct 2021 19:13:58 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69eb3a30fbcd277c-PRG
cf-bgj
imgq:85,h2pri
photo-thumb-1076702.png
www.bleepingcomputer.com/forums/uploads/profile/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/uploads/profile/photo-thumb-1076702.png?_r=1576591182
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856cb85b5b9a4038217184e24e1df16cd3058223faac06bacaf2132ba0e4c3e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/uploads/profile/photo-thumb-1076702.png?_r=1576591182
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
383439
cf-polished
origSize=7823, status=vary_header_present
content-length
6402
last-modified
Tue, 17 Dec 2019 13:59:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1e8f-599e6bd66c58b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Wed, 10 Nov 2021 08:18:46 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a30edced6f5-FRA
cf-bgj
imgq:85,h2pri
icon_hello.gif
www.bleepingcomputer.com/forums/public/style_emoticons/default/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_emoticons/default/icon_hello.gif
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fe86988b9b7b71ce61ee5e5f1183dd4c92698aa33e0bc3645e3beeb8baae19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_emoticons/default/icon_hello.gif
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
cf-cache-status
HIT
age
1860217
cf-polished
status=not_needed
content-length
2504
last-modified
Sun, 09 Oct 2005 23:10:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"9c8-402ba621bbc00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/gif
expires
Sun, 24 Oct 2021 06:05:48 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a30edd1d6f5-FRA
cf-bgj
imgq:85,h2pri
connatix.playspace.dc.js
cds.connatix.com/p/133322/ Frame BB6A
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/133322/connatix.playspace.dc.js
1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133322/connatix.playspace.dc.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce2212c80c7623521d5a1284e09103549406bf22f69244ac95e88ae4d94e23dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
last-modified
Fri, 15 Oct 2021 14:37:49 GMT
age
14901
etag
"d01fe47952de16ee1db01d9b60f94295"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
240686

Redirect headers

location
https://cds.connatix.com/p/133322/connatix.playspace.dc.js
date
Fri, 15 Oct 2021 18:49:26 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:25 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 22 Oct 2021 18:49:25 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/23/ 		266 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/sktb670LZWvFX/www.bleepingcomputer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-35.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:48:49 GMT
content-encoding
br
age
95
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:37 GMT
server
AmazonS3
etag
W/"1d55b13d85c9837da884d1e8594cc025"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
zHcJqihkTc8jOEkLJ1qIRprtOqzQgfh-5D1rdymAYthsqe_tiCdOQQ==
spc_fi.php
cdn.firstimpression.io/delivery/ 		26 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F&charset=windows-1252&ch=18&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=76532096
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
nginx/1.18.0 / PHP/7.3.23
Resource Hash
835c0613d38e3fc3066140cd27e8a7960313c2fbdeeb467b416dc3923d642cc3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/7.3.23
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.bleepingcomputer.com
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/json; charset=windows-1252
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
S3v3Eqbywj5YHusbLEqYYy5_zaz5SY8SGE1SKlZcaIMP1qAYWGXupw==
expires
0
rules-p-sktb670LZWvFX.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-sktb670LZWvFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-100.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:43:11 GMT
via
1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
server
AmazonS3
age
375
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
AMS50-C1
content-length
2
x-amz-cf-id
zCmovJOWm2J3wCNq33O-xj7BDaT0JykfkreX2mPcD-J6Wctk47KXrA==
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		154 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-35.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a9ba440b1a31f42f3c02ae16ee76868c9fe0f88b8a9ef5ce06158a6ef75a90c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 03:00:32 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
56935
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 15 Oct 2021 03:00:27 GMT
server
AmazonS3
etag
W/"226c6fa477c02a953ed7f566bbade6c3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 b911c551065b8f78ad33b4c4564141bf.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
bR9bO4CR_bhhtzvFynwIQZzCJbAanAEV9FowOjf_xUUgTHnPDmVGDw==
icon_warning.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		268 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/icon_warning.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5028e223096a25034d4d95863f89374a4b205e86354c5e4461e00272e7fab4d9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/icon_warning.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10128
cf-polished
origSize=408, status=vary_header_present
content-length
268
last-modified
Wed, 20 Apr 2011 21:00:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"198-4a15fea6fc080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 16:00:38 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a31aeb7d6f5-FRA
cf-bgj
imgq:100,h2pri
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-110.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1e914a6a6a8f360219210defa3756637af709343c914a6e23a17dae689efc9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 03:00:35 GMT
content-encoding
gzip
age
56932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 06 Oct 2021 19:52:29 GMT
server
AmazonS3
etag
W/"048c83568a6f8d9629cd39c369e60289"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
Y8hCsDGcKyNVluGI279YvvSTwjJ9k4ZG
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
content-type
application/json
x-amz-cf-id
GkoROKXbKdxWxaRAFLjDkFPT4IywOvetKObQe_A_OLJcq5rqD9EryQ==
connatix.playspace.css
cds.connatix.com/p/133322/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133322/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5268ac15e7bd3c204ac9475d6a17721a3e3a63b024f1a4fa163efaaa993b7453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
last-modified
Fri, 15 Oct 2021 14:37:49 GMT
age
14901
etag
"3d2d8f43a7d12106855b4531546d8678"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13314
init
d.pub.network/v2/ 		62 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=535&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c2be9f32f9e9d9bd26c938037ee11d5f10c4aa8cb973f70b2ec0ce00bcf3adc6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		290 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-35.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 03:00:36 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
56931
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 15 Oct 2021 03:00:33 GMT
server
AmazonS3
etag
W/"245785af8ba94b258aadfcb233c26a42"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 b911c551065b8f78ad33b4c4564141bf.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
ycir6Nebuj6-EewhtNWffQjSfLnxEM0H8y3b4cOQzvKtoHlNOOV-RQ==
smile.png
www.bleepingcomputer.com/forums/public/style_emoticons/default/ 		1014 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_emoticons/default/smile.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f39834f6bd6f36f1a3c67dfd46bc4703cc68d8b51ed762d59adba905c8ad68c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_emoticons/default/smile.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
2276574
cf-polished
origSize=1042, status=vary_header_present
content-length
1014
last-modified
Wed, 18 May 2011 11:51:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"412-4a38b840bf380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Tue, 19 Oct 2021 10:26:32 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a328fd5d6f5-FRA
cf-bgj
imgq:100,h2pri
twitter.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		575 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe9d30276e3d66a71219ad2b0ed5a9663020a5c534557dd0f5c8ba71da4ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/twitter.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
2240207
cf-polished
status=not_needed
content-length
575
last-modified
Fri, 30 Apr 2010 22:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"23f-4857b96a96c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Tue, 19 Oct 2021 20:32:39 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329febd6f5-FRA
cf-bgj
imgq:100,h2pri
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nnxEDuOXGKq0yxXWOCk7Qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"c34d224d0ee061f3752d1f91e397a052"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-nnxEDuOXGKq0yxXWOCk7Qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Fri, 15 Oct 2021 18:49:26 GMT
digg.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		357 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/digg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33585b10bb5487bd6c92f53018de62cb147ab48b829334b7f97437015aae557
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/digg.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
2117354
cf-polished
origSize=431, status=vary_header_present
content-length
357
last-modified
Fri, 30 Apr 2010 22:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1af-4857b96a96c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Thu, 21 Oct 2021 06:40:12 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329fedd6f5-FRA
cf-bgj
imgq:85,h2pri
delicious.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		305 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/delicious.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9f912b0e7a50c12745f52ec2848dce5b779369999c6d35e6c297c713ce53d3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/delicious.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10411
cf-polished
origSize=308, status=vary_header_present
content-length
305
last-modified
Fri, 30 Apr 2010 22:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"134-4857b96a96c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329ff0d6f5-FRA
cf-bgj
imgq:100,h2pri
reddit.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		611 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/reddit.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9019adc6ec44d2cd4f38c97b8319b0ae8da8f03b3bd646d4f86707f23f8935a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/reddit.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10411
cf-polished
origSize=614, status=vary_header_present
content-length
611
last-modified
Fri, 30 Apr 2010 22:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"266-4857b96a96c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329ff1d6f5-FRA
cf-bgj
imgq:100,h2pri
stumble.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		458 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/stumble.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2a136c594c939d55752e9abb70e6cc550b10bc3bc350c0d46d23d5947c20d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/stumble.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
2529076
cf-polished
origSize=519, status=vary_header_present
content-length
458
last-modified
Fri, 30 Apr 2010 22:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"207-4857b96a96c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sat, 16 Oct 2021 12:18:10 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329ff3d6f5-FRA
cf-bgj
imgq:100,h2pri
email.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		481 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/email.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453d30f69cc2a6f3013254a0faed039d49cf9c5b004d5482fb5365e99702c149
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/email.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10411
cf-polished
origSize=530, status=vary_header_present
content-length
481
last-modified
Thu, 04 Feb 2010 11:47:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"212-47ec4e74b3c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329ff6d6f5-FRA
cf-bgj
imgq:100,h2pri
print.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		268 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/print.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aeb9f7542993c71c548ac254766824ef86c68f0d6fa13f293bd016b9cfc9dc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/print.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10411
cf-polished
origSize=409, status=vary_header_present
content-length
268
last-modified
Fri, 30 Apr 2010 22:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"199-4857b96a96c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329ff7d6f5-FRA
cf-bgj
imgq:100,h2pri
download.png
www.bleepingcomputer.com/forums/public/style_extra/sharelinks/ 		646 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_extra/sharelinks/download.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
386f87a6e6fcb89c6b046f988d18def949d1cc1f6a9fa4177858aa11da7a5bda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_extra/sharelinks/download.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10411
cf-polished
status=not_needed
content-length
646
last-modified
Fri, 12 Feb 2010 14:33:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"286-47f6828485d00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329ff8d6f5-FRA
cf-bgj
imgq:100,h2pri
prettify.js
www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/prettify.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b937537ed7f13e70dc6a69b6e9b308237cd369e11fa2a2b97a24d97d8487673e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/3rd_party/prettify/prettify.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4724
cf-polished
origSize=14551
last-modified
Wed, 29 May 2013 16:10:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"38d7-4dddda0323b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a329ffad6f5-FRA
cf-bgj
minify
lang-sql.js
www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/3rd_party/prettify/lang-sql.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770cb6f8747e90dad261e049dfa5cf42e622dac61bcbc86ecb0a8c134228eb91
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/3rd_party/prettify/lang-sql.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
cf-cache-status
HIT
age
5505
cf-polished
origSize=1802
last-modified
Wed, 29 May 2013 16:10:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"70a-4dddda0323b00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a329ffbd6f5-FRA
cf-bgj
minify
top.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		145 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/top.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db311c11353d5628e6e28d260bca9b8935b23440964d7c6bc4914edcda08472a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/top.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10411
cf-polished
origSize=207, status=vary_header_present
content-length
145
last-modified
Thu, 09 Jun 2011 17:25:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"cf-4a54abe32b600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329fffd6f5-FRA
cf-bgj
imgq:100,h2pri
feed.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		680 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/feed.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9320021507b35e189d2190eea673cbc21f7d368f6ecbfb5dc89d773a28cd015d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/feed.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10411
cf-polished
status=not_needed
content-length
680
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"2a8-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 14 Nov 2021 15:55:55 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a329800d6f5-FRA
cf-bgj
imgq:100,h2pri
lightbox.js
www.bleepingcomputer.com/forums/public/js/3rd_party/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/forums/public/js/3rd_party/lightbox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9faebe5bdb9528f36d1ec5713865681bf10c7c0d1fa1b8224fc57982f45ed788
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/js/3rd_party/lightbox.js
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
cf-cache-status
HIT
age
4723
cf-polished
origSize=10227
last-modified
Sun, 15 Nov 2020 22:30:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"27f3-5b42ccd71fd03-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=18000
content-security-policy
upgrade-insecure-requests;
cf-ray
69eb3a329ffcd6f5-FRA
cf-bgj
minify
3687X620620.skimlinks.js
s.skimresources.com/js/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/3687X620620.skimlinks.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f19e06c2db26fc72935e540fc02c48f134dbd95204fab03e8851d39d9563fd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 09:41:15 GMT
server
AmazonS3
x-amz-request-id
VP9S1NSHBGVWZSH8
etag
"50ea198f0702f1a2abd7af0b9fbac812"
x-hw
1634323766.cds125.fr8.hn,1634323766.cds284.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
15457
x-amz-id-2
+QF29TtFp06xIc8vD5/+eLBb9qA/FcJ2AkoFUYZNfNxlG+fD4RJR43kELK4i+y/+EkTMiqD5gBs=
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
69eb3a32df8c4113-PRG
story
capi.connatix.com/core/ Frame BB6A 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.108.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-108-37.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0fc02b61c99a7b73c0d4ed37857e97758a986493f0dfa316cda48b0da3b37719

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 18:49:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/23/ 		469 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.bleepingcomputer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-35.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:50:28 GMT
content-encoding
gzip
age
93538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:43 GMT
server
AmazonS3
etag
W/"b999c652510fc4edd897a1d667aaee33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 edd6d90087c4f2b49e182778a2273adc.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
2kuLH6Zihj3OOTmEF1o0KMxgbGHUmvwuQ7SCavbjWfht62CYkXoUOw==
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
55aff126b4d328eedb9509855a55db2cd98a08e669f96a054269e9a3ce78a972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ncSdtgoi1k/PsQ1lt2whVw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
g136yhTRTstaZAw/d0oBNcPa70Tzc5enR0R6qenZ7mk298HPES9JxOvH4HWPBj3rcv4JdaiMDTrnG5tBAGYOJg==
x-fb-trip-id
2050670934
x-fb-content-md5
8be3dc8b85a14ae9c3528a195b9b70ac
x-frame-options
DENY
date
Fri, 15 Oct 2021 18:49:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1896b5ea71d899c5f3a8f9152fbd6734"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Oct 2021 18:59:21 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51514
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 12 Oct 2022 22:36:42 GMT
/
r.skimresources.com/api/ 		194 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/3687X620620.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
fb398334376738dbe8cbc633ec25c5142e003b5ef0a833061cb224a57b51bef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame 14C5 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.059808999670171836
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=6.471665509361341
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=6.471665509361341
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
all.js
connect.facebook.net/en_US/ 		270 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=447aba5ad4a2f1a440a02a0de0585d69
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
7eb234b62d1dc22983066e67de4817b472d34236cf2be90e5218ab1b21386f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7gPjArafNZacF8F2gNqm4g==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77670
x-fb-rlafr
0
x-fb-debug
YwMlv54c0bZoiTlLn90y6kOIG5wXG8Dys++lKY7E9I2rPApj7Mu+53p3eU1f+3VPm6RIB+rEsOwI71/lPiZcaw==
x-fb-content-md5
8a8da54272d74c2fa3f9d309faaa6eb4
x-frame-options
DENY
date
Fri, 15 Oct 2021 18:49:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fe552bbe351d45267f7b6c338340bbe1"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 15 Oct 2022 18:17:42 GMT
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22sktb670LZWvFX%22%2C%22domain%22%3A%22www.bleepingcomputer.com%22%2C%22publisher%22%3A%22BleepingComputer%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22QejiQDikjMDrMVyfjnFdmQ%22%2C%22clientTimestamp%22%3A1634323766300%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-u5f7evuch6rvt3eeyhr0%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-37.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:28:40 GMT
via
1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
age
53283
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
vary
Origin
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
5yl5CEN2nxNiCYeRIgfhBPi-JVCzwvtYA7IqV2C7hh-Z51LzR07DnA==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-23.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 02:24:08 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
59155
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3c01812e357a7900959ea67a1c5782ad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
Lgd-s01MMJpH7_RErZLNtFd7h-2KPQyzpFBpzcVn2qTZ236s9JdJYA==
pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
a.pub.network/core/pubfig/ 		323 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6823220a681a001c7e9e7a2ef4899c21f873d3dde28baf4a43d1d7793307253e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=WO+JRA==, md5=IIPauR1aHeFI5voHFUUCPg==
date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsN96bUvxJQhelzGIECqPVThl11qlbL1c5iV_hm4sc_ZbtGHwYGaD3sTqiHFYjSy3ZbmU_HBYa6P0H02ItmQN8u-KV3Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-ray
69eb3a33ab2d2774-PRG
last-modified
Tue, 05 Oct 2021 23:52:56 GMT
server
cloudflare
etag
W/"2083dab91d5a1de148e6fa071545023e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtOzsBVmap6eszvCJPkREaBDD0jUVO8GIXOzzKB%2BTwr1tIX9Yqo7N8LIGbhhVwMnOQCkgG7VTuV7adjV3P3zbQSnxm1UcvwA9fwTR1nwiwjOKlglTVT76aCBgLaDeIs%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1633477976034695
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
331156
content-type
application/javascript
expires
Fri, 15 Oct 2021 06:23:30 GMT
bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57292d9d8c895f526c9f7cdae30de7ee3bad46137b432711a1c1fb19a3061cab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1386626
cf-polished
origFmt=png, origSize=15281
content-disposition
inline; filename="bleeping-computerlogo-lg.webp"
content-length
6986
last-modified
Wed, 07 Jan 2015 22:52:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8TBr1a0yGzh1BtHOvt%2FNpz0YJB5ifBcXMANMLrEmk4OM8e%2FEEimUEMxn3ELOh6JZbkY1LTQIRJPly8vT%2F1LGSTAkEtS1Nc72OophfcXs%2FKKNly456lsVDEMfJUoTljWLzH0%2BNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 29 Oct 2021 17:39:00 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
69eb3a33f8e3277c-PRG
cf-bgj
imgq:85,h2pri
snapback.png
www.bleepingcomputer.com/forums/public/style_images/master/ 		221 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/snapback.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e91fde7db8e3812710dc53a9112678498279bbe017ae00b73f057e73e90189c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/snapback.png
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
2468441
cf-polished
origSize=320, status=vary_header_present
content-length
221
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"140-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Sun, 17 Oct 2021 05:08:45 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a3409f0d6f5-FRA
cf-bgj
imgq:100,h2pri
loading.gif
www.bleepingcomputer.com/forums/public/style_images/master/lightbox/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/lightbox/loading.gif
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61da0a4638505960ec52709b7df80d92683c56e13042079daf5f082fc9548d5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/lightbox/loading.gif
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10491
cf-polished
origSize=2767, status=vary_header_present
content-length
1588
last-modified
Thu, 18 Dec 2008 14:27:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"acf-45e52fc88de00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/gif
expires
Sun, 14 Nov 2021 15:54:35 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a3409f3d6f5-FRA
cf-bgj
imgq:100,h2pri
closelabel.gif
www.bleepingcomputer.com/forums/public/style_images/master/lightbox/ 		471 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepingcomputer.com/forums/public/style_images/master/lightbox/closelabel.gif
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e89beb7d66ef7d5e58dfcefd22a51e1a8ae452a49bc20d020418cf2b6c666d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:path
/forums/public/style_images/master/lightbox/closelabel.gif
pragma
no-cache
cookie
session_id=ea76e36f320a22b3920421a09f9007aa; _ga=GA1.2.735264623.1634323766; _gid=GA1.2.1832010490.1634323766; _gat_gtag_UA_91740_1=1; fsbotchecked=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.bleepingcomputer.com
referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
age
10491
cf-polished
origSize=483, status=vary_header_present
content-length
471
last-modified
Mon, 03 May 2010 23:34:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1e3-485b90722ae80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/gif
expires
Sun, 14 Nov 2021 15:54:35 GMT
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
cf-ray
69eb3a3409f4d6f5-FRA
cf-bgj
imgq:100,h2pri
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 22:10:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33901
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Wed, 12 Oct 2022 22:10:16 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 4A16 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
/
Resource Hash
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=HRVv_tWEA_79Heu49tbDW_dUUnn1MWblJfrFUbtd6pExm2BB6f7XlclW6XzsEQLpCCmOC5wsSRfWrS-0naVSasXFZNQm2Pe3rjTG1c4mBr88f7y1a6IyP9_JpQXSOWQVAUBwyIxhTP_ZLZO2BT0VH0SG3Y6KEn7ZB1j3JjNW1Ss
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
1585
date
Fri, 15 Oct 2021 18:49:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
page
t.skimresources.com/api/v2/ 		22 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/3687X620620.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/ 		22 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/3687X620620.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634323766474&ns_c=windows-1252&cv=3.5&c8=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634323766474&ns_c=windows-1252&cv=3.5&c8=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634323766474&ns_c=windows-1252&cv=3.5&c8=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware%2C%20and%20Malware%20Removal%20Help&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-23.ams50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 3c01812e357a7900959ea67a1c5782ad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
puk-RKHtH74B7jG8qrhyEjc--uQQAzc4rAwRKC3hQzXedTWYAsOOkw==

Redirect headers

date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 3c01812e357a7900959ea67a1c5782ad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1634323766474&ns_c=windows-1252&cv=3.5&c8=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware%2C%20and%20Malware%20Removal%20Help&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&c9=
content-length
383
x-amz-cf-id
Fo7LgKDe7NyYptGUK4iWP6OlbZLBZlH6c0-4cemdTLTaSfldiL_UhQ==
api
ls.skimresources.com/ 		2 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/3687X620620.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.8 aiohttp/3.6.3
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
2
api
ls.skimresources.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Protocol
H2
Server
34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-credentials
true
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
date
Fri, 15 Oct 2021 18:49:26 GMT
server
Python/3.8 aiohttp/3.6.3
via
1.1 google
alt-svc
clear
postmessageRelay
accounts.google.com/o/oauth2/ Frame 5890 		566 B
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.77 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f13.1e100.net
Software
ESF /
Resource Hash
051687d20eaf4e52aaf60c40ba5e50ea84f55640c5144b800a0ed7fa6e751bd3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pwH/TtAvUhn1nidbhA4z5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=HRVv_tWEA_79Heu49tbDW_dUUnn1MWblJfrFUbtd6pExm2BB6f7XlclW6XzsEQLpCCmOC5wsSRfWrS-0naVSasXFZNQm2Pe3rjTG1c4mBr88f7y1a6IyP9_JpQXSOWQVAUBwyIxhTP_ZLZO2BT0VH0SG3Y6KEn7ZB1j3JjNW1Ss
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 15 Oct 2021 18:49:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-pwH/TtAvUhn1nidbhA4z5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=942111685863795&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=447aba5ad4a2f1a440a02a0de0585d69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.facebook.com *.fbsbx.com data:;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
UqGodCAkpvi0Ztf04T0+BUMaE9XAd7pRXCQT0qhoNYp9jAgaH2JcRGGXI2EvHRQvJZ2wtWxky3/Udsl9OJjsyQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Fri, 15 Oct 2021 18:49:26 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
pandg-sdk.js
pghub.io/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 10:07:16 GMT
content-encoding
gzip
age
31330
x-guploader-uploadid
ADPycdtdt-ZdSYiz9KIsIgjHMhUx9Gynu9G13VbGZFswtx2EomOaIoKDeeKiQXwb_yLjJcKtscGVjx3bWpBct3aiCBDuPWL9Bg
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1482
x-goog-meta-
last-modified
Wed, 07 Apr 2021 18:40:01 GMT
server
UploadServer
etag
"dd7e4933d35d1a7cb610442e9bea8b94"
vary
Accept-Encoding
x-goog-hash
crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation
1617820801121016
cache-control
public,max-age=3600
x-goog-stored-content-length
1482
accept-ranges
bytes
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d377e1cb70a7b9223fa7c9767542fab85c1ff9d1d49c731595b275db4d00dd85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1016 / 560 of 1000 / last-modified: 1634306887"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27194
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 18:49:26 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
110 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a69105c0293b4b26df6051c8c655890a6eb9ea27c63557f2e022c333dc25a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69eb3a356d34f9e6-PRG
date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1541
etag
W/"068584269f926a1cb644319110c2485c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf9L7evn4U%2F4SxoyLMt%2B2gCCFuG8%2Bp9d5rO1ezivWi5G0xXTWdlhA591YhtImthjBsKArs0skJMvFWf8gjVnAKoxZNuaDGRg%2Fgb%2FmYgjTOQYS6RkJMTPVNT1yRMU3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
content-encoding
br

Redirect headers

date
Fri, 15 Oct 2021 18:49:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9lS5YuSuEm5MddnfhyuIz4i63DmIOfsB0XNiRNZp22DqK6VZgbOZ2gEBlQQagGYnvtkvJO8uqc9qi%2B0fgJ%2FXjYj%2FmQrbm5RYYT0x%2B0ZbPc3sJdzC%2Fge1H9xzl6xAPZ8ncQu6vNuim%2FoBwow8wxD4A%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
69eb3a3509122790-PRG
expires
Fri, 15 Oct 2021 19:49:26 GMT
184310-82987131453484.js
js-sec.indexww.com/ht/p/ 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Oct 2021 18:25:21 GMT
Server
Apache
ETag
"901b71-0-5ce6851682fe2"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2306
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
20
Expires
Fri, 15 Oct 2021 19:27:52 GMT
prebid-analytics-4.42.6.js
a.pub.network/core/ 		454 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-4.42.6.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c7816f78551dfc01f5af32c0f1c8af625420c136697bb79824b0db2048f540

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=/naSAQ==, md5=kgFsZ5XU+mBrDiHSNTa40w==
date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtsTCc_N78z3vwkzcY9htS1VAHUoafQXFhVLcDcvU8A0zZaEnJO_QG1owLblNjV2I-zRA3RxTVpiqfdZ3XeCOWgwDdMhw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
cf-ray
69eb3a34dd6f2774-PRG
last-modified
Thu, 05 Aug 2021 15:36:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoNAZJke7156SXAQ%2F%2FDJFUFk4BI6pJ0ZAAZnZtbiCFfl3f8LJctFAjlXSut0FmPxyJHrT82eUcltRTSUKkhacoXY3HV0GGwaKTpl%2BEGRaE0ao2kwgA7SNOjdtcBbzA0%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1628177807921390
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
464928
content-type
text/html
expires
Fri, 14 Oct 2022 23:36:46 GMT
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 4A16 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apis.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 15 Oct 2021 18:49:26 GMT
2607672972-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 5890 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2607672972-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4308
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 02:16:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Sat, 15 Oct 2022 11:18:07 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 5890 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.bleepingcomputer.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M56hazOqTmJ+431q02XrOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"9c5a8574bdf283ce8259de0154ce003e"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-M56hazOqTmJ+431q02XrOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Fri, 15 Oct 2021 18:49:26 GMT
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 18:49:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		213 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3fef19e536824cf94f0a91aa3c591c5cce3a2324b0cb39b2a848ec4ea8ff642c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125
x-xss-protection
0
expires
Fri, 15 Oct 2021 18:49:26 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ Frame 5890 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
sffe /
Resource Hash
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 10:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18128
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sat, 15 Oct 2022 10:06:57 GMT
sr
capi.connatix.com/tr/ Frame BB6A 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.108.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-108-37.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 18:49:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
analytics.js
s.srvsynd.com/2/234175/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.bleepingcomputer.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&de=2&to=3&pv=f2ccff36-e26b-4f47-8482-826b86e183ea
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6c872ed931c535c34a5143cc249e60c4c6cfeb741983f58117bac25c03d67c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:26 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
3162
Expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
77bad019a66d1ee0f0801b6aeee8f7efef4a4025ea615a9e9ea1d0721ac5614c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1016 / 278 of 1000 / last-modified: 1634306887"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27212
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 18:49:26 GMT
c1fed88e-1691-41ca-89cc-135dd0a97786.bin
vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ Frame BB6A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/c1fed88e-1691-41ca-89cc-135dd0a97786.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac839289bceacb489a8b18a17dc2b32be90fb2608068bbeb18678af74d3f93d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 14:20:15 GMT
age
15807
etag
"6a1683eb7e7cf82b851df3d3856e2299"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
813
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BB6A 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 15 Oct 2021 18:49:26 GMT
1.png
img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
age
375916
etag
"o7hSHwAUmCBIixIgiGzuW02nJNU8oGEvPnjWp++AQj4"
access-control-max-age
86400
fastly-io-info
ifsz=11996 idim=794x206 ifmt=png ofsz=9784 odim=794x206 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
9610
ao
capi.connatix.com/tr/ Frame BB6A 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.108.37 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-108-37.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 18:49:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
514171
vid.springserve.com/vast/ Frame BB6A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.109.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-109-135.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
034d16a0dc93e2baa5dd6ffcd09c0249a0eeab5d4ef0b8e0a37f2d22de774954

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
ps
capi.connatix.com/tr/ Frame BB6A 		0
0
da6d051b-07dd-470d-86ec-f801d8311733.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		33 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/da6d051b-07dd-470d-86ec-f801d8311733.jpg?crop=700:466,smart&width=700&height=466&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4a4472c15c6611e176acb4048ad892d19066e130fcdd08de8249e2c94276a6a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
age
16111
etag
"bY3sXmxoUqkvECqhqUzn5gT54jVnItMsxGMbXGMdiiI"
access-control-max-age
86400
fastly-io-info
ifsz=154316 idim=1600x900 ifmt=jpeg ofsz=33693 odim=700x466 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
31756
px.gif
ad-delivery.net/ 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7739337167129396
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Fri, 15 Oct 2021 18:49:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2832
x-guploader-uploadid
ABg5-UwXkjCiMZcCnzxkg3HxMvN7obGQSYa29h1f56fjJW6-LOWg_OGxiqZ61LVV9hzngbZkRkUtVjI9uRo6f5UZH_VPZZ3w7w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDVqCwd%2BCzYbEgAJXHYk%2FZk13TbqiSdK1Gz%2BYsKmvIrOx06Xs%2BFwVBm5cBI21Slx5qS2us3U0U8qdNeIazeTzcRu8NMrp0rFv0cX86lKRL30XSep8n1EcfXahMAmX8Io%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
69eb3a36893e2798-PRG
expires
Fri, 15 Oct 2021 18:04:42 GMT
da6d051b-07dd-470d-86ec-f801d8311733.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		28 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/da6d051b-07dd-470d-86ec-f801d8311733.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
78ecef70f26be6c1fdac47c62703bda773d8bba819e6c13ed0bf152fbb3f3e53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
age
16111
etag
"q2lqcAyTP/Q6hBnHz4lTMpbgjqDQd4+ydtdL9k6AGQs"
access-control-max-age
86400
fastly-io-info
ifsz=154316 idim=1600x900 ifmt=jpeg ofsz=28940 odim=700x394 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
27453
de626fba-c6f3-480f-9090-60dc574e8986.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/de626fba-c6f3-480f-9090-60dc574e8986.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff37c5d7c518485bc68ba93a755edfaaf77d9fb7a1fa1da2033a8ddc654b7483

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
age
16110
etag
"uwFBhBF64pV+MNfSjc1fDdnO3RAdyBNVTAyNv8qhyYo"
access-control-max-age
86400
fastly-io-info
ifsz=266772 idim=1600x900 ifmt=jpeg ofsz=68781 odim=700x394 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
68789
57f02dd6-73a3-45ac-830b-c570c831d93c.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		11 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/57f02dd6-73a3-45ac-830b-c570c831d93c.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86d5fc8546c489f3d864599a85133e2181ec61a824a0d79382cac0b687d57223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
age
16110
etag
"fdWydXIb8rcny0eonCfLwCg44QCJI4kcTvkCIBXUoKQ"
access-control-max-age
86400
fastly-io-info
ifsz=59390 idim=1600x808 ifmt=jpeg ofsz=10924 odim=700x394 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9799
5d1e6224-6919-4fc6-8e73-5ecb69111654.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		7 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/5d1e6224-6919-4fc6-8e73-5ecb69111654.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
186015076670df21e3027cebaeb2e99b131e0c733e1a146aec337942ec6571f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
age
16110
etag
"vmV1sUn9tQcHFLOk02fD8aP9746mV8hL6NJIqwAn2aA"
access-control-max-age
86400
fastly-io-info
ifsz=32050 idim=1600x900 ifmt=jpeg ofsz=6804 odim=700x394 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
5513
53a180ea-5439-489c-b137-29b108b3b202.jpg
img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/53a180ea-5439-489c-b137-29b108b3b202.jpg?crop=700:394,smart&width=700&height=394&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b273a2d32444b9dc54a6e915c7813e7d87fd4168c54a9459f5ac506b9b624b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
age
16110
etag
"44uaungzQcYQg8SRt6TP0Jv6K07/dfNt4/ZKZ/MDLos"
access-control-max-age
86400
fastly-io-info
ifsz=50830 idim=1600x900 ifmt=jpeg ofsz=8065 odim=700x394 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7066
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
557
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1HD7MXND052KYPCHQEG6
date
Fri, 15 Oct 2021 18:40:35 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Nm28_71p0HLZG2RvWAVKR-_UrveZIk6zVjR2DmqSz-WwnzSxDKm_PQ==
op.js
tagan.adlightning.com/freestar/ 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/op.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-71.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecc79a89fe27d447d0a59fc7f57dd32e4eb0cf68a5b665e5be3ace4ed500f753

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
McdH5MkW_SEl1iEOmNqDbRShwQRxesTS
content-encoding
gzip
etag
"3d42d58b3b42a10c6cf570a5bfb56644"
age
931
x-cache
Hit from cloudfront
content-length
24567
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 12 Oct 2021 13:46:46 GMT
server
AmazonS3
date
Fri, 15 Oct 2021 18:34:01 GMT
content-type
application/javascript
via
1.1 25fe70cc18ad9b2503949e3460083641.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-amz-cf-id
rEygjRd47oumy6J1rWx1sB6umoVnYYAdv-hmyC5sLj332Mq6-6x11A==
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 062E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Sat, 09 Oct 2021 00:30:48 GMT
expires
Sun, 09 Oct 2022 00:30:48 GMT
last-modified
Sat, 09 Oct 2021 00:23:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
584318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame BB6A 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Oct 2021 18:49:26 GMT
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 58D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Sat, 09 Oct 2021 00:30:48 GMT
expires
Sun, 09 Oct 2022 00:30:48 GMT
last-modified
Sat, 09 Oct 2021 00:23:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
584318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame AEDD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Sat, 09 Oct 2021 00:30:48 GMT
expires
Sun, 09 Oct 2022 00:30:48 GMT
last-modified
Sat, 09 Oct 2021 00:23:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
584318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1399
date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
vary
Accept-Encoding
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 22 Oct 2021 18:49:26 GMT
freestar.js
dggaenaawxe8z.cloudfront.net/ic/audiencesegment/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.211.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-211-228.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da3c5a2e809324e17c200da5501c0504fa5abe3acbd74dc7b53f4d61a06b66c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:17:47 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 04:14:50 GMT
server
AmazonS3
age
52300
etag
W/"875dd76c5784ab5abc64ac0e780a24ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 58a361324cd2b1576fcc05c5471b9b13.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
LBLjQWrATyIq6jn2lqUwuh7qnqiiiHe_XgGVcHRpTPUErVzQr63ZXQ==
load.js
s.ntv.io/serve/ 		387 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.23.0.66df75648fd8141c2e1df614b917bd234fb7349d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-108.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a1418d32570398f8f8e07cea418bd2d81e0b78cc1cd1c2548bd260d70229d166

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:26 GMT
Content-Encoding
gzip
x-amz-request-id
895K4HQGRFR5FN5S
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
0Jcr9R8t+XovoD9YBzuqeOtI6SysbawGYeCKT03cnDKhTtl6pP4lAV6q0YO6lZmCJhLSsBa3gUw=
Last-Modified
Fri, 08 Oct 2021 20:59:32 GMT
Server
AmazonS3
ETag
"5cac4cabadee93ec669a5ded971f5756"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
json
gum.criteo.com/sid/ 		363 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
bedb66ea25e4ef6df091a7dc714b592ebade31fea6c7694f79dba54f47748a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 15 Oct 2021 18:49:26 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2489
expires
0
v1
dmx.districtm.io/b/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
cf-ray
69eb3a378f094126-PRG
access-control-allow-headers
Content-Type, Origin
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
57664ee6da8854b147183193a1e7d9e9da829bd68ef04337ea3b09c1a3af4065

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
ATS/7.1.2.138
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
3c829d19d84a035f426b63736c8f20868c3c4bc7b982caea4d86fbdaadb0246c

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:26 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ads.yieldmo.com/exchange/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.42.1&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22callback_id%22%3A%227b90d173b1455a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&bust=1634323766909&pr=&scrd=1&dnt=false&description=Page%201%20of%203%20-%20Viruses%20preventing%20my%20Windows%20to%20Update%20-%20posted%20in%20Virus%2C%20Trojan%2C%20Spyware%2C%20and%20Malware%20Removal%20Help%3A%20I%20posted%20this%20message%20in%20reddit%0A%C2%A0%0AGreetings%20Redditors%2C%20I%20am%20encountering%20this%20recent%20error%20concerning%20the%20updates%20to%20my%20OS.%20I%20have%20surfed%20he%20internet%20and%20youtube%20and%20found%20that%20this%20error%20is%20caused%20when%20the%20Windows%20Update%20service%20is%20missing.%20I%20did%20follow%20a%20tutorial%20to%20register%20the%20keys%20again%20(%20mind%20you%20that%20i%20backed%20up%20my%20keys%20and%20used%20it%20but%20for%20some%20reason%20the%20service...&title=Viruses%20preventing%20my%20Windows%20to%20Update%20-%20Virus%2C%20Trojan%2C%20Spyware%2C%20and%20Malware%20Removal%20Help&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=848e39b2-184b-4549-83c5-b1b4374e29cd&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		1 KB
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d925e34daa0fe1e6548a8fe0fb3f1c66b603f51c856071d8c4ff36c7820d51f0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
htlb.casalemedia.com/ 		25 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221112fd45405dbe3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212ea02f3bbfb4ac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22137875010115977%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55db306ed58240de3bd97054afca883ded5d3461126f33684fc7046ab9a313e0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.145], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 15 Oct 2021 18:49:27 GMT
hb
ssc.33across.com/api/v1/ 		66 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dPGcAuqZ0r6Ok4aKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
64188919001668669b5b884b44bd3eac4068a8e4d71d21d958048f52e1be721a

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
auction
tlx.3lift.com/header/ 		19 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.42.1&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.202.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-202-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:26 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		747 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&rp_schain=1.0,1!freestar.com,412,1,,,&eid_pubcid.org=848e39b2-184b-4549-83c5-b1b4374e29cd%5E1&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&tg_i.fs_ad_product=stickyFooter&tg_i.dfp_ad_unit_code=15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tg_i.pbadslot=15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tk_flint=pbjs_lite_v4.42.1&x_source.tid=9e55f096-9a58-43e3-87b7-3553891bae4e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.25959125126668847
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
87080cab8794ff5866d3656734a9e2e55444cd90f76f7e36194b35816020cfb2

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
747
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7f5c5cc320064d614fc45e27c83207bcd36190c893364a09dbec92f5749c7129
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:26 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5e15d006-6fb1-4e9f-86c6-47e3d9014ec2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		2 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Fri, 15 Oct 2021 18:49:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Length
2
Content-Type
application/json; charset=UTF-8
arj
freestar-d.openx.net/w/1.0/ 		174 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&ch=windows-1252&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9e55f096-9a58-43e3-87b7-3553891bae4e&nocache=1634323766919&pubcid=848e39b2-184b-4549-83c5-b1b4374e29cd&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90&divids=bleepingcomputer_970x90_728x90_320x50_sticky&aucs=%252F15184186%252Fbleepingcomputer_970x90_728x90_320x50_sticky%252Fbleepingcomputer_970x90_728x90_320x50_sticky&auid=540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
9b86f59ea10ddab83497c391c78d522da48d16d33ad71994584f68e69b5a5a8a

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
166
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d7379ee5f42e3a24392d1c3ee605abe7842d6dc47edd6be0315d8cc2f849fb42
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:26 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fec00488-39ec-493c-ab1b-79d1babc16b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=dLvdYdSUqv&w=5733492711227392&o=5714937848528896&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Oct 2021 18:49:27 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
vpaid_68c68ea6.js
vpaid.springserve.com/production/ 		491 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-124.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 22 Sep 2021 17:36:21 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:34:44 GMT
server
AmazonS3
age
1991587
etag
W/"c41b3f31e617ac05abbd6b79785bd64a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4e4c50c641418e6aad9ec09cb0f22845.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
AMS54-C1
x-amz-cf-id
15_ro_DdP83unpnzLIWI-VMrEYfcJNuDUVkmtQGigDY3utYdCTWPOQ==
postback
s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/postback?oz_pl=1&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&pv=f2ccff36-e26b-4f47-8482-826b86e183ea&dt=2341751597675869250012&di=www.bleepingcomputer.com&de=2&to=3&ci=234175&_x=1
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.bleepingcomputer.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&de=2&to=3&pv=f2ccff36-e26b-4f47-8482-826b86e183ea
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 18:49:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvsynd.com/2/2.33.0/ 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/main.js
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.bleepingcomputer.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&de=2&to=3&pv=f2ccff36-e26b-4f47-8482-826b86e183ea
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7a3b4c985dc5de60264f6a19da2b094563d3dfc6b1fc1bd33645cae3e0db6cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:26 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
47424
Expires
Mon, 23 Jun 2053 19:15:26 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		57 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:26 GMT
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
57
x-amz-cf-id
74e-w6yOLbZoguPucgAu3kt4ww9nX_TSf2KPP-DoXnRq2w5iEGd9dQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&pid=CH4eitog7EOG1&cb=0&ws=1600x1200&v=7.69.01&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P1
x-amz-rid
3M6MJFFZHB8CXXYY3D0Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
uHwVZrSqe5sWIanyo6yucyFlZPx7xmcxlqI5uoYj7rUtLELloNB9wg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&pid=CH4eitog7EOG1&cb=1&ws=1600x1200&v=7.69.01&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
via
1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P1
x-amz-rid
76ZBQB2TWMKNNSTGP3T1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
nvX1IYSyYQtMIet3wRBatX0WOiFxGsJ9Q9I6DtSFUbZkeoc9MoEj2A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
37247
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Fri, 15 Oct 2021 08:28:41 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
dQsLIdDR0tEZhkB6Gk6UGT-VvXvQdM7zGEJh8q3T6wfinNcQ6g0_kg==
b-7b120a5-b3bdc5bb.js
tagan.adlightning.com/freestar/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-7b120a5-b3bdc5bb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-71.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 04:56:59 GMT
content-encoding
gzip
age
3678749
x-cache
Hit from cloudfront
content-length
28519
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 16:44:53 GMT
server
AmazonS3
etag
"740bb6532e59e4676cc74228cc09fc36"
x-amz-version-id
7vSoDick1OFIZRTjmPdylyGMRRN80fGd
via
1.1 25fe70cc18ad9b2503949e3460083641.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fSE82VqCnTWYFeKpD2UWuNzTIACjVYbe9F72cqeB3nbfjTcMliXKAw==
bl-e1f86f1-b76b56dd.js
tagan.adlightning.com/freestar/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-e1f86f1-b76b56dd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.220.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-220-71.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 14:07:53 GMT
content-encoding
gzip
age
276095
x-cache
Hit from cloudfront
content-length
20181
x-amz-meta-git_commit
e1f86f1
last-modified
Tue, 12 Oct 2021 13:45:57 GMT
server
AmazonS3
etag
"5eb30c80051cf1068fd5977c36ebf0e1"
x-amz-version-id
spQNSK2k7inCQ_SvbouhGWqjPSU15D2l
via
1.1 25fe70cc18ad9b2503949e3460083641.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
RQLEj272ZdZMGGNnrR_Inqp1VIa0QjI9YCqJHyupVWY1MnF9Nz6n7A==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
womptv2nm.js
cdn.krxd.net/controltag/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 15 Oct 2021 18:49:27 GMT
via
1.1 varnish, 1.1 varnish
age
424
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a001-ash-prod.krxd.net, cache-bwi5137-BWI, cache-fra19134-FRA
x-response-time
0
x-do-esi
esi
x-timer
S1634323767.157132,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 3, 69
logs
uat5-b.investingchannel.com/ 		0
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat5-b.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by
Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/ic/audiencesegment/freestar.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.27.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-27-215.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
server
Jetty(9.4.12.v20180830)
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
logs
uat5-b.investingchannel.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uat5-b.investingchannel.com/logs?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol
H2
Server
52.57.27.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-27-215.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server
Jetty(9.4.12.v20180830)
arj
freestar-d.openx.net/w/1.0/ 		174 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&ch=windows-1252&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1eb818c2-afd9-4613-9e1b-c88907f23307%2C2f4c13ee-ef01-495e-960c-059de0e0a7f1&nocache=1634323767124&pubcid=848e39b2-184b-4549-83c5-b1b4374e29cd&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250&divids=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&aucs=%252F15184186%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2C%252F15184186%252Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%252Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&auid=540959250%2C540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
70ba5fa117c784f7541289722fe0c98abaed5e970243ffc15bcd4bb037aaa745

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
166
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5f49eadf1f543703e68d92cca57d1cd8c31303a91d911bc9691c8e59680b3afb

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
auction
tlx.3lift.com/header/ 		19 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.42.1&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.202.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-202-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
16e3d4a2f57bdab0a99bb1a37174cf7563f6e7d28f18d217eafc33541119cb73

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194700601d06e7&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
006c4e2172c874acf41a928edd63b1432fd8c945b01c03da3c232aa6e8c5afc7

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
d43e399ba09544255bf6868dde76294fe05dd14d902f0568991721f5c0039aba

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
14dc0fc383625ebfd797d817dcb17aff17991af650cc3b58b79d9ae58b1a2fa8

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194700601d06e7&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
4e34fa6a1a19be39baaf436be211702c45cf59ecba0c0b23878e0c1b6eca85b8

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
8f9c6f094f7be69283685afb61ba46656c8ffda55ac28a52d367f6f2acf524a4

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		846 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.com,412,1,,,&eid_pubcid.org=848e39b2-184b-4549-83c5-b1b4374e29cd%5E1&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&tg_i.fs_ad_product=banner&tg_i.dfp_ad_unit_code=15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&tg_i.pbadslot=15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&tk_flint=pbjs_lite_v4.42.1&x_source.tid=1eb818c2-afd9-4613-9e1b-c88907f23307%3B2f4c13ee-ef01-495e-960c-059de0e0a7f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.391685044549291
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c06943a38b2ab963f383afeccd6947002e4ec734aef32837a47a3b27f97beff3

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:27 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
846
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		2 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Fri, 15 Oct 2021 18:49:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Length
2
Content-Type
application/json; charset=UTF-8
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
dmx.districtm.io/b/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 18:49:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
cf-ray
69eb3a38a8e04126-PRG
access-control-allow-headers
Content-Type, Origin
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
224708afd495a393b2662270693c1187ccb94b3ce68a7c009f8aa9a83c26ea71
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:27 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e9578fa3-37e8-4415-98ab-ffa08029521c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		250 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
61b6d03e74e9d47e3631d3ced2fbc80c83d7d9d6a0b46afb79db5013e8d6d5df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:27 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
760ef56e-3ed4-4a61-b349-79be291bd34b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2290e24845ec5d52d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2291c8d7597822d83%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2292c86b1dc5e8285%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%229390e46b20b05fe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22949ed5cd8cb52e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22950ece4401ffcb2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22963ecd5b5dad35b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
210e4a53f32910b2eab4819b5f11e2787e677903df324b9ebb5c5a38b71410cf

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.145], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 15 Oct 2021 18:49:27 GMT
prebid
ads.yieldmo.com/exchange/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.42.1&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22callback_id%22%3A%2298c700b47ee1298%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22callback_id%22%3A%229954ce2eaae73ba%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&bust=1634323767134&pr=&scrd=1&dnt=false&description=&title=&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=848e39b2-184b-4549-83c5-b1b4374e29cd&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
t
jadserve.postrelease.com/ 		241 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F%23entry5150714&ntv_mvi&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.155.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-155-146.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
7f24d58735397dbe7772644e6fa0b066072936f5cd2cd9602d5b2cacd7d3fe92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
194
expires
Mon, 1 Jan 1990 12:00:00 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/postback?oz_pl=1&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&pv=f2ccff36-e26b-4f47-8482-826b86e183ea&dt=2341751597675869250012&di=www.bleepingcomputer.com&de=2&to=3&ci=234175&_x=1
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.bleepingcomputer.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&de=2&to=3&pv=f2ccff36-e26b-4f47-8482-826b86e183ea
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 18:49:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
gzip
age
6417112
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1394052
content-length
84509
x-served-by
cache-fra19134-FRA
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1634323767.378588,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/postback?ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&pv=f2ccff36-e26b-4f47-8482-826b86e183ea&dt=2341751597675869250012&di=www.bleepingcomputer.com&de=2&to=3&ci=234175&sid=ANcm_WcAEAfIQDCZ&oz_sc=dc752ab3b4c3d141874ba92d&oz_df=1634323767230&oz_l=207&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 18:49:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 32AB 		805 B
850 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

:method
GET
:authority
cdn.krxd.net
:scheme
https
:path
/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 varnish
age
11042824
x-served-by
cache-fra19134-FRA
x-cache
HIT
x-cache-hits
373676
x-timer
S1634323768.025858,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
postback
s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/postback?ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&pv=f2ccff36-e26b-4f47-8482-826b86e183ea&dt=2341751597675869250012&di=www.bleepingcomputer.com&de=2&to=3&ci=234175&sid=ANcm_WcAEAfIQDCZ&oz_sc=dc752ab3b4c3d141874ba92d&oz_df=1634323767498&oz_l=4604&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 18:49:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame F50F 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
pubfig.messaging.2.22.3.2b8cf4d0f13e11a0c22a7f770a6ed783c403b6bf.js
a.pub.network/core/pubfig/ 		184 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.22.3.2b8cf4d0f13e11a0c22a7f770a6ed783c403b6bf.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31982b9a9549c328c4ee79c9339ce77f03df084f82d2501b820ef68bf7667e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=N3WyfQ==, md5=bGZLpabKhBd4Os0RX8iyDA==
date
Fri, 15 Oct 2021 18:49:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdvTPpaZMIMB_lZM4lmj3oqz_E8pTeSFwx2QI57yZnBRHWpRrZXVltvGMj_EsuC6EN_BpuDu8qY9d_wQUS8m1LW50Sdd0A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-ray
69eb3a3b18da2774-PRG
last-modified
Mon, 04 Oct 2021 17:26:04 GMT
server
cloudflare
etag
W/"6c664ba5a6ca8417783acd115fc8b20c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6VknYPiLAO01HdVvjpo2fxFe09ctnbOT3fOGbraR5DmwV0XwInEVtW1tQrScCnemQ7aHwyn%2BI9sUmYhktVvaKAP1nr%2Bsh92b%2Bp0Pw5NV7fEQoC%2FbgfSvsRD1SF5sn0%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1633368364483405
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
188146
content-type
application/javascript
expires
Fri, 15 Oct 2021 06:23:25 GMT
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ 		249 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a015-dub-prod.krxd.net, cache-hhn4036-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1634323768.028154,VS0,VE25
content-length
199
x-cache-hits
0, 0
8ac4cf7a-a669-44dd-8115-9c28f4443b62
https://www.bleepingcomputer.com/ 		795 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bleepingcomputer.com/8ac4cf7a-a669-44dd-8115-9c28f4443b62
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49bf438349cbba11f359c77a0d1c179c8be4804a283cd594bc450b6ec9d5b0fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
795
womptv2nm.js
cdn.krxd.net/controltag/ Frame 32AB 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/womptv2nm.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 varnish, 1.1 varnish
age
425
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3716
x-served-by
config-service-a001-ash-prod.krxd.net, cache-bwi5137-BWI, cache-fra19134-FRA
x-response-time
0
x-do-esi
esi
x-timer
S1634323768.048947,VS0,VE0
etag
"fa213313d0f749c73627133b4ab4942a6489b2c7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 3, 70
c
c.pub.network/ 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.3.2b8cf4d0f13e11a0c22a7f770a6ed783c403b6bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
d1379c4b46f5a2a670099f7bd145b4c9d2395ac4954a442b280a0ca2f062907c

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36
postback
s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/postback?ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&pv=f2ccff36-e26b-4f47-8482-826b86e183ea&dt=2341751597675869250012&di=www.bleepingcomputer.com&de=2&to=3&ci=234175&sid=ANcm_WcAEAfIQDCZ&oz_sc=dc752ab3b4c3d141874ba92d&oz_df=1634323768042&oz_l=8171&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 18:49:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 32AB 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/womptv2nm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 15 Oct 2021 18:49:28 GMT
content-encoding
gzip
age
6417113
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
1394054
content-length
84509
x-served-by
cache-fra19134-FRA
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1634323768.085223,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
9427dd0d-835c-471c-a5db-ab01ae8a681c
consumer.krxd.net/consent/get/ Frame 32AB 		234 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15c14e79b1c1511958b6f4ae763fb0fba3defd770dc80f0d6455247045b9a15f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a005-dub-prod.krxd.net, cache-hhn4036-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1634323768.127860,VS0,VE29
content-length
195
x-cache-hits
0, 0
usermatch.gif
beacon.krxd.net/ Frame 32AB
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2JFQVNZRnc
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESECxb_WoLuH70tP7J62YD0Zw&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECxb_WoLuH70tP7J62YD0Zw&google_cver=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1634323768
x-served-by
beacon-n001-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESECxb_WoLuH70tP7J62YD0Zw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 32AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2JFQVNZRnc
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T2JFQVNZRnc&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM69PaaP_6xO3zgveHLAl_M&google_cver=1
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM69PaaP_6xO3zgveHLAl_M&google_cver=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1634323768
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM69PaaP_6xO3zgveHLAl_M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 32AB 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=ObEASYFw&gdpr=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
379708.gif
idsync.rlcdn.com/ Frame 32AB 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=ObEASYFw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 32AB
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=ObEASYFw&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DObEASYFw%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=ObEASYFw&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=ObEASYFw&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1634323768
x-served-by
beacon-n008-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=ObEASYFw&partner=bluekai&bk_uuid=$_BK_UUID
Date
Fri, 15 Oct 2021 18:49:28 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
p
sb.scorecardresearch.com/ Frame 32AB 		64 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=ObEASYFw&rn=1634323768
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-23.ams50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 3c01812e357a7900959ea67a1c5782ad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
MyEcaqRGZAG0T-pwYU_R4I9SkIIMNHTy1QcHrZza5B7Xx-P4XmE4-Q==
match
ps.eyeota.net/ Frame 32AB
Redirect Chain
  • https://ps.eyeota.net/match?bid=i0r4o4v&uid=ObEASYFw
  • https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=ObEASYFw
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnhzdWFJMk5HMHhfQ3FsVE5uMFgzSF9qVGVVNEtkbjhJZHh1NFByb1hZem8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESEG3H_oGs4Y7_cOipWZvUywc&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7372097554783087026&newuser=1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v&
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=0dea6169-cd38-4600-8192-098030217b7a&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v&
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26&_test=YWnNOA...
  • https://ps.eyeota.net/match?uid=YWnNOAAAAlAWNwA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=i0r4o4v&&_test=YWnNOAAAAlAWNwA6
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://ps.eyeota.net/match?uid=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&bid=1e2n4ou
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:28 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&bid=1e2n4ou
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
191
getuid
ib.adnxs.com/ Frame 32AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID&gdpr=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
image.sbxx
ib.mookie1.com/ Frame 32AB
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=247532&pid=314&xid=ObEASYFw
  • https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=ObEASYFw
120 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=247532&pid=314&xid=ObEASYFw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:29 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS06
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Fri, 15 Oct 2021 18:49:28 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=247532&pid=314&xid=ObEASYFw
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS13
Content-Type
text/html; charset=utf-8
Content-Length
193
usermatch.gif
beacon.krxd.net/ Frame 32AB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dpubmatic%26partner_uid%3D%23PM_USER_ID&rdf=1
  • https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1634323768
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=pubmatic&partner_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
date
Fri, 15 Oct 2021 18:49:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
398696.gif
idsync.rlcdn.com/ Frame 32AB
Redirect Chain
  • https://fei.pro-market.net/engine?mimetype=img&du=88&csync=ObEASYFw
  • https://idsync.rlcdn.com/398696.gif?partner_uid=-4095404235742952701
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398696.gif?partner_uid=-4095404235742952701
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:28 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:27 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://idsync.rlcdn.com/398696.gif?partner_uid=-4095404235742952701
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
optout_check
beacon.krxd.net/ 		92 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.investingchannelinc.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
12273900e60aada0e4b4bc17024ecb9872158043ab38974dbf66db30e255f06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:30 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=36 t=1634323770
x-served-by
beacon-n005-dub-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		387 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=9427dd0d-835c-471c-a5db-ab01ae8a681c&technographics=1&callback=Krux.ns.investingchannelinc.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
42f89ba873ca2e47821646e061f2d5a5bb8b89691a8a97da39709fd2eb581a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Fri, 15 Oct 2021 18:49:30 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a013-ash-prod.krxd.net, cache-fra19134-FRA
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1634323771.500380,VS0,VE95
content-length
295
x-cache-hits
0, 0
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=womptv2nm&_kpid=9427dd0d-835c-471c-a5db-ab01ae8a681c&_kcp_s=Freestar&_kcp_d=www.bleepingcomputer.com&_knifr=4&_kua_kx_tz=0&geo_country=de&geo_region=he&geo_dma=276003&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=he&_kua_kx_geo_dma=276003&_kpa_url_path_1=forums&_kpa_url_path_2=t&_kpa_url_path_3=746914&_kpa_domain=www.bleepingcomputer.com&t_navigation_type=0&t_dns=9&t_tcp=19&t_http_request=-1&t_http_response=445&t_content_ready=2954&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=wrqptnwm6&userdata_user=ObEASYFw%2Cwrqptnwm6&sview=1&kplt0=39860&kplt1=47346&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F9427dd0d-835c-471c-a5db-ab01ae8a681c%2C535%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C35%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C119
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:30 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1634323770
x-served-by
beacon-n008-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
postback
s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/postback?ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&pv=f2ccff36-e26b-4f47-8482-826b86e183ea&dt=2341751597675869250012&di=www.bleepingcomputer.com&de=2&to=3&ci=234175&sid=ANcm_WcAEAfIQDCZ&oz_sc=dc752ab3b4c3d141874ba92d&oz_df=1634323772536&oz_l=653&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 18:49:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
envelope
api.rlcdn.com/api/identity/ 		44 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		154 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
65fb888aea00501a5dc0286444d66a06cdb3c33da106e4e9817af9ab3e2e5e9c

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
x-server
10.45.14.231
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
id
id.sharedid.org/ 		41 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.245.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-245-148.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9785c0ee4e91e6c161177cb63bd32032310fbafebc0c56e1448319ccf35d7d59

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
41
expires
0
rid
match.adsrvr.org/track/ 		108 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
629635dd07348be5ec8af9cc64294c508c87a7d7fc4db13e8ee37b92593a5898

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 14 Nov 2021 18:49:33 GMT
index.html
cdn.districtm.io/ids/ Frame 6BAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
69eb3a5ee9bc4126-PRG
async_usersync.html
acdn.adnxs.com/dmp/ Frame A9F2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIheVeEAoYASABKAEwt5qniwY4AUABSAEQt5qniwYYAA..; uuid2=6234528353970784364
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 15 Oct 2021 18:49:33 GMT
Age
49369
X-Served-By
cache-lga21949-LGA, cache-hhn4050-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 855832
X-Timer
S1634323773.269377,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8F5B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=60557
expires
Sat, 16 Oct 2021 11:38:50 GMT
date
Fri, 15 Oct 2021 18:49:33 GMT
vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 29A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
69eb3a5ee9b84126-PRG
pd
eu-u.openx.net/w/1.0/ Frame 84B2 		1006 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4d52a81aa5d8db6b26c4b4d76f87c229039cd1fb1e1cb065bdf844101af86cd8

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
i=848e39b2-184b-4549-83c5-b1b4374e29cd|1634323766
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=848e39b2-184b-4549-83c5-b1b4374e29cd|1634323766; Version=1; Expires=Sat, 15-Oct-2022 18:49:33 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634323773|mOgeginskin0vNomiygu; Version=1; Expires=Sat, 30-Oct-2021 18:49:33 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html
content-length
540
content-encoding
gzip
via
1.1 google
alt-svc
clear
checksync.php
contextual.media.net/ Frame D808 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9e4e2c46e9957a5164692d78a00b6dacf40e04bec4548634e1c5fbef0e767a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 18 Apr 2022 18:49:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=157002
expires
Sun, 17 Oct 2021 14:26:15 GMT
date
Fri, 15 Oct 2021 18:49:33 GMT
content-length
8175
async_usersync.html
acdn.adnxs.com/dmp/ Frame 631B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIheVeEAoYASABKAEwt5qniwY4AUABSAEQt5qniwYYAA..; uuid2=6234528353970784364
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 15 Oct 2021 18:49:33 GMT
Age
49370
X-Served-By
cache-lga21949-LGA, cache-hhn4042-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 856254
X-Timer
S1634323773.269047,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 0D86 		1006 B
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4d52a81aa5d8db6b26c4b4d76f87c229039cd1fb1e1cb065bdf844101af86cd8

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
i=848e39b2-184b-4549-83c5-b1b4374e29cd|1634323766
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=848e39b2-184b-4549-83c5-b1b4374e29cd|1634323766; Version=1; Expires=Sat, 15-Oct-2022 18:49:33 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1634323773|mOgeginskin0vNomiygu; Version=1; Expires=Sat, 30-Oct-2021 18:49:33 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.217.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html
content-length
540
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync
eb2.3lift.com/ Frame 2079
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
5fb5ab7b1e1f0c3167ad4376432478d609c614a1f2db1b59c18af1ae73dde7ab

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
tluid=1632140073887346678
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html; charset=utf-8
content-length
463
set-cookie
sync=CgoIgQIQ6e6mqsgvCgoI4gEQ6e6mqsgvCgoI5gEQ6e6mqsgvCgoIhwIQ6e6mqsgvCgkICRDp7qaqyC8KCQg6EOnupqrILwoJCAsQ6e6mqsgvCgoIjAIQ6e6mqsgvCgoIzgEQ6e6mqsgvCgkIXxDp7qaqyC8=; Max-Age=7776000; Expires=Thu, 13 Jan 2022 18:49:33 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=1632140073887346678; Max-Age=7776000; Expires=Thu, 13 Jan 2022 18:49:33 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-length
0
set-cookie
tluid=7094601687469062409; Max-Age=7776000; Expires=Thu, 13 Jan 2022 18:49:33 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 42EC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=60557
expires
Sat, 16 Oct 2021 11:38:50 GMT
date
Fri, 15 Oct 2021 18:49:33 GMT
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 9361 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9e4e2c46e9957a5164692d78a00b6dacf40e04bec4548634e1c5fbef0e767a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C251%2C175%2C178%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C238%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 18 Apr 2022 18:49:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=157002
expires
Sun, 17 Oct 2021 14:26:15 GMT
date
Fri, 15 Oct 2021 18:49:33 GMT
content-length
8175
/
ssc-cms.33across.com/ps/ Frame 9842 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip174.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Fri, 15 Oct 2021 18:49:32 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 7B9B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 15 Oct 2021 18:49:33 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 4E35 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwywYaQOmrhRaqUZrmDgY/CTx+qs1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+vEKleU6LjTam3MjDFVf/xlH9h; khaos=KUSQ69HJ-U-853L; audit=1|naVuGyos1qqgf7wwkQ8M4cxx6KQqSFWyggSWtAimAVyuE9XIIERwXMmOZNlrfnQZ8Wf+CDJvEd7vQn6gbej9EcxuhZpbWKLt+/AMC2wiya8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Oct 2021 18:49:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 994B
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
5fb5ab7b1e1f0c3167ad4376432478d609c614a1f2db1b59c18af1ae73dde7ab

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bleepingcomputer.com/
accept-encoding
gzip, deflate, br
cookie
tluid=1632140073887346678
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html; charset=utf-8
content-length
463
set-cookie
sync=CgoIgQIQ6e6mqsgvCgoI4gEQ6e6mqsgvCgoI5gEQ6e6mqsgvCgoIhwIQ6e6mqsgvCgkICRDp7qaqyC8KCQg6EOnupqrILwoJCAsQ6e6mqsgvCgoIjAIQ6e6mqsgvCgoIzgEQ6e6mqsgvCgkIXxDp7qaqyC8=; Max-Age=7776000; Expires=Thu, 13 Jan 2022 18:49:33 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=1632140073887346678; Max-Age=7776000; Expires=Thu, 13 Jan 2022 18:49:33 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-length
0
set-cookie
tluid=1632140073887346678; Max-Age=7776000; Expires=Thu, 13 Jan 2022 18:49:33 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame C3EF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-4.42.6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bleepingcomputer.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 15 Oct 2021 18:49:33 GMT
Connection
keep-alive
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemediagrid...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dthemed...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=437&ssp=themediagrid&user_id=
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 3588
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab2b15bc4245779ffc7529cd333366826ae8d5b0d5165f4220bd335db4532c23

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YWnNPSdLuJu2qfwAnhk2VgAA; CMPS=3181
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|5|46|176|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1531
Expires
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Connection
keep-alive
Set-Cookie
CMID=YWnNPSdLuJu2qfwAnhk2VgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 Oct 2022 18:49:33 GMT CMPS=3181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Jan 2022 18:49:33 GMT CMPRO=1140;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Jan 2022 18:49:33 GMT CMST=YWnNPWFpzT0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Oct 2021 18:49:33 GMT CMRUM3=2d6169cd3d05a0&f16169cd3d05a0&e66169cd3d2760&056169cd3d05a0&986169cd3d05a00&276169cd3d0b40&2e6169cd3d05a0&b06169cd3d05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 Oct 2022 18:49:33 GMT

Redirect headers

Server
Apache
Content-Length
347
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Connection
keep-alive
Set-Cookie
CMID=YWnNPSdLuJu2qfwAnhk2VgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 Oct 2022 18:49:33 GMT CMPS=3181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Jan 2022 18:49:33 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4876 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e123a9eb690cc77f16bebeaed1e4c3e595157e4c25de5c77c6c14f34f26edee9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YWnNPSdLuJu2qfwAnhk2VgAA; CMPS=3181; CMPRO=1140; CMST=YWnNPWFpzT0A; CMRUM3=2d6169cd3d05a0&f16169cd3d05a0&e66169cd3d2760&056169cd3d05a0&986169cd3d05a00&276169cd3d0b40&2e6169cd3d05a0&b06169cd3d05a00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|4|206|130|39|188|65|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1457
Expires
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Connection
keep-alive
Set-Cookie
CMID=YWnNPSdLuJu2qfwAnhk2VgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 Oct 2022 18:49:33 GMT CMPS=3181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Jan 2022 18:49:33 GMT CMPRO=1140;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 13 Jan 2022 18:49:33 GMT CMRUM3=586169cd3d05a0&826169cd3da8c0&bc6169cd3d05a00&276169cd3d0b40&2e6169cd3d05a0&b06169cd3d05a00&986169cd3d05a00&496169cd3d05a0&056169cd3d05a0&e66169cd3d2760&046169cd3d05a0&ce6169cd3d05a0&416169cd3d05a0&2d6169cd3d05a0&f16169cd3d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 15 Oct 2022 18:49:33 GMT
async_usersync
ib.adnxs.com/ Frame 631B 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9fd70d69-5155-446d-9a02-b95ac01cc339
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A9F2 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
77f03b89-417f-44f5-8c78-8827605e0535
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:32 GMT
Server
PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-0081ebc652be302bb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=81214b04-8c93-4f18-943a-e92aef2e03b1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7e71b237-1261-48c1-84e4-3d475d32f44f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDLWJFN0MwNW9BQURFbGR0Tnh6Zw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABKh07C05oAABSROjN1Yw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=255172983778019631
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABKh07C05oAABSROjN1Yw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D255172983778019631%26bee_sync_partners%3Dox%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?userid=255172983778019631&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABKh07C05oAABSROjN1Yw&pid=558502&do...
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Oct 2021 18:49:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jcoWWdifEwSWzhhZ2p0NAo-ZFlOWyxcBjc1huxdS
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jcoWWdifEwSWzhhZ2p0NAo-ZFlOWyxcBjc1huxdS
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jcoWWdifEwSWzhhZ2p0NAo-ZFlOWyxcBjc1huxdS
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2312625173357055989
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2312625173357055989
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2312625173357055989
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 84B2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=572206eb-b1cc-7abe-d913-795c53691a30&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 84B2 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2I0ZGQ1MjEtNzhiYi0yNDFhLWNjZjMtMjNlNTk5OGJkNDUw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 84B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:32 GMT
Server
PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-0081ebc652be302bb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=iW9Inr9v1MBsgR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c653fe07-7514-44f0-b09c-8712ec50e4ca&expires=1&user_group=5&ssp=openx&bsw_param=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c4a2ae4c-90ae-4716-82b8-9df80fd720c9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6234528353970784364
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFES24wN0MwNW9BQURQVmR0Tnh6Zw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABKh07C05oAABSROjN1Yw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABKh07C05oAABSROjN1Yw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABKh07C05oAABSROjN1Yw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=255172983778019631
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:34 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABKh07C05oAABSROjN1Yw
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0dea6169-cd38-4600-8192-098030217b7a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Oct 2021 18:49:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=bWCvbjg1qjN2ZKE2azW0ZGM1qDF2YftlaWM7rHR-
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=bWCvbjg1qjN2ZKE2azW0ZGM1qDF2YftlaWM7rHR-
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=bWCvbjg1qjN2ZKE2azW0ZGM1qDF2YftlaWM7rHR-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8221450259768736028
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8221450259768736028
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8221450259768736028
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 0D86 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=572206eb-b1cc-7abe-d913-795c53691a30&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0D86 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2I0ZGQ1MjEtNzhiYi0yNDFhLWNjZjMtMjNlNTk5OGJkNDUw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPagJ9vo5yzbAdlMeCnu4Ig&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8F5B 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19528571&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b21e6311cb8893cfc9bf6f20d1090a4b1005f739fee420beede8b89a8d279ec6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 4E35 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26793
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sat, 16 Oct 2021 02:16:06 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2079 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 2079
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2079
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 2079 		0
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1632140073887346678&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-69.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
HIqcKdBIrhaAjHlarioAAA==
xuid
eb2.3lift.com/ Frame 2079
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1632140073887346678?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z0y__eJE2oRzx9tW0NTB7Z35snzO7KknAhrgFV9TYQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z0y__eJE2oRzx9tW0NTB7Z35snzO7KknAhrgFV9TYQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 15 Oct 2021 18:49:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z0y__eJE2oRzx9tW0NTB7Z35snzO7KknAhrgFV9TYQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 2079 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1632140073887346678&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 2079 		42 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1632140073887346678&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
x-msedge-ref
Ref A: 1941A505DF52401083BF5DB5468CB6C1 Ref B: PRG01EDGE1015 Ref C: 2021-10-15T18:49:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 2079
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1632140073887346678
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FZPF4ZNWF6Y40SD5F21P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2079
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 2079
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame 994B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 994B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGlJNf8uE9HFewpw8PDB-Ek&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 994B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYzMjE0MDA3Mzg4NzM0NjY3OA%3D%3D
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 994B 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1632140073887346678&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-69.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
+j+6KdBIrhYwNv0crioAAA==
xuid
eb2.3lift.com/ Frame 994B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1632140073887346678?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-k7iMo2JE2oTTkpcv2dvMGdW3wyq_oyMTqY81kQsVwQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-k7iMo2JE2oTTkpcv2dvMGdW3wyq_oyMTqY81kQsVwQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 15 Oct 2021 18:49:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-k7iMo2JE2oTTkpcv2dvMGdW3wyq_oyMTqY81kQsVwQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 994B 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1632140073887346678&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 994B 		42 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1632140073887346678&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
etag
"af5a8b34ac1d71:0"
last-modified
Thu, 14 Oct 2021 22:27:41 GMT
x-msedge-ref
Ref A: 6D352DB25078497794B3364B574B869E Ref B: PRG01EDGE1015 Ref C: 2021-10-15T18:49:33Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 994B
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1632140073887346678
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6SDSXSZD6VWNBNFQFEAG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1632140073887346678&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 994B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 994B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=7372097554783087026&dongle=d407
pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 3588
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMNFzk48ZWhtlfLY8-5FQG0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMNFzk48ZWhtlfLY8-5FQG0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 15 Oct 2021 18:49:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMNFzk48ZWhtlfLY8-5FQG0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3588
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VHRYBJMWAD8TX29EWWNX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BDW5FM5S7B92E8MR4RRN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3588 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3588
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YWnNPSdLuJu2qfwAnhk2VgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByUIcXimrN9DIegoG4ANrc&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByUIcXimrN9DIegoG4ANrc&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 18:49:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEByUIcXimrN9DIegoG4ANrc&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 3588 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
getuid
secure.adnxs.com/ Frame 3588 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
113
match.deepintent.com/usersync/ Frame 3588 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame 3588
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bcaa0e28-a8de-4bfd-8db0-d1b5c111f261
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bcaa0e28-a8de-4bfd-8db0-d1b5c111f261
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 18:49:33 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bcaa0e28-a8de-4bfd-8db0-d1b5c111f261
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3588 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YWnNPSdLuJu2qfwAnhk2VgAA%261140
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1770
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 19:19:03 GMT
match
c1.adform.net/serving/cookie/ Frame BF2C 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7021705007965580880; expires=Tue, 14 Dec 2021 18:49:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame A5B8
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5531915616025366357
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5531915616025366357
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5531915616025366357
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; chkChromeAb67Sec=1; DPSync3=1635465600%3A201_197_219%7C1634342400%3A174; SyncRTB3=1635465600%3A13_71_22_81_231_54_56_8_234_88_7_230_220_176_21_204_189_3_55_99_161_166_165_222%7C1636848000%3A203%7C1634860800%3A2_223_15%7C1635120000%3A63%7C1635552000%3A35; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; KRTBCOOKIE_153=19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr; KRTBCOOKIE_57=22776-6234528353970784364; KRTBCOOKIE_80=22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY; KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; SPugT=1634323772; KRTBCOOKIE_466=16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059; PugT=1634323772
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5531915616025366357; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:33 GMT; path=/ PugT=1634323773; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:33 GMT; path=/
x-lat
lhrpug012:0:492
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5531915616025366357
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame CB44 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 15 Oct 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
588527
Pug
simage2.pubmatic.com/AdServer/ Frame 699B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7019367156123433112
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7019367156123433112
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7019367156123433112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; chkChromeAb67Sec=1; DPSync3=1635465600%3A201_197_219%7C1634342400%3A174; SyncRTB3=1635465600%3A13_71_22_81_231_54_56_8_234_88_7_230_220_176_21_204_189_3_55_99_161_166_165_222%7C1636848000%3A203%7C1634860800%3A2_223_15%7C1635120000%3A63%7C1635552000%3A35; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; KRTBCOOKIE_153=19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr; KRTBCOOKIE_57=22776-6234528353970784364; KRTBCOOKIE_80=22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY; KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; SPugT=1634323772; KRTBCOOKIE_466=16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059; KRTBCOOKIE_22=14911-7372097554783087026; KRTBCOOKIE_336=5844-5531915616025366357; KRTBCOOKIE_188=3189-d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553; KRTBCOOKIE_594=17107-RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003; KRTBCOOKIE_699=22727-AABKh07C05oAABSROjN1Yw; PugT=1634323773
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7019367156123433112; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:32 GMT; path=/ PugT=1634323772; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:32 GMT; path=/
x-lat
amspug009:0:625
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 15 Oct 2021 18:49:33 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7019367156123433112; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7019367156123433112
Pug
image2.pubmatic.com/AdServer/ Frame 804C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCS2hrN0MwNW9BQUJTUk9qTjFZdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC-bE7C05oAADEldtNxzg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC-bE7C05oAADEldtNxzg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABKh07C05oAABSROjN1Yw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=255172983778019631
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; chkChromeAb67Sec=1; DPSync3=1635465600%3A201_197_219%7C1634342400%3A174; SyncRTB3=1635465600%3A13_71_22_81_231_54_56_8_234_88_7_230_220_176_21_204_189_3_55_99_161_166_165_222%7C1636848000%3A203%7C1634860800%3A2_223_15%7C1635120000%3A63%7C1635552000%3A35; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; KRTBCOOKIE_153=19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr; KRTBCOOKIE_57=22776-6234528353970784364; KRTBCOOKIE_80=22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY; KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; SPugT=1634323772; KRTBCOOKIE_466=16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059; KRTBCOOKIE_22=14911-7372097554783087026; KRTBCOOKIE_336=5844-5531915616025366357; KRTBCOOKIE_188=3189-d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553; KRTBCOOKIE_594=17107-RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003; KRTBCOOKIE_699=22727-AABKh07C05oAABSROjN1Yw; KRTBCOOKIE_1101=23040-7019367156123433112; PugT=1634323772
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:34 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AABKh07C05oAABSROjN1Yw; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:34 GMT; path=/ PugT=1634323774; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:34 GMT; path=/
x-lat
lhrpug003:0:692
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 15 Oct 2021 18:49:34 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABKh07C05oAABSROjN1Yw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame CB9B
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; chkChromeAb67Sec=1; DPSync3=1635465600%3A201_197_219%7C1634342400%3A174; SyncRTB3=1635465600%3A13_71_22_81_231_54_56_8_234_88_7_230_220_176_21_204_189_3_55_99_161_166_165_222%7C1636848000%3A203%7C1634860800%3A2_223_15%7C1635120000%3A63%7C1635552000%3A35; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; PugT=1634323771
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html; charset=utf-8
x-lat
amspug003:2:721
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=b3a74344-9e35-466f-b8cf-c0dbdd986a75; path=/; domain=csync.loopme.me; Expires=Mon, 15-Nov-2021 18:49:33 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 15 Oct 2021 18:49:33 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame C42D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3628734973
  • https://sync.1rx.io/usersync/tradedesk/e56c97bb-27cc-40e8-a10a-5cbb9d22bad1
  • https://sync.targeting.unrulymedia.com/csync/RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; chkChromeAb67Sec=1; DPSync3=1635465600%3A201_197_219%7C1634342400%3A174; SyncRTB3=1635465600%3A13_71_22_81_231_54_56_8_234_88_7_230_220_176_21_204_189_3_55_99_161_166_165_222%7C1636848000%3A203%7C1634860800%3A2_223_15%7C1635120000%3A63%7C1635552000%3A35; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; KRTBCOOKIE_153=19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr; KRTBCOOKIE_57=22776-6234528353970784364; KRTBCOOKIE_80=22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY; KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; SPugT=1634323772; KRTBCOOKIE_466=16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059; KRTBCOOKIE_22=14911-7372097554783087026; KRTBCOOKIE_336=5844-5531915616025366357; PugT=1634323773
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17107-RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:32 GMT; path=/ PugT=1634323772; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:32 GMT; path=/
x-lat
amspug001:0:430
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003%22%7D; path=/; expires=Sat, 15 Oct 2022 18:49:33 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003
etag
RX1e91b432bbc14067ae35f3af13502f81003
bridge
cm.adgrx.com/ Frame F6BE 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame 8DB4
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=zPjfQq89gweOD7f9x2amXpwJ
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=zPjfQq89gweOD7f9x2amXpwJ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=zPjfQq89gweOD7f9x2amXpwJ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; chkChromeAb67Sec=1; DPSync3=1635465600%3A201_197_219%7C1634342400%3A174; SyncRTB3=1635465600%3A13_71_22_81_231_54_56_8_234_88_7_230_220_176_21_204_189_3_55_99_161_166_165_222%7C1636848000%3A203%7C1634860800%3A2_223_15%7C1635120000%3A63%7C1635552000%3A35; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; PugT=1634323771
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:33 GMT; path=/ PugT=1634323773; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:33 GMT; path=/
x-lat
lhrpug013:0:656
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 15 Oct 2021 18:49:33 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=zPjfQq89gweOD7f9x2amXpwJ; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=zPjfQq89gweOD7f9x2amXpwJ
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame CF70 		15 B
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69eb3a600d2427b4-PRG
i.match
s.tribalfusion.com/z/ Frame 6BC2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aMnoeUR3YWy7UXuTubhZcd4A9beNTF7JTKxhRmX4u
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=annseFoZdUQcR2Hp9vcwh8pgyyIsDqMeCiL3Ub7wDqk5bABYF3xr4NZb4hmWw9RNCFK8B2Jl0ZcjFNZabAsGaIax; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 18:49:33 GMT; SameSite=None; Secure; ANON_ID_old=annseFoZdUQcR2Hp9vcwh8pgyyIsDqMeCiL3Ub7wDqk5bABYF3xr4NZb4hmWw9RNCFK8B2Jl0ZcjFNZabAsGaIax; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 18:49:33 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69eb3a617b9127bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
2419
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aMnoeUR3YWy7UXuTubhZcd4A9beNTF7JTKxhRmX4u; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 18:49:33 GMT; SameSite=None; Secure; ANON_ID_old=aMnoeUR3YWy7UXuTubhZcd4A9beNTF7JTKxhRmX4u; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 18:49:33 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69eb3a60395227bc-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame ED4C
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 varnish
x-served-by
cache-hhn4057-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1634323774.505428,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 15-Oct-2022 18:49:33 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 varnish
x-served-by
cache-hhn4057-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1634323773.467822,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame C843 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 15 Oct 2021 18:49:33 GMT
server
b
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UMxc0cNRS3yomGqD_BUCrQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=21785
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 16 Oct 2021 00:52:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0dea6169-cd38-4600-8192-098030217b7a
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0dea6169-cd38-4600-8192-098030217b7a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0dea6169-cd38-4600-8192-098030217b7a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Oct 2021 18:49:32 GMT
33141
tags.bluekai.com/site/ Frame 8F5B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=cdce44c28e9341da
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=cdce44c28e9341da
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-72-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=cdce44c28e9341da
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTBDQzVDRDEtQzM1MS00QjdDLUE4OTgtNkE4M0ZDMTUwMkFE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:367
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELyZ0c9LO2Pq2onZUvTJwKY&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELyZ0c9LO2Pq2onZUvTJwKY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:598
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELyZ0c9LO2Pq2onZUvTJwKY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8F5B 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 14 Oct 2021 18:49:33 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:314
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e56c97bb-27cc-40e8-a10a-5cbb9d22bad1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6387407011618905459
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6387407011618905459
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:451
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6387407011618905459
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0dea6169-cd38-4600-8192-098030217b7a&gdpr=0&gdpr_consent=
42 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0dea6169-cd38-4600-8192-098030217b7a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:367
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:0dea6169-cd38-4600-8192-098030217b7a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Oct 2021 18:49:32 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6234528353970784364&gdpr=0&gdpr_consent=
42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6234528353970784364&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:939
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
960ff6ae-96d3-4eff-9af1-97dbd66431fc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6234528353970784364&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr
42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:518
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D5wkr8RE2uW1bu3oOPVdbisDm.IpQDo-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D5wkr8RE2uW1bu3oOPVdbisDm.IpQDo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D5wkr8RE2uW1bu3oOPVdbisDm.IpQDo-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
50CC5CD1-C351-4B7C-A898-6A83FC1502AD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8F5B 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/50CC5CD1-C351-4B7C-A898-6A83FC1502AD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d6f3e5f9-6036-4706-abc3-15942b8a3adf&expires=1&user_group=5&ssp=pubmatic&bsw_param=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:437
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 15 Oct 2021 18:49:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWnNOAAAAlAWNwA6&gdpr=0&gdpr_consent=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWnNOAAAAlAWNwA6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:518
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634323773.432112,VS0,VE0
x-served-by
cache-fra19127-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWnNOAAAAlAWNwA6&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 8F5B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.204 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-login.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:879
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7372097554783087026&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7372097554783087026&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:451
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7372097554783087026&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acc23499-cfc0-468e-a972-224396f1aa23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acc23499-cfc0-468e-a972-224396f1aa23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:377
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:acc23499-cfc0-468e-a972-224396f1aa23&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F5B
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6234528353970784364
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6234528353970784364
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:426
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a9eee62a-1399-462f-9e5b-8cc742ef7c0d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6234528353970784364
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 8F5B 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4876 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4876
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7372097554783087026
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7372097554783087026
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 18:49:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7372097554783087026
pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4876 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YWnNPSdLuJu2qfwAnhk2VgAABHQAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4876
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABKh07C05oAABSROjN1Yw&expiration=1635533373&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABKh07C05oAABSROjN1Yw&expiration=1635533373&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 18:49:33 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABKh07C05oAABSROjN1Yw&expiration=1635533373&gdpr=1
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
casale
match.adsrvr.org/track/cmf/ Frame 4876 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame 4876 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
rum
dsum.casalemedia.com/ Frame 4876
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634410173&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634410173&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 15 Oct 2021 18:49:33 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1634410173&gdpr=1
pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 4876 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1634323773.439849,VS0,VE90
x-served-by
cache-fra19127-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4876 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YWnNPSdLuJu2qfwAnhk2VgAA%261140
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.bleepingcomputer.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:33 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1770
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 19:19:03 GMT
pixel
cm.g.doubleclick.net/ Frame 4E35
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjcwMmFjYjkyZjljOGExY2Y5Y2M3NzE3NGI1YTI4ODAzMGUyYzI0YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjcwMmFjYjkyZjljOGExY2Y5Y2M3NzE3NGI1YTI4ODAzMGUyYzI0YQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjcwMmFjYjkyZjljOGExY2Y5Y2M3NzE3NGI1YTI4ODAzMGUyYzI0YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 4E35 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 4E35
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUSQ69HJ-U-853L&sigv=1&esig=2~8c554419ce76b1992b7fa80744177d29bacee2ca
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUSQ69HJ-U-853L&sigv=1&esig=2~8c554419ce76b1992b7fa80744177d29bacee2ca
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUSQ69HJ-U-853L&sigv=1&esig=2~8c554419ce76b1992b7fa80744177d29bacee2ca
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4E35
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/x5Wi1VNtV7fCZttLCh-BLg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3858969390269344995
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3858969390269344995
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Fri, 15 Oct 2021 18:49:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3858969390269344995
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4E35
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWnNOAAAAlAWNwA6
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWnNOAAAAlAWNwA6
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1634323774.508014,VS0,VE0
x-served-by
cache-fra19127-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWnNOAAAAlAWNwA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 4E35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 4E35
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUTY5SEotVS04NTNM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUTY5SEotVS04NTNM
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUTY5SEotVS04NTNM
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4E35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGxbtZ73zh2oGXjG1zITeRQ&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGxbtZ73zh2oGXjG1zITeRQ&google_cver=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGxbtZ73zh2oGXjG1zITeRQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcm_WcAEAfIQDCZ/postback?ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=102734&ti=x1091408375070213860537202114560&pv=f2ccff36-e26b-4f47-8482-826b86e183ea&dt=2341751597675869250012&di=www.bleepingcomputer.com&de=2&to=3&ci=234175&sid=ANcm_WcAEAfIQDCZ&oz_sc=dc752ab3b4c3d141874ba92d&oz_df=1634323773970&oz_l=93&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 18:49:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
async_usersync
ib.adnxs.com/ Frame 631B 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:34 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
63daa61d-f462-4644-a26f-4ca2b4cae365
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A9F2 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 18:49:34 GMT
X-Proxy-Origin
216.131.114.145; 216.131.114.145; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7b72035c-c961-435b-b3a5-0efb544603a1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8F5B 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 42EC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82997230&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4b18e7085cf6dfd34dc47c217a4ea330a8ca8b30dbf4e26a6538cbed8049fc8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1586
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame EB63
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iW9Inr9v1MBsgR5&gdpr=0&gdpr_consent=
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iW9Inr9v1MBsgR5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iW9Inr9v1MBsgR5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; KRTBCOOKIE_153=19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr; KRTBCOOKIE_57=22776-6234528353970784364; KRTBCOOKIE_80=22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY; KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; KRTBCOOKIE_466=16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059; KRTBCOOKIE_22=14911-7372097554783087026; KRTBCOOKIE_336=5844-5531915616025366357; KRTBCOOKIE_188=3189-d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553; KRTBCOOKIE_594=17107-RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003; KRTBCOOKIE_699=22727-AABKh07C05oAABSROjN1Yw; KRTBCOOKIE_1101=23040-7019367156123433112; PugT=1634323774; SPugT=1634323773; chkChromeAb67Sec=2; DPSync3=1635465600%3A235_201_197_219_221_226_227%7C1634342400%3A174; SyncRTB3=1634860800%3A223_2_15%7C1635120000%3A63%7C1639440000%3A69%7C1636848000%3A203%7C1635552000%3A35%7C1635465600%3A21_55_5_220_81_230_189_22_234_56_54_8_88_7_99_57_231_204_161_233_13_3_104_176_71_165_222_166
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:34 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:iW9Inr9v1MBsgR5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:34 GMT; path=/ PugT=1634323774; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:34 GMT; path=/
x-lat
amspug019:0:449
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 15 Oct 2021 18:49:35 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:iW9Inr9v1MBsgR5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-07db4e5334900ea3f@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=iW9Inr9v1MBsgR5; Domain=.w55c.net; Expires=Tue, 15-Nov-2022 18:49:36 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 14-Nov-2021 18:49:36 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
match_redirect
um.simpli.fi/ Frame 00BE
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
43 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
um.simpli.fi
:scheme
https
:path
/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
suid=24A503229D114C95A54092D5C5EE27B1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 15 Oct 2021 18:49:36 GMT
content-type
image/gif
content-length
43
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

Server
nginx
Date
Fri, 15 Oct 2021 18:49:36 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
rx_sspurl_10738=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Dc089768c-9872-4e76-aab1-85f9af1545bf; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Fri, 15 Oct 2021 18:59:36 GMT rx_uuid=c089768c-9872-4e76-aab1-85f9af1545bf; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Sat, 30 Oct 2021 18:49:36 GMT rx_maxage_10738=1635619776; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Sat, 30 Oct 2021 18:49:36 GMT rx_sspid_10738=6; domain=.bnmla.com; path=/; SameSite=none; Secure; Expires=Fri, 15 Oct 2021 18:59:36 GMT
Location
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Pug
simage2.pubmatic.com/AdServer/ Frame B456
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:24A503229D114C95A54092D5C5EE27B1
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:24A503229D114C95A54092D5C5EE27B1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:24A503229D114C95A54092D5C5EE27B1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; KRTBCOOKIE_153=19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr; KRTBCOOKIE_57=22776-6234528353970784364; KRTBCOOKIE_80=22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY; KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; KRTBCOOKIE_466=16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059; KRTBCOOKIE_22=14911-7372097554783087026; KRTBCOOKIE_336=5844-5531915616025366357; KRTBCOOKIE_188=3189-d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553; KRTBCOOKIE_594=17107-RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003; KRTBCOOKIE_699=22727-AABKh07C05oAABSROjN1Yw; KRTBCOOKIE_1101=23040-7019367156123433112; PugT=1634323774; SPugT=1634323773; chkChromeAb67Sec=2; DPSync3=1635465600%3A235_201_197_219_221_226_227%7C1634342400%3A174; SyncRTB3=1634860800%3A223_2_15%7C1635120000%3A63%7C1639440000%3A69%7C1636848000%3A203%7C1635552000%3A35%7C1635465600%3A21_55_5_220_81_230_189_22_234_56_54_8_88_7_99_57_231_204_161_233_13_3_104_176_71_165_222_166
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:35 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:35 GMT; path=/
x-lat
amspug008:0:522
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 15 Oct 2021 18:49:36 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:24A503229D114C95A54092D5C5EE27B1
expires
Thu, 14 Oct 2021 18:49:36 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 5A9F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kBS3QpnVTE5vDFGynrH4BNiDcpE
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kBS3QpnVTE5vDFGynrH4BNiDcpE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kBS3QpnVTE5vDFGynrH4BNiDcpE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=50CC5CD1-C351-4B7C-A898-6A83FC1502AD; KRTBCOOKIE_27=16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a; PUBMDCID=3; KRTBCOOKIE_377=6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1; KRTBCOOKIE_391=22924-6387407011618905459&KRTB&23263-6387407011618905459; KRTBCOOKIE_218=22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6; KRTBCOOKIE_153=19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr; KRTBCOOKIE_57=22776-6234528353970784364; KRTBCOOKIE_80=22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY; KRTBCOOKIE_409=22966-zPjfQq89gweOD7f9x2amXpwJ; KRTBCOOKIE_466=16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059; KRTBCOOKIE_22=14911-7372097554783087026; KRTBCOOKIE_336=5844-5531915616025366357; KRTBCOOKIE_188=3189-d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553; KRTBCOOKIE_594=17107-RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003; KRTBCOOKIE_699=22727-AABKh07C05oAABSROjN1Yw; KRTBCOOKIE_1101=23040-7019367156123433112; PugT=1634323774; SPugT=1634323773; chkChromeAb67Sec=2; DPSync3=1635465600%3A235_201_197_219_221_226_227%7C1634342400%3A174; SyncRTB3=1634860800%3A223_2_15%7C1635120000%3A63%7C1639440000%3A69%7C1636848000%3A203%7C1635552000%3A35%7C1635465600%3A21_55_5_220_81_230_189_22_234_56_54_8_88_7_99_57_231_204_161_233_13_3_104_176_71_165_222_166; KRTBCOOKIE_107=1471-uid:iW9Inr9v1MBsgR5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 15 Oct 2021 18:49:35 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-kBS3QpnVTE5vDFGynrH4BNiDcpE; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:35 GMT; path=/ PugT=1634323775; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 14-Nov-2021 18:49:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 13-Jan-2022 18:49:35 GMT; path=/
x-lat
amspug001:0:377
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 15 Oct 2021 18:49:36 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kBS3QpnVTE5vDFGynrH4BNiDcpE
Set-Cookie
sa-user-id=s%3A0-9014b742-99d5-4c4e-6f0c-51b29eb1f804.IifcGlh6ju7PeUIxTnTAhknk91ojoucS6m4dn%2FlpcOg; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-9014b742-99d5-4c4e-6f0c-51b29eb1f804%24ip%24216.131.114.145.z2PUFA6QafYe834CsxqW2E7ySUwaguQSBq3Q7KOemBA; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 42EC
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&addseg=10,33,39
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&addseg=10,33,39
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:36 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 15 Oct 2021 18:49:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 42EC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 18:49:33 GMT
frontend-id
3
location
/pubmatic/1/info2?sType=sync&sExtCookieId=50CC5CD1-C351-4B7C-A898-6A83FC1502AD&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 42EC 		95 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
69eb3a72d897412b-PRG
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 42EC
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=50CC5CD1-C351-4B7C-A898-6A83FC1502AD
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 18:49:36 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Oct 2021 18:49:36 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 42EC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a522179f-2de8-11ec-a460-1fd3399e748d&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a522179f-2de8-11ec-a460-1fd3399e748d&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:35 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:545
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a522179f-2de8-11ec-a460-1fd3399e748d&gdpr=0&gdpr_consent=
Date
Fri, 15 Oct 2021 18:49:36 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
a52217a0-2de8-11ec-a460-1fd3399e748d
SPug
simage4.pubmatic.com/AdServer/ Frame 42EC 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:49:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
c
c.pub.network/ 		36 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.22.3.2b8cf4d0f13e11a0c22a7f770a6ed783c403b6bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
d1379c4b46f5a2a670099f7bd145b4c9d2395ac4954a442b280a0ca2f062907c

Request headers

Referer
https://www.bleepingcomputer.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Oct 2021 18:49:56 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
36

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
capi.connatix.com
URL
https://capi.connatix.com/tr/ps?v=133322

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| onbeforexrselect boolean| originAgentCluster boolean| isRTL string| rtlIe string| rtlFull number| jsDebug number| DISABLE_AJAX boolean| inACP object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $ function| $$ function| Sizzle function| Selector number| USE_RTE object| Debug function| isBody function| isHtml function| isDocument function| isDetached object| Loader object| callback function| _global function| _menu function| warningPopup function| IPBoard function| getQueryStringParamByName function| _popup function| _ticker object| ipb object| Scriptaculous object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Builder function| _quickpm function| _sharelinks function| _topic function| _like object| freestar object| apd_options function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| __tcfapi function| __uspapi boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| gaplugins object| gaGlobal object| gaData function| cnxps number| pid object| _qevents function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| regeneratorRuntime function| __tcfapiui object| fiUtils object| $customVisiblity object| $waitOn object| cnx_usr_storage object| gapi object| ___jsl boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrint object| PR function| Lightbox string| _to string| _last function| gbl_addDownloadButton object| LightboxOptions function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| FB object| scCGSHMRCache number| totalW object| fsdata object| _comscore object| fsprebid object| __cfBeacon object| skip object| cookies undefined| _thislightbox string| id number| quoted string| attribute object| ipsLightbox object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| udm_ object| ns_p object| COMSCORE function| load_script object| googletag function| Tapad object| ggeac object| google_js_reporting_queue function| fsprebidChunk object| _pbjsGlobals object| mnet object| player_instance_b97f8142af674f8f964fe4cb3777e81a object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| apstag number| google_global_correlator function| cnxProxyTask boolean| ozoki_sv object| $$$ boolean| apstagLOADED object| hiNOcy2 function| hiNOcy3 object| xop object| audSegDataResp string| kruxScriptId string| kruxIdScriptId string| kruxDataId string| kruxWhitelistSegments object| kruxScript function| checkMatchingSegments function| generateUUID function| getUserId function| getPageId function| getPageLog function| calculateDocumentType function| calculateReferer function| clientWindowHeight function| clientWindowWidth function| getBrowserSize function| firePageLog function| fireDataCall function| Krux function| ic_krux_getuserid string| IC_FS_PAGE_ID string| IC_FS_PAGE_REFERER boolean| creativeVendorLibraryLoaded undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| $jscomp function| getVPAIDAd object| cnxtimeouts object| cnxintervals function| oldSetTimeout function| oldSetInterval function| clearAll string| saved_tc string| saved_sc object| l1ClGa2 function| l1ClGa3 function| xblocker object| Hr90sM function| Hr90sr object| xblacklist string| ________ok function| cnxAddEventListener

143 Cookies

Domain/Path Name / Value
www.bleepingcomputer.com/forums/t/746914/viruses-preventing-my-windows-to-update Name: ntvSession
Value: {}
.3lift.com/sync Name: sync
Value: CgoIgQIQ6e6mqsgvCgoI4gEQ6e6mqsgvCgoI5gEQ6e6mqsgvCgoIhwIQ6e6mqsgvCgkICRDp7qaqyC8KCQg6EOnupqrILwoJCAsQ6e6mqsgvCgoIjAIQ6e6mqsgvCgoIzgEQ6e6mqsgvCgkIXxDp7qaqyC8=
.bleepingcomputer.com/ Name: session_id
Value: ea76e36f320a22b3920421a09f9007aa
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.735264623.1634323766
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.1832010490.1634323766
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
www.bleepingcomputer.com/ Name: fsbotchecked
Value: true
.google.com/ Name: NID
Value: 511=HRVv_tWEA_79Heu49tbDW_dUUnn1MWblJfrFUbtd6pExm2BB6f7XlclW6XzsEQLpCCmOC5wsSRfWrS-0naVSasXFZNQm2Pe3rjTG1c4mBr88f7y1a6IyP9_JpQXSOWQVAUBwyIxhTP_ZLZO2BT0VH0SG3Y6KEn7ZB1j3JjNW1Ss
.scorecardresearch.com/ Name: UID
Value: 1FO7LGKDE7NYYPTGUK4IWPg1634323766
www.bleepingcomputer.com/ Name: _fssid
Value: 95d64915-15c6-43df-a7e0-03638757adf1
.springserve.com/ Name: ssid
Value: 1bf406ff-54dc-421c-988e-521638129ece
.springserve.com/ Name: sst
Value: 1634323766837
www.bleepingcomputer.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bleepingcomputer.com/ Name: _pubcid
Value: 848e39b2-184b-4549-83c5-b1b4374e29cd
www.bleepingcomputer.com/ Name: cto_bidid
Value: zO4sfF95YUg3ak5mZXljenIxak5Va2t2N2NoJTJGTUtaaklhV0tKSGFGVDFUeU1zNlo4aVgybEtjbVlpSjJ3Ykpzc3VKY2tocEZGbXJiYnVBcDJDSWc5dXhEeko0UFpXMm1KUW9EdDFtQUFvSnlDcVdvJTNE
www.bleepingcomputer.com/ Name: cto_bundle
Value: hy3Ahl9jYVZqV1VUVXJEUUYyMjRxcHA2OCUyRmFnamRPTWRJOWdXR3Z4ZXVEbmpGUSUyQkJuY3VvQTJLZkNxQ2tpZGNXS0tRSWxWUHJrUG1UaEtsS3Z1VlhReHp5b1VOV2h6bkJxZ3UwajJ5RHh2NFpoWHo1TkVkb0hQU2FEQVYybmZmc29FSGk
.openx.net/ Name: i
Value: 848e39b2-184b-4549-83c5-b1b4374e29cd|1634323766
www.bleepingcomputer.com/ Name: ntv_as_us_privacy
Value: 1---
.investingchannel.com/ Name: ic_uid
Value: 37531b3b-9c02-4856-ad2f-4bf6b4a7ae13
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwywYaQOmrhRaqUZrmDgY/CTx+qs1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+vEKleU6LjTam3MjDFVf/xlH9h
.adnxs.com/ Name: icu
Value: ChgIheVeEAoYASABKAEwt5qniwY4AUABSAEQt5qniwYYAA..
.adnxs.com/ Name: uuid2
Value: 6234528353970784364
.rubiconproject.com/ Name: khaos
Value: KUSQ69HJ-U-853L
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqgf7wwkQ8M4cxx6KQqSFWyggSWtAimAVyuE9XIIERwXMmOZNlrfnQZ8Wf+CDJvEd7vQn6gbej9EcxuhZpbWKLt+/AMC2wiya8=
.postrelease.com/ Name: opt_out
Value: 1
.krxd.net/ Name: _kuid_
Value: ObEASYFw
.pub.network/ Name: _fsuid
Value: e8fdcdd7-6188-448f-a845-4f6e170016b7
.rlcdn.com/ Name: rlas3
Value: gUp4Glp0NaYVN2KCFd3UpLzaAdeKXRcu0dW+oAnPGdA=
.rlcdn.com/ Name: pxrc
Value: CAA=
.eyeota.net/ Name: mako_uid
Value: 17c8549a3c4-64b40000010f4a0c
.eyeota.net/ Name: SERVERID
Value: 18956~DM
.doubleclick.net/ Name: IDE
Value: AHWqTUl5XrBWgPtxZEGe1dCF0VoxeyxjTs5OFQ7NCbqWx6ILII3zl8bdrE3a0I69Eps
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 50CC5CD1-C351-4B7C-A898-6A83FC1502AD
.turn.com/ Name: uid
Value: 7372097554783087026
.mathtag.com/ Name: uuid
Value: 0dea6169-cd38-4600-8192-098030217b7a
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YWnNOAAAAlAWNwA6
.adsrvr.org/ Name: TDID
Value: e56c97bb-27cc-40e8-a10a-5cbb9d22bad1
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: emoqkplyoe5iml1lqjpebv4f
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: 2kejkypbvhokt1hl04qdnvkp
.ib.mookie1.com/ Name: ibkukiuno
Value: s=3e7ffff3-8a75-4a70-aeec-0cd04c3ee2bf&h=&v=9401031765&l=-8585672831157028848&op=&hl=0&vlu=3&tcs=1&dcc=-8585672831157028848
.ib.mookie1.com/ Name: ibkukinet
Value: 3632493201=-8585672831157028848
www.bleepingcomputer.com/ Name: _lr_retry_request
Value: true
www.bleepingcomputer.com/ Name: _lr_env_src_ats
Value: false
.openx.net/ Name: pd
Value: v2|1634323773|mOgeginskin0vNomiygu
.3lift.com/ Name: tluid
Value: 1632140073887346678
.bidswitch.net/ Name: tuuid
Value: 15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
.bidswitch.net/ Name: c
Value: 1634323773
.bidswitch.net/ Name: tuuid_lu
Value: 1634323773
.casalemedia.com/ Name: CMID
Value: YWnNPSdLuJu2qfwAnhk2VgAA
.casalemedia.com/ Name: CMPS
Value: 3181
.media.net/ Name: gdpr_status
Value: 1
.casalemedia.com/ Name: CMPRO
Value: 1140
.casalemedia.com/ Name: CMST
Value: YWnNPWFpzT0A
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 63097d81ee1c33b00fd3bf304fdaf388
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDM2sDRPsTBMTTVMNjZOMjBISzFOSjM2MElLSUwztrBgAILEzLO2IBoKAFbvCuE%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIzDxrC6SgAAAW8AHV"
.quantserve.com/ Name: mc
Value: 6169cd3d-589af-b4b63-07a66
.tapad.com/ Name: TapAd_TS
Value: 1634323773361
.tapad.com/ Name: TapAd_DID
Value: a3855f32-7d53-4ba7-97f1-1bba72bf2779
.bleepingcomputer.com/ Name: panoramaId_expiry
Value: 1634928573330
.bleepingcomputer.com/ Name: _cc_id
Value: 63097d81ee1c33b00fd3bf304fdaf388
.bleepingcomputer.com/ Name: panoramaId
Value: 11452380e1e210db2430f76856e84945a702c664507229316ff76857ed975e34
.w55c.net/ Name: wfivefivec
Value: iW9Inr9v1MBsgR5
eus.rubiconproject.com/ Name: pux
Value: 2249%3D103338%262307%3D103338%262974%3D103338%263778%3D103338%262249-DV360-Hosted%3D103338%26brx%3D103338%26idl%3D103338%26goog%3D103338%26
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchopenx
Value: 5
.quantserve.com/ Name: d
Value: EMMBEQG-JPijCJiTAA
.adform.net/ Name: uid
Value: 2312625173357055989
.bing.com/ Name: MUID
Value: 090CE999FF156CBC16D3F948FE576D4A
.nrich.ai/ Name: _nauid
Value: d6f3e5f9-6036-4706-abc3-15942b8a3adf
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~20z6
.yahoo.com/ Name: A3
Value: d=AQABBD3NaWECEHOhrYR5YRMQOwhhxTtN_EQFEgEBAQEea2FzYQAAAAAA_eMAAA&S=AQAAAp7S1rRCIJkL1X8-vz3Plrw
.taboola.com/ Name: t_gid
Value: 94ec7357-a388-451a-a50c-ccd7a6a98626-tuct86352bd
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&16736-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23019-uid:0dea6169-cd38-4600-8192-098030217b7a&KRTB&23114-uid:0dea6169-cd38-4600-8192-098030217b7a
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&22918-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1&KRTB&23031-e56c97bb-27cc-40e8-a10a-5cbb9d22bad1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6387407011618905459&KRTB&23263-6387407011618905459
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YWnNOAAAAlAWNwA6&KRTB&23194-YWnNOAAAAlAWNwA6&KRTB&23209-YWnNOAAAAlAWNwA6&KRTB&23244-YWnNOAAAAlAWNwA6
.erne.co/ Name: u
Value: zPjfQq89gweOD7f9x2amXpwJ
.onaudience.com/ Name: cookie
Value: 0c4f7301f51e1ba6
.onaudience.com/ Name: done_redirects109
Value: 1
.simpli.fi/ Name: suid
Value: 24A503229D114C95A54092D5C5EE27B1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr&KRTB&22979-PjD79Gtl_qklNPX0aWfgrzxj-_4lMfqsPje-d3pr
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6234528353970784364
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&16514-CAESELyZ0c9LO2Pq2onZUvTJwKY&KRTB&23025-CAESELyZ0c9LO2Pq2onZUvTJwKY
.de17a.com/ Name: guid2
Value: 1.5531915616025366357
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-zPjfQq89gweOD7f9x2amXpwJ
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-15bc5362-0bc6-4da5-8eb1-4b1f4d0f3059
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjsyZD60YWIOhAFGAEgASgCMgsIuu_jp-iFiDoQBTgBWgthZGNvbmR1Y3RvcmAC
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003%22%7D
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.playground.xyz/ Name: connect.sid
Value: s%3AL6Y1z2g2ffNbX2iwa4UpTVkd4vai6w1V.Dfvkb8Gd0PrjcqfQKOwiS%2BUCc9H8sw0YvKJi8ijynOw
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7372097554783087026
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5531915616025366357
.adsby.bidtheatre.com/ Name: __kuid
Value: acc23499-cfc0-468e-a972-224396f1aa23.403537773
.bidr.io/ Name: bito
Value: AABKh07C05oAABSROjN1Yw
.sitescout.com/ Name: ssi
Value: d32c711d-f02e-4159-8917-12cf796b250e#1634323773559
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTYzNDMyMzc3MzU4NX0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-d32c711d-f02e-4159-8917-12cf796b250e-6169cd3d-5553
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-1e91b432-bbc1-4067-ae35-f3af13502f81-003
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABKh07C05oAABSROjN1Yw
.volvelle.tech/ Name: ouuid
Value: 81214b04-8c93-4f18-943a-e92aef2e03b1
.volvelle.tech/ Name: c
Value: 1634323773
.volvelle.tech/ Name: ouuid_lu
Value: 1634323773
.adfarm1.adition.com/ Name: UserID1
Value: 7019367156123433112
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7019367156123433112
id.sharedid.org/ Name: sharedid
Value: 01FJ2MKE6Q2E385DAVR904SSM0
www.bleepingcomputer.com/ Name: cookie
Value: %7B%22id%22%3A%2201FJ2MKE6Q2E385DAVR904SSM0%22%2C%22ts%22%3A1634323773741%7D
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2129:u=1:x=1:i=1634323773:t=1634410173:v=2:sig=AQG3vDrHJs7THLL_To3ZwHxsCjNNFHuN"
.linkedin.com/ Name: bcookie
Value: "v=2&7207b97f-4db1-426b-8633-4818367a226f"
.smartadserver.com/ Name: pid
Value: 255172983778019631
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AABKh07C05oAABSROjN1Yw
.tribalfusion.com/ Name: ANON_ID
Value: annseFoZdUQcR2Hp9vcwh8pgyyIsDqMeCiL3Ub7wDqk5bABYF3xr4NZb4hmWw9RNCFK8B2Jl0ZcjFNZabAsGaIax
.casalemedia.com/ Name: CMRUM3
Value: 826169cd3d2760AABKh07C05oAABSROjN1Yw&586169cd3d05a0&b06169cd3d05a00&2e6169cd3d05a0&276169cd3d0b40&bc6169cd3d05a00&496169cd3d05a0&056169cd3d05a0&986169cd3d2760bcaa0e28-a8de-4bfd-8db0-d1b5c111f261&e66169cd3d2760&ce6169cd3d05a0&416169cd3d05a0&046169cd3d05a0&2d6169cd3d2760CAESEByUIcXimrN9DIegoG4ANrc&f16169cd3d05a0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f381c89cf406adec
.ads.pubmatic.com/ Name: repi
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1635465600%3A235_201_197_219_221_226_227%7C1634342400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1634860800%3A223_2_15%7C1635120000%3A63%7C1639440000%3A69%7C1636848000%3A203%7C1635552000%3A35%7C1635465600%3A21_55_5_220_81_230_189_22_234_56_54_8_88_7_99_57_231_204_161_233_13_3_104_176_71_165_222_166
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:iW9Inr9v1MBsgR5
.fiftyt.com/ Name: fifid
Value: 24ad9cd4-de16-4907-58cc-40beb92c253d
.fiftyt.com/ Name: cs
Value: MTYzNDMyMzc3NnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJltsNN3Uz8h1e1ReMzzhpDtQ9WjnUR3sSZ5jc-sct_i
.semasio.net/ Name: SEUNCY
Value: 1327FCD515ECB6BB
.fiftyt.com/ Name: fppm
Value: 20211015184936
.zeotap.com/ Name: zc
Value: f6ed9496-9e1a-4902-7795-7999cb5fdd87
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Dc089768c-9872-4e76-aab1-85f9af1545bf
.bnmla.com/ Name: rx_uuid
Value: c089768c-9872-4e76-aab1-85f9af1545bf
.bnmla.com/ Name: rx_maxage_10738
Value: 1635619776
.bnmla.com/ Name: rx_sspid_10738
Value: 6
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9014b742-99d5-4c4e-6f0c-51b29eb1f804.IifcGlh6ju7PeUIxTnTAhknk91ojoucS6m4dn%2FlpcOg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-9014b742-99d5-4c4e-6f0c-51b29eb1f804%24ip%24216.131.114.145.z2PUFA6QafYe834CsxqW2E7ySUwaguQSBq3Q7KOemBA
.ipredictive.com/ Name: cu
Value: a522179f-2de8-11ec-a460-1fd3399e748d|1634323776778
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-kBS3QpnVTE5vDFGynrH4BNiDcpE
.pubmatic.com/ Name: PugT
Value: 1634323775
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-a522179f-2de8-11ec-a460-1fd3399e748d&KRTB&23011-a522179f-2de8-11ec-a460-1fd3399e748d
.audrte.com/ Name: arcki2
Value: f7fc1TIMwtNTVqvmYwf-R2FyQ!20210804!1634323776861
.pubmatic.com/ Name: SPugT
Value: 1634323777

11 Console Messages

Source Level URL
Text
network error URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=false&size=small&hl=en-GB&origin=https%3A%2F%2Fwww.bleepingcomputer.com&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fforums%2Ft%2F746914%2Fviruses-preventing-my-windows-to-update%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.yUoUa-d8e1E.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMxrycmnC1khz2ORddaX90UOzgNPA%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1634323766416&_gfid=I0_1634323766416&parent=https%3A%2F%2Fwww.bleepingcomputer.com&pfname=&rpctoken=50422707
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://cd.connatix.com/connatix.playspace.js(Line 15)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://vpaid.springserve.com/production/vpaid_68c68ea6.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cd.connatix.com/connatix.playspace.js(Line 15)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://vpaid.springserve.com/production/vpaid_68c68ea6.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-4095404235742952701
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.pub.network
a.tribalfusion.com
a.volvelle.tech
accounts.google.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
api.btloader.com
api.rlcdn.com
apis.google.com
aud.pubmatic.com
audit-tcfv2.quantcast.mgr.consensu.org
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.districtm.io
cdn.firstimpression.io
cdn.krxd.net
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
contextual.media.net
csync.loopme.me
d.pub.network
d.turn.com
d5p.de17a.com
dggaenaawxe8z.cloudfront.net
dis.criteo.com
dmx.districtm.io
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
freestar-d.openx.net
freestar-io.videoplayerhub.com
global.ib-ibi.com
green.erne.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ib.mookie1.com
id.crwdcntrl.net
id.rlcdn.com
id.sharedid.org
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
jadserve.postrelease.com
js-sec.indexww.com
ls.skimresources.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
p.skimresources.com
pghub.io
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
quantcast.mgr.consensu.org
r.skimresources.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.ntv.io
s.skimresources.com
s.srvsynd.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssl.gstatic.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.skimresources.com
tagan.adlightning.com
tags.bluekai.com
test.quantcast.mgr.consensu.org
tlx.3lift.com
token.rubiconproject.com
trc.taboola.com
uat5-b.investingchannel.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vid.connatix.com
vid.springserve.com
visitor.fiftyt.com
vpaid.springserve.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
capi.connatix.com
104.109.78.125
104.16.68.69
104.16.94.65
104.18.13.5
104.20.59.209
104.21.192.119
104.26.1.139
104.26.11.209
104.26.13.6
104.26.3.70
104.92.72.137
107.178.240.89
108.128.170.1
108.174.11.69
13.225.87.110
13.225.87.54
13.227.211.228
13.227.220.124
13.227.220.35
13.227.220.37
13.227.220.71
13.248.245.213
130.211.23.194
142.250.181.226
142.250.184.198
142.250.184.227
142.250.184.230
142.250.185.142
142.250.185.162
142.250.185.196
142.250.185.200
142.250.185.206
142.250.185.98
142.250.186.106
142.250.186.77
143.204.98.113
151.101.1.108
151.101.129.44
151.101.130.137
151.101.194.133
151.101.66.133
151.101.66.137
151.101.66.49
151.139.128.11
157.240.236.1
157.240.236.35
159.65.197.210
162.55.6.212
169.50.137.190
172.67.13.182
172.67.70.134
173.231.180.197
178.250.0.163
178.250.2.146
18.116.108.37
18.192.135.64
18.195.106.43
18.66.241.177
184.31.84.150
185.29.132.241
185.33.220.242
185.33.221.89
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.229
185.64.190.78
185.64.190.80
185.86.137.110
198.148.27.139
2.18.233.180
2.18.234.21
2.21.140.74
2.21.141.232
2.21.142.108
2.21.142.172
204.79.197.200
208.100.17.174
212.82.100.176
213.155.156.182
213.19.147.45
213.19.162.51
3.122.214.165
3.124.143.99
3.126.56.137
3.216.128.157
3.228.133.61
3.65.202.227
34.107.148.139
34.120.117.212
34.120.133.55
34.149.20.76
34.192.120.237
34.194.30.250
34.200.155.146
34.210.245.148
34.253.109.165
34.254.122.11
34.98.107.212
34.98.64.218
35.157.246.167
35.190.59.101
35.190.91.160
35.201.67.47
35.201.71.192
35.201.96.126
35.210.178.101
35.227.248.159
35.241.45.217
35.244.174.68
37.157.6.246
38.27.122.101
38.91.45.7
46.228.164.11
46.228.164.13
51.210.112.63
51.255.68.171
52.16.151.94
52.21.104.248
52.212.133.238
52.222.139.100
52.222.139.23
52.222.139.5
52.29.20.215
52.45.128.104
52.46.133.124
52.57.27.215
54.194.126.20
54.228.109.135
64.202.112.127
64.58.232.179
64.58.232.180
66.155.71.149
69.173.144.138
69.173.144.139
76.223.111.131
77.243.60.138
85.114.159.93
87.248.118.23
87.98.128.108
89.207.16.204
91.228.74.189
006c4e2172c874acf41a928edd63b1432fd8c945b01c03da3c232aa6e8c5afc7
034d16a0dc93e2baa5dd6ffcd09c0249a0eeab5d4ef0b8e0a37f2d22de774954
051687d20eaf4e52aaf60c40ba5e50ea84f55640c5144b800a0ed7fa6e751bd3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e2a136c594c939d55752e9abb70e6cc550b10bc3bc350c0d46d23d5947c20d1
0f19e06c2db26fc72935e540fc02c48f134dbd95204fab03e8851d39d9563fd6
0f1e90548e911e24dedcb2ca0ffee6847a49a8648e9c615bcd0582bb7c7993fd
0f39834f6bd6f36f1a3c67dfd46bc4703cc68d8b51ed762d59adba905c8ad68c
0fc02b61c99a7b73c0d4ed37857e97758a986493f0dfa316cda48b0da3b37719
12273900e60aada0e4b4bc17024ecb9872158043ab38974dbf66db30e255f06f
14dc0fc383625ebfd797d817dcb17aff17991af650cc3b58b79d9ae58b1a2fa8
14dcce7abfc690cecd57a737a8af6fd712c2b7fec668b772d9f014f6ded77ef8
15c14e79b1c1511958b6f4ae763fb0fba3defd770dc80f0d6455247045b9a15f
16e3d4a2f57bdab0a99bb1a37174cf7563f6e7d28f18d217eafc33541119cb73
186015076670df21e3027cebaeb2e99b131e0c733e1a146aec337942ec6571f8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
210e4a53f32910b2eab4819b5f11e2787e677903df324b9ebb5c5a38b71410cf
224708afd495a393b2662270693c1187ccb94b3ce68a7c009f8aa9a83c26ea71
28d4e8c1043164607dcdeb358e2a08c9565fe286ceeeabea79e67f8c680187e7
2a10fb2699752353ba3f55bdb022589d690843ebbbf9f3b80789f2a57010475e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecc45ef1d382035c1367ab078ad6f52bae305feaa6dc5ac2c17908d8f7e2a55
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
386f87a6e6fcb89c6b046f988d18def949d1cc1f6a9fa4177858aa11da7a5bda
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3c829d19d84a035f426b63736c8f20868c3c4bc7b982caea4d86fbdaadb0246c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3b8f6c06d2d74cc294ee6439e67b08890587be0081249a158469ace2eaeaaf
3e6274abac1820c8bd99f826cf35a60aeaa56b962500486acc5665f98005031e
3e89beb7d66ef7d5e58dfcefd22a51e1a8ae452a49bc20d020418cf2b6c666d0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fef19e536824cf94f0a91aa3c591c5cce3a2324b0cb39b2a848ec4ea8ff642c
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42f89ba873ca2e47821646e061f2d5a5bb8b89691a8a97da39709fd2eb581a22
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259
453d30f69cc2a6f3013254a0faed039d49cf9c5b004d5482fb5365e99702c149
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49bf438349cbba11f359c77a0d1c179c8be4804a283cd594bc450b6ec9d5b0fd
4a4472c15c6611e176acb4048ad892d19066e130fcdd08de8249e2c94276a6a7
4b18e7085cf6dfd34dc47c217a4ea330a8ca8b30dbf4e26a6538cbed8049fc8f
4b273a2d32444b9dc54a6e915c7813e7d87fd4168c54a9459f5ac506b9b624b4
4b9f912b0e7a50c12745f52ec2848dce5b779369999c6d35e6c297c713ce53d3
4d52a81aa5d8db6b26c4b4d76f87c229039cd1fb1e1cb065bdf844101af86cd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e34fa6a1a19be39baaf436be211702c45cf59ecba0c0b23878e0c1b6eca85b8
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5028e223096a25034d4d95863f89374a4b205e86354c5e4461e00272e7fab4d9
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af
51f20d95dad9ea1473e4f877b5f7a7d8bcd589f1f989b8875ffddd83ae716a21
5268ac15e7bd3c204ac9475d6a17721a3e3a63b024f1a4fa163efaaa993b7453
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55aff126b4d328eedb9509855a55db2cd98a08e669f96a054269e9a3ce78a972
55db306ed58240de3bd97054afca883ded5d3461126f33684fc7046ab9a313e0
57292d9d8c895f526c9f7cdae30de7ee3bad46137b432711a1c1fb19a3061cab
57664ee6da8854b147183193a1e7d9e9da829bd68ef04337ea3b09c1a3af4065
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5f49eadf1f543703e68d92cca57d1cd8c31303a91d911bc9691c8e59680b3afb
5fb5ab7b1e1f0c3167ad4376432478d609c614a1f2db1b59c18af1ae73dde7ab
61b6d03e74e9d47e3631d3ced2fbc80c83d7d9d6a0b46afb79db5013e8d6d5df
61da0a4638505960ec52709b7df80d92683c56e13042079daf5f082fc9548d5e
629635dd07348be5ec8af9cc64294c508c87a7d7fc4db13e8ee37b92593a5898
62a69105c0293b4b26df6051c8c655890a6eb9ea27c63557f2e022c333dc25a4
63c7816f78551dfc01f5af32c0f1c8af625420c136697bb79824b0db2048f540
63e2dfceaeeb7e8b933fa7fe96048fac66ad3fab6ab270b8e4a28ce02c1b73ab
64188919001668669b5b884b44bd3eac4068a8e4d71d21d958048f52e1be721a
65fb888aea00501a5dc0286444d66a06cdb3c33da106e4e9817af9ab3e2e5e9c
65fe86988b9b7b71ce61ee5e5f1183dd4c92698aa33e0bc3645e3beeb8baae19
6823220a681a001c7e9e7a2ef4899c21f873d3dde28baf4a43d1d7793307253e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aeb9f7542993c71c548ac254766824ef86c68f0d6fa13f293bd016b9cfc9dc6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c872ed931c535c34a5143cc249e60c4c6cfeb741983f58117bac25c03d67c57
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
70ba5fa117c784f7541289722fe0c98abaed5e970243ffc15bcd4bb037aaa745
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
770cb6f8747e90dad261e049dfa5cf42e622dac61bcbc86ecb0a8c134228eb91
77bad019a66d1ee0f0801b6aeee8f7efef4a4025ea615a9e9ea1d0721ac5614c
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f
78ecef70f26be6c1fdac47c62703bda773d8bba819e6c13ed0bf152fbb3f3e53
7a3b4c985dc5de60264f6a19da2b094563d3dfc6b1fc1bd33645cae3e0db6cc3
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7e58ef84b3994aa5d6238df46b20e480c270cdd6094a41166583f7491665152a
7eb234b62d1dc22983066e67de4817b472d34236cf2be90e5218ab1b21386f1d
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f24d58735397dbe7772644e6fa0b066072936f5cd2cd9602d5b2cacd7d3fe92
7f5c5cc320064d614fc45e27c83207bcd36190c893364a09dbec92f5749c7129
812120e5ae14c01f8e582a6f65d8edd5be512183469167e1b4aa44babf4f16fd
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835c0613d38e3fc3066140cd27e8a7960313c2fbdeeb467b416dc3923d642cc3
856cb85b5b9a4038217184e24e1df16cd3058223faac06bacaf2132ba0e4c3e8
85a2c5bd701224851deca6029998517a35d091922217a90241fd0c7f244e8f11
86d5fc8546c489f3d864599a85133e2181ec61a824a0d79382cac0b687d57223
87080cab8794ff5866d3656734a9e2e55444cd90f76f7e36194b35816020cfb2
87629cd57dbd6b0971f759ce88e454d939a2275b69e9a113c1f421d2dcf4d4bd
8874eb2e4480aca2c2cbb14e2309ad6e153676c1e12231ef79fecbfbc3ac66da
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b4ca02afc05579b79ae3765ccff134871e2ed02f8f7c133efdc8b779ee3deb1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8f7ad438c88cd0653af6066d4c148e00824961112a865f9611e258b9f3cc0981
8f9c6f094f7be69283685afb61ba46656c8ffda55ac28a52d367f6f2acf524a4
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
9019adc6ec44d2cd4f38c97b8319b0ae8da8f03b3bd646d4f86707f23f8935a0
922851ab1a5fce51fbdb9306f1329bf8e80919b6c443b38792b183da23d15314
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
9320021507b35e189d2190eea673cbc21f7d368f6ecbfb5dc89d773a28cd015d
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb
9785c0ee4e91e6c161177cb63bd32032310fbafebc0c56e1448319ccf35d7d59
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9ba440b1a31f42f3c02ae16ee76868c9fe0f88b8a9ef5ce06158a6ef75a90c
9b86f59ea10ddab83497c391c78d522da48d16d33ad71994584f68e69b5a5a8a
9e5a1148e6ba00dec0218671857bc04820e1a4628a6de00a659ece715a6ed2f6
9faebe5bdb9528f36d1ec5713865681bf10c7c0d1fa1b8224fc57982f45ed788
a1418d32570398f8f8e07cea418bd2d81e0b78cc1cd1c2548bd260d70229d166
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28119ca11bc23f972f8e463761547044174823430b09a0f1fbfed91acbeb35d
a51f645170637f10f3eba218020318af3fff3ad8e7087db87ef607896f19a940
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282
a5ad4fb0d40625889969083053d32ab1191e66c11bb4aebfde2643954c0f5673
ab2b15bc4245779ffc7529cd333366826ae8d5b0d5165f4220bd335db4532c23
abe9d30276e3d66a71219ad2b0ed5a9663020a5c534557dd0f5c8ba71da4ebd4
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ac839289bceacb489a8b18a17dc2b32be90fb2608068bbeb18678af74d3f93d9
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21e6311cb8893cfc9bf6f20d1090a4b1005f739fee420beede8b89a8d279ec6
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b937537ed7f13e70dc6a69b6e9b308237cd369e11fa2a2b97a24d97d8487673e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bedb66ea25e4ef6df091a7dc714b592ebade31fea6c7694f79dba54f47748a4a
bf50c94253085740a5cce42e9c14f7b897cfc384303b38a5d9d7a0ab8ea5160f
bfd753d445592a633d4e3b8f74fe6e4ca85ab95a1f0b2fc00f11afeaaeed8194
c06943a38b2ab963f383afeccd6947002e4ec734aef32837a47a3b27f97beff3
c1e914a6a6a8f360219210defa3756637af709343c914a6e23a17dae689efc9d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a0ed3ea5aebdf80781e96b0e677656f9db72ea592b679299953852fef84b02
c2be9f32f9e9d9bd26c938037ee11d5f10c4aa8cb973f70b2ec0ce00bcf3adc6
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c7451690fed2a104bf6ff86e5ab0b3a7d8393d26a859a4bad6ba81b1d7aa339d
c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf
cbd8236978dd3f165bc49566f78c460e3937e552df38787439c1ef2797c4c709
cc8faf4ebe94f92af1aa97b73f052409171ff69671a93028fd57a726d1a49dd9
ce2212c80c7623521d5a1284e09103549406bf22f69244ac95e88ae4d94e23dd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
cfc3c01bc1b339113279c023d5a19c783f729a4c42fd9e415e495fff3ffc90d8
cfd9e05ccae63e480530aecea92a49a8d12411dd497a7a4bd609c908248753e6
d0f4f9d060bc75bf02c5beee9c65df4c299614a831a698c3ea600c7171559747
d1379c4b46f5a2a670099f7bd145b4c9d2395ac4954a442b280a0ca2f062907c
d1731db9016f326daff11d0045c86fd068ec9e72cc4c6ec56a7c856a3a3d28c7
d1832b7da0292ab076dfe046f8b1c2d5fcfd1bfb5628b7e21a3754a20308aa57
d377e1cb70a7b9223fa7c9767542fab85c1ff9d1d49c731595b275db4d00dd85
d43e399ba09544255bf6868dde76294fe05dd14d902f0568991721f5c0039aba
d7379ee5f42e3a24392d1c3ee605abe7842d6dc47edd6be0315d8cc2f849fb42
d813e6becda7ebe8b6bf1a54e7b83aa2a2551dc41bf4f07877834984a293958e
d925e34daa0fe1e6548a8fe0fb3f1c66b603f51c856071d8c4ff36c7820d51f0
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d980e19674df7b00e34973a7b32244e7614164da2dc77ef9950734efbcb325df
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da3c5a2e809324e17c200da5501c0504fa5abe3acbd74dc7b53f4d61a06b66c6
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311c11353d5628e6e28d260bca9b8935b23440964d7c6bc4914edcda08472a
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1023fc5b7b2cb762dd4ad14fcf4787fa945fca4a37518cd0d6b411c248dc201
e123a9eb690cc77f16bebeaed1e4c3e595157e4c25de5c77c6c14f34f26edee9
e31982b9a9549c328c4ee79c9339ce77f03df084f82d2501b820ef68bf7667e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
e91fde7db8e3812710dc53a9112678498279bbe017ae00b73f057e73e90189c3
ebbdc09f56e8b9cba9117f0d84b4903fdc89508496a9b5d5b8d6bf59ff13ebbf
ecc79a89fe27d447d0a59fc7f57dd32e4eb0cf68a5b665e5be3ace4ed500f753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc6361ebe5a559578c83bf197d5407b7f6bf44f74d35c4ee8eb22c810fb34a7
f33585b10bb5487bd6c92f53018de62cb147ab48b829334b7f97437015aae557
f34544ddb27241b3eccb8e06d7447230005e8718b463a30d9dd83d1e8bada1a1
f9e4e2c46e9957a5164692d78a00b6dacf40e04bec4548634e1c5fbef0e767a8
fb398334376738dbe8cbc633ec25c5142e003b5ef0a833061cb224a57b51bef6
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff37c5d7c518485bc68ba93a755edfaaf77d9fb7a1fa1da2033a8ddc654b7483