urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Submission: On April 25 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 161 IPs in 11 countries across 149 domains to perform 899 HTTP transactions. The main IP is 104.20.60.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 67368.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2020. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.60.209 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
32 104.26.12.6 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 7 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
40 2607:f8b0:400... 15169 (GOOGLE)
7 23.208.216.126 16625 (AKAMAI-AS)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 18 151.101.2.137 54113 (FASTLY)
1 52.85.61.5 16509 (AMAZON-02)
2 13.33.46.73 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
10 35.201.71.192 15169 (GOOGLE)
2 142.251.40.230 15169 (GOOGLE)
1 23.52.162.190 16625 (AKAMAI-AS)
1 30 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3 52.85.61.100 16509 (AMAZON-02)
3 23.52.163.40 16625 (AKAMAI-AS)
3 34.208.143.18 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.226.31.10 16509 (AMAZON-02)
7 36 23.52.162.21 16625 (AKAMAI-AS)
1 142.250.81.226 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
21 2607:f8b0:400... 15169 (GOOGLE)
3 151.101.66.137 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
26 142.251.32.98 15169 (GOOGLE)
1 13.225.64.68 16509 (AMAZON-02)
12 18.220.186.98 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
11 12 3.214.88.14 14618 (AMAZON-AES)
20 21 35.71.131.137 16509 (AMAZON-02)
6 6 68.67.181.207 29990 (ASN-APPNEX)
3 13 23.78.168.242 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3.135.250.134 16509 (AMAZON-02)
2 35.227.238.208 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
38 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.1.140 54113 (FASTLY)
1 2600:9000:219... 16509 (AMAZON-02)
15 23 8.43.72.98 26667 (RUBICONPR...)
5 143.204.137.197 16509 (AMAZON-02)
15 54.230.102.54 16509 (AMAZON-02)
7 9 2620:116:800b... 14618 (AMAZON-AES)
1 23.52.162.163 16625 (AKAMAI-AS)
12 24 68.67.160.117 29990 (ASN-APPNEX)
3 104.36.115.98 62713 (AS-PUBMATIC)
20 104.16.68.69 13335 (CLOUDFLAR...)
15 3.92.156.8 14618 (AMAZON-AES)
1 34.149.20.76 15169 (GOOGLE)
1 6 54.235.190.65 14618 (AMAZON-AES)
2 34.107.148.139 15169 (GOOGLE)
8 25 35.244.159.8 15169 (GOOGLE)
2 2602:803:c002... 26667 (RUBICONPR...)
2 35.211.165.199 15169 (GOOGLE)
2 23.78.210.18 16625 (AKAMAI-AS)
6 34.235.17.126 14618 (AMAZON-AES)
13 34.195.17.74 14618 (AMAZON-AES)
2 18.214.209.43 14618 (AMAZON-AES)
2 3.230.217.116 14618 (AMAZON-AES)
6 34.230.171.57 14618 (AMAZON-AES)
8 8 54.152.83.91 14618 (AMAZON-AES)
10 14 54.175.87.114 14618 (AMAZON-AES)
33 75 142.251.40.194 15169 (GOOGLE)
1 2 52.95.115.196 16509 (AMAZON-02)
1 2001:4998:1c:... 14779 (YAHOO)
4 11 35.190.60.146 15169 (GOOGLE)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
2 23 209.54.177.54 16509 (AMAZON-02)
1 23.78.200.97 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 2600:9000:214... 16509 (AMAZON-02)
1 34.204.147.250 14618 (AMAZON-AES)
1 18 52.0.174.205 14618 (AMAZON-AES)
8 23.52.161.180 16625 (AKAMAI-AS)
15 34.202.188.87 14618 (AMAZON-AES)
1 2 44.197.56.222 14618 (AMAZON-AES)
3 3 44.196.51.251 14618 (AMAZON-AES)
6 7 35.186.253.211 15169 (GOOGLE)
5 9 198.148.27.140 19189 (PULSEPOINT)
8 8 199.127.204.142 26120 (RHYTHMONE)
2 2 69.166.1.10 27630 (AS-XFERNET)
4 6 192.35.249.120 11742 (SPOTX-IAD)
2 4 2600:1f18:612... 14618 (AMAZON-AES)
8 22 52.223.22.214 16509 (AMAZON-02)
1 2 35.186.194.101 15169 (GOOGLE)
18 20 35.211.178.172 15169 (GOOGLE)
4 5 185.167.164.39 198622 (ADFORM)
3 4 64.202.112.31 22075 (AS-OUTBRAIN)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
6 6 54.145.48.80 14618 (AMAZON-AES)
4 9 2600:1f18:4e9... 14618 (AMAZON-AES)
4 4 132.226.41.106 31898 (ORACLE-BM...)
3 169.197.150.7 398989 (DEEPINTENT)
12 12 70.42.32.63 22075 (AS-OUTBRAIN)
7 9 104.77.220.229 16625 (AKAMAI-AS)
3 3 44.198.251.190 14618 (AMAZON-AES)
1 1 199.187.193.202 47043 (SMARTADSE...)
1 54.36.109.186 16276 (OVH)
3 7 104.36.115.113 62713 (AS-PUBMATIC)
1 1 124.146.215.51 2514 (INFOSPHER...)
12 2800:3f0:4004... 15169 (GOOGLE)
6 6 169.60.66.35 36351 (SOFTLAYER)
6 2607:f8b0:400... 15169 (GOOGLE)
16 16 2606:ae80:147... 26762 (CNVR-US-EAST)
5 10 34.195.153.99 14618 (AMAZON-AES)
2 54.152.116.38 14618 (AMAZON-AES)
2 3 63.251.86.50 10913 (INTERNAP-BLK)
10 10 216.200.232.253 30419 (MEDIAMATH...)
5 30 104.36.115.109 62713 (AS-PUBMATIC)
1 1 199.187.193.185 47043 (SMARTADSE...)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 4 8.28.7.84 62713 (AS-PUBMATIC)
6 6 2620:112:f002... 6336 (TURN-US-ASN)
9 9 216.152.140.200 13768 (COGECO-PEER1)
3 3 34.229.3.43 14618 (AMAZON-AES)
5 6 107.178.246.49 15169 (GOOGLE)
2 28 104.102.252.25 16625 (AKAMAI-AS)
1 5 23.92.190.74 29791 (VOXEL-DOT...)
1 3.19.8.185 16509 (AMAZON-02)
1 3.141.89.91 16509 (AMAZON-02)
1 26 172.66.42.247 13335 (CLOUDFLAR...)
1 172.66.41.9 13335 (CLOUDFLAR...)
1 3 67.202.105.32 32748 (STEADFAST)
1 51.222.239.230 16276 (OVH)
5 5 162.248.18.11 62713 (AS-PUBMATIC)
1 52.30.111.237 16509 (AMAZON-02)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
10 10 38.27.122.101 174 (COGENT-174)
2 2 45.35.192.162 40676 (AS40676)
2 2 23.88.75.186 24940 (HETZNER-AS)
4 4 199.38.167.129 54312 (ROCKETFUEL)
14 14 67.202.105.22 32748 (STEADFAST)
1 2 143.204.146.57 16509 (AMAZON-02)
1 13.33.46.33 16509 (AMAZON-02)
3 3 23.50.79.213 16625 (AKAMAI-AS)
1 1 34.227.196.244 14618 (AMAZON-AES)
1 1 204.62.13.72 46636 (NATCOWEB)
1 1 52.1.219.85 14618 (AMAZON-AES)
11 34.117.239.71 15169 (GOOGLE)
6 2600:141b:700... 20940 (AKAMAI-ASN1)
1 54.230.102.43 16509 (AMAZON-02)
1 2 35.170.124.134 14618 (AMAZON-AES)
1 34.239.90.167 14618 (AMAZON-AES)
3 3 54.225.138.85 14618 (AMAZON-AES)
1 4 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
1 52.71.37.99 14618 (AMAZON-AES)
1 34.120.155.137 15169 (GOOGLE)
1 2 23.10.82.211 16625 (AKAMAI-AS)
3 2600:9000:210... 16509 (AMAZON-02)
8 142.250.176.194 15169 (GOOGLE)
1 152.199.2.76 15133 (EDGECAST)
8 104.244.36.20 7415 (ADSAFE-1)
2 204.154.110.76 36062 (DOUBLE-VE...)
9 9 35.190.90.30 15169 (GOOGLE)
1 1 20.85.9.11 8075 (MICROSOFT...)
1 1 54.236.94.205 14618 (AMAZON-AES)
6 8 151.101.66.49 54113 (FASTLY)
1 1 2600:9000:21e... 16509 (AMAZON-02)
1 2600:141b:900... 20940 (AKAMAI-ASN1)
6 34.117.228.201 396982 (GOOGLE-CL...)
1 1 2600:9000:214... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.1.108 54113 (FASTLY)
1 2 192.132.33.46 18568 (BIDTELLECT)
2 3 13.225.213.20 16509 (AMAZON-02)
2 4 104.18.102.194 13335 (CLOUDFLAR...)
6 6 35.207.24.140 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 13.33.46.26 16509 (AMAZON-02)
6 6 52.45.55.227 14618 (AMAZON-AES)
2 3 74.119.119.150 19750 (AS-CRITEO)
1 2 47.252.78.131 45102 (ALIBABA-C...)
1 1 52.1.175.157 14618 (AMAZON-AES)
2 18.233.240.143 14618 (AMAZON-AES)
2 35.174.49.97 14618 (AMAZON-AES)
2 2 52.91.254.52 14618 (AMAZON-AES)
1 1 34.111.151.213 15169 (GOOGLE)
2 2 173.231.178.85 29791 (VOXEL-DOT...)
1 2 54.234.215.67 14618 (AMAZON-AES)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 2a04:4e42:200... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
1 1 139.162.78.222 63949 (LINODE-AP...)
1 157.90.212.181 24940 (HETZNER-AS)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 195.5.165.20 44968 (IPROM-AS)
3 3 51.222.80.231 16276 (OVH)
2 2 35.201.96.126 15169 (GOOGLE)
1 204.237.133.247 3257 (GTT-BACKB...)
1 2 50.57.31.206 19994 (RACKSPACE)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 2 34.196.247.148 14618 (AMAZON-AES)
1 34.73.194.24 396982 (GOOGLE-CL...)
1 34.75.117.5 396982 (GOOGLE-CL...)
2 104.36.115.114 62713 (AS-PUBMATIC)
1 2 54.173.102.163 14618 (AMAZON-AES)
2 142.251.40.226 ()
899 161
1    104.20.60.209 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
4    2607:f8b0:4006:80d::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
32    104.26.12.6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
5    2606:4700:20::ac43:443c (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    2607:f8b0:4006:81c::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2607:f8b0:4006:81c::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google.com
8    2607:f8b0:4006:81f::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
40    2607:f8b0:4006:824::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    23.208.216.126 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-126.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
m.addthis.com
s7.addthis.com
api-public.addthis.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
18    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
img.connatix.com
cks.connatix.com
ck.connatix.com
1    52.85.61.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-5.ewr53.r.cloudfront.net
ecdn.analysis.fi
2    13.33.46.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-73.ewr52.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
8    2607:f8b0:4006:80a::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2607:f8b0:4006:820::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
10    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
c.pub.network
2    142.251.40.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net
ad.doubleclick.net
1    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
30    2607:f8b0:4006:81e::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
2    2607:f8b0:4006:809::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    52.85.61.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-100.ewr53.r.cloudfront.net
sb.scorecardresearch.com
3    23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
3    34.208.143.18 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-143-18.us-west-2.compute.amazonaws.com
tag.escalated.io
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    2607:f8b0:4006:821::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    13.226.31.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-10.ewr53.r.cloudfront.net
ats.rlcdn.com
36    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
partner.googleadservices.com
4    2607:f8b0:4006:809::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
21    2607:f8b0:4006:80b::2006 (Staten Island, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
s0.2mdn.net
3    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
vid.connatix.com
4    2607:f8b0:4006:81c::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2607:f8b0:4006:821::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2607:f8b0:4006:80e::2016 (Staten Island, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
26    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
1    13.225.64.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-64-68.ewr53.r.cloudfront.net
geo.privacymanager.io
12    18.220.186.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-186-98.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
5    2607:f8b0:4006:81e::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
12    3.214.88.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-88-14.compute-1.amazonaws.com
match.prod.bidr.io
21    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    68.67.181.207 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
13    23.78.168.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-168-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    3.135.250.134 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-250-134.us-east-2.compute.amazonaws.com
vid.springserve.com
2    35.227.238.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.238.227.35.bc.googleusercontent.com
api.floors.dev
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
38    2607:f8b0:4006:81f::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
www.reddit.com
1    2600:9000:2199:e400:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
23    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
5    143.204.137.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-137-197.ewr52.r.cloudfront.net
c.amazon-adsystem.com
15    54.230.102.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-102-54.ewr53.r.cloudfront.net
tagan.adlightning.com
9    2620:116:800b:21:f716:921a:893c:c3d8 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    23.52.162.163 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-163.deploy.static.akamaitechnologies.com
s.ntv.io
24    68.67.160.117 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
3    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
20    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
15    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
6    54.235.190.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-190-65.compute-1.amazonaws.com
ads.yieldmo.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
25    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
us-u.openx.net
u.openx.net
2    2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    35.211.165.199 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    23.78.210.18 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-210-18.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
6    34.235.17.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-17-126.compute-1.amazonaws.com
c.deployads.com
13    34.195.17.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-17-74.compute-1.amazonaws.com
btlr.sharethrough.com
2    18.214.209.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-209-43.compute-1.amazonaws.com
tlx.3lift.com
2    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
6    34.230.171.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-171-57.compute-1.amazonaws.com
ads.adaptv.advertising.com
8    54.152.83.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-83-91.compute-1.amazonaws.com
pixel.advertising.com
14    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
75    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
2    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2001:4998:1c:800::1001 (United States)

ASN14779 (YAHOO, US)
ads.yahoo.com
11    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
23    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    23.78.200.97 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-200-97.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    2600:9000:2140:2000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    34.204.147.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-147-250.compute-1.amazonaws.com
jadserve.postrelease.com
18    52.0.174.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-174-205.compute-1.amazonaws.com
rtb.gumgum.com
8    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
15    34.202.188.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-188-87.compute-1.amazonaws.com
sync.springserve.com
2    44.197.56.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-56-222.compute-1.amazonaws.com
sync.bfmio.com
3    44.196.51.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-51-251.compute-1.amazonaws.com
cs.emxdgt.com
7    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
9    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
8    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
4    2600:1f18:612b:4232:40ff:2de3:a398:119a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pbs.publishers.tremorhub.com
partners.tremorhub.com
22    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
sync.sxp.smartclip.net
20    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
5    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    64.202.112.31 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    54.145.48.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-48-80.compute-1.amazonaws.com
sync.srv.stackadapt.com
9    2600:1f18:4e9:5a05:f817:c851:d4d0:49b5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
12    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
9    104.77.220.229 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-229.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
3    44.198.251.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-251-190.compute-1.amazonaws.com
ad.360yield.com
1    199.187.193.202 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
1    54.36.109.186 (France)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com
id5-sync.com
7    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
12    2800:3f0:4004:811::2003 (Argentina)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    169.60.66.35 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 23.42.3ca9.ip4.static.sl-reverse.com
um.simpli.fi
6    2607:f8b0:4006:80d::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
16    2606:ae80:1471:15::410 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
medianet-match.dotomi.com
districtm-match.dotomi.com
10    34.195.153.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-153-99.compute-1.amazonaws.com
match.sharethrough.com
2    54.152.116.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-116-38.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
3    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
10    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
30    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
6    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
9    216.152.140.200 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
6    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
28    104.102.252.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-252-25.deploy.static.akamaitechnologies.com
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
5    23.92.190.74 (Cramerton, United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    3.19.8.185 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-8-185.us-east-2.compute.amazonaws.com
bc-ssb-cle.springserve.com
1    3.141.89.91 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-89-91.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
26    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3013.infolinks.com
1    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3013.infolinks.com
3    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
1    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
5    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    52.30.111.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-111-237.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
10    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
2    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
4    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
14    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    143.204.146.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-57.ewr52.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    13.33.46.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-33.ewr52.r.cloudfront.net
api.intentiq.com
3    23.50.79.213 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-79-213.deploy.static.akamaitechnologies.com
px.owneriq.net
1    34.227.196.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-196-244.compute-1.amazonaws.com
sync.extend.tv
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
1    52.1.219.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-219-85.compute-1.amazonaws.com
cms-xch.33across.com
11    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
events-ssc.33across.com
6    2600:141b:7000:6ab::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    54.230.102.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-102-43.ewr53.r.cloudfront.net
check.analytics.rlcdn.com
2    35.170.124.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-124-134.compute-1.amazonaws.com
fw.adsafeprotected.com
1    34.239.90.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-90-167.compute-1.amazonaws.com
beacon.krxd.net
3    54.225.138.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-138-85.compute-1.amazonaws.com
sync.ipredictive.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    52.71.37.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-37-99.compute-1.amazonaws.com
id.crwdcntrl.net
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    23.10.82.211 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-82-211.deploy.static.akamaitechnologies.com
sync.teads.tv
3    2600:9000:2105:ec00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads4.g.doubleclick.net
1    152.199.2.76 (United States)

ASN15133 (EDGECAST, US)
cdn.bizibly.com
8    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
2    204.154.110.76 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-phlb106.doubleverify.com
rtb0.doubleverify.com
rtbc-nyc.doubleverify.com
9    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    20.85.9.11 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
beacon.walmart.com
1    54.236.94.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-94-205.compute-1.amazonaws.com
pixel.everesttech.net
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2600:9000:21ea:800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2600:141b:9000::684a:4118 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
6    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
1    2600:9000:2140:3400:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    13.225.213.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-20.ewr50.r.cloudfront.net
aa.agkn.com
4    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
6    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    13.33.46.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-26.ewr52.r.cloudfront.net
cm.smadex.com
6    52.45.55.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-55-227.compute-1.amazonaws.com
pm.w55c.net
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    52.1.175.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-175-157.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    18.233.240.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-240-143.compute-1.amazonaws.com
sync.crwdcntrl.net
2    35.174.49.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-49-97.compute-1.amazonaws.com
rtb.adentifi.com
2    52.91.254.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-254-52.compute-1.amazonaws.com
ads.avct.cloud
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    173.231.178.85 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    54.234.215.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-215-67.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    139.162.78.222 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com
gocm.c.appier.net
1    157.90.212.181 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.181.212.90.157.clients.your-server.de
matching.truffle.bid
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    204.237.133.247 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    204.2.255.233 (Miami, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    34.196.247.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-247-148.compute-1.amazonaws.com
um2.eqads.com
1    34.73.194.24 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.194.73.34.bc.googleusercontent.com
dmx.us-east-34.districtm.io
1    34.75.117.5 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.117.75.34.bc.googleusercontent.com
dmx.us-east-31.districtm.io
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    54.173.102.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-102-163.compute-1.amazonaws.com
io.narrative.io
2    142.251.40.226 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
128 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 191
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 328
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174
cm.g.doubleclick.net — Cisco Umbrella Rank: 195
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 272
640 KB
86 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 96
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
ade.googlesyndication.com
1 MB
60 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 445
ads.pubmatic.com — Cisco Umbrella Rank: 435
image6.pubmatic.com — Cisco Umbrella Rank: 565
simage2.pubmatic.com — Cisco Umbrella Rank: 584
image2.pubmatic.com — Cisco Umbrella Rank: 819
image4.pubmatic.com — Cisco Umbrella Rank: 810
image8.pubmatic.com — Cisco Umbrella Rank: 580
aud.pubmatic.com — Cisco Umbrella Rank: 4071
simage4.pubmatic.com — Cisco Umbrella Rank: 1101
138 KB
41 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 790
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 978
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
ads.yahoo.com — Cisco Umbrella Rank: 1083
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 406
15 KB
38 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1011
eus.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 671
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1114
pixel.rubiconproject.com — Cisco Umbrella Rank: 318
67 KB
33 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1273
htlb.casalemedia.com — Cisco Umbrella Rank: 452
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
dsum.casalemedia.com — Cisco Umbrella Rank: 1232
42 KB
33 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3131
cds.connatix.com — Cisco Umbrella Rank: 3187
capi.connatix.com — Cisco Umbrella Rank: 3458
ins.connatix.com — Cisco Umbrella Rank: 4950
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 4017
vid.connatix.com — Cisco Umbrella Rank: 3820
img.connatix.com — Cisco Umbrella Rank: 3817
cks.connatix.com — Cisco Umbrella Rank: 4264
ck.connatix.com — Cisco Umbrella Rank: 5010
603 KB
32 openx.net
freestar-d.openx.net — Cisco Umbrella Rank: 7836
rtb.openx.net — Cisco Umbrella Rank: 1434
us-u.openx.net — Cisco Umbrella Rank: 369
u.openx.net — Cisco Umbrella Rank: 673
4 KB
32 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 394
ib.adnxs.com — Cisco Umbrella Rank: 226
acdn.adnxs.com — Cisco Umbrella Rank: 566
72 KB
32 bleepstatic.com
www.bleepstatic.com — Cisco Umbrella Rank: 114875
338 KB
30 media.net
prebid.media.net — Cisco Umbrella Rank: 1055
contextual.media.net — Cisco Umbrella Rank: 496
hbx.media.net — Cisco Umbrella Rank: 1058
cs.media.net — Cisco Umbrella Rank: 1641
c21lg-d.media.net — Cisco Umbrella Rank: 1606
97 KB
30 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 284
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1249
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
63 KB
28 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
173 KB
27 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7341
router.infolinks.com — Cisco Umbrella Rank: 3064
rt3013.infolinks.com — Cisco Umbrella Rank: 78272
285 KB
27 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1357
ssc-cms.33across.com — Cisco Umbrella Rank: 899
cms-xch.33across.com — Cisco Umbrella Rank: 3223
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1897
events-ssc.33across.com — Cisco Umbrella Rank: 1476
10 KB
24 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 531
eb2.3lift.com — Cisco Umbrella Rank: 341
10 KB
23 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 944
match.sharethrough.com — Cisco Umbrella Rank: 587
5 KB
22 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1016
x.bidswitch.net — Cisco Umbrella Rank: 274
19 KB
22 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1842
cdn.districtm.io — Cisco Umbrella Rank: 1483
dmx.us-east-34.districtm.io — Cisco Umbrella Rank: 24661
dmx.us-east-31.districtm.io — Cisco Umbrella Rank: 25714
9 KB
21 springserve.com
vid.springserve.com — Cisco Umbrella Rank: 5668
vpaid.springserve.com — Cisco Umbrella Rank: 6541
sync.springserve.com — Cisco Umbrella Rank: 2227
bc-ssb-cle.springserve.com — Cisco Umbrella Rank: 13588
vid-io-cle.springserve.com — Cisco Umbrella Rank: 5558
99 KB
21 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 326
12 KB
20 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 252
459 KB
18 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1168
usersync.gumgum.com Failed
5 KB
16 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4661
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 3331
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2860
33across-match.dotomi.com — Cisco Umbrella Rank: 2724
medianet-match.dotomi.com — Cisco Umbrella Rank: 8181
districtm-match.dotomi.com — Cisco Umbrella Rank: 9099
6 KB
15 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1304
346 KB
15 pub.network
a.pub.network — Cisco Umbrella Rank: 5801
d.pub.network — Cisco Umbrella Rank: 6134
c.pub.network — Cisco Umbrella Rank: 5972
351 KB
14 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 454
rtb0.doubleverify.com — Cisco Umbrella Rank: 614
tps.doubleverify.com — Cisco Umbrella Rank: 470
rtbc-nyc.doubleverify.com — Cisco Umbrella Rank: 2054
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1582
227 KB
14 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 4415
pixel.advertising.com — Cisco Umbrella Rank: 400
5 KB
14 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1251
id.rlcdn.com — Cisco Umbrella Rank: 553
idsync.rlcdn.com — Cisco Umbrella Rank: 294
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3836
api.rlcdn.com — Cisco Umbrella Rank: 777
37 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 694
static.adsafeprotected.com — Cisco Umbrella Rank: 527
dt.adsafeprotected.com — Cisco Umbrella Rank: 471
109 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
jnn-pa.googleapis.com — Cisco Umbrella Rank: 267
imasdk.googleapis.com — Cisco Umbrella Rank: 411
891 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 555
8 KB
12 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 446
5 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
348 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 64
15 KB
10 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1447
5 KB
10 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 419
5 KB
9 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 870
2 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 381
mug.criteo.com — Cisco Umbrella Rank: 3086
dis.criteo.com — Cisco Umbrella Rank: 741
3 KB
9 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 569
7 KB
9 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 467
tags.bluekai.com — Cisco Umbrella Rank: 444
8 KB
9 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 551
7 KB
9 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 547 Failed
pixel.everesttech.net — Cisco Umbrella Rank: 3003
2 KB
9 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 892
pixel.quantserve.com — Cisco Umbrella Rank: 398
cms.quantserve.com — Cisco Umbrella Rank: 1043
13 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 94
729 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 567
ce.lijit.com — Cisco Umbrella Rank: 820
7 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 500
4 KB
8 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 621
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5204
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 9496
3 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 834
4 KB
6 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 779
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 405
810 B
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 732
3 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 765
3 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 766
2 KB
6 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 517
4 KB
6 deployads.com
c.deployads.com — Cisco Umbrella Rank: 3470
3 KB
6 addthis.com
s9.addthis.com — Cisco Umbrella Rank: 124148
m.addthis.com — Cisco Umbrella Rank: 1349
s7.addthis.com — Cisco Umbrella Rank: 1385 Failed
api-public.addthis.com — Cisco Umbrella Rank: 3868
218 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 556
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 397
2 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 669
5 KB
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1335
sync.outbrain.com — Cisco Umbrella Rank: 788
4 KB
4 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 510
923 B
4 agkn.com
d.agkn.com — Cisco Umbrella Rank: 536
aa.agkn.com — Cisco Umbrella Rank: 414
3 KB
4 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1506
bcp.crwdcntrl.net — Cisco Umbrella Rank: 786
sync.crwdcntrl.net — Cisco Umbrella Rank: 600
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 690
3 KB
4 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1062
3 KB
4 tremorhub.com
pbs.publishers.tremorhub.com — Cisco Umbrella Rank: 4981
partners.tremorhub.com — Cisco Umbrella Rank: 872
1 KB
4 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13154
1 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2991
1 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 963
1 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 947
2 KB
3 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1383
sync1.intentiq.com — Cisco Umbrella Rank: 5148
api.intentiq.com — Cisco Umbrella Rank: 2123
3 KB
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1228
hde.tynt.com — Cisco Umbrella Rank: 4213
6 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1119
3 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 651
834 B
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 801
466 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
966 B
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 860
744 B
3 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 21593
49 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 350
s-jsonp.moatads.com — Cisco Umbrella Rank: 14132
56 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
2 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2191
643 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3380
563 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4152
965 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1027
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3741
624 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 630
match.taboola.com — Cisco Umbrella Rank: 1966
659 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 775
s.tribalfusion.com — Cisco Umbrella Rank: 2340
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1261
569 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1408
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2733
888 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1028
93 B
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2068
366 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 209
951 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 781
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 932
522 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
393 B
2 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2470
814 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 772
717 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1226
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 595
824 B
2 smartclip.net
sync.sxp.smartclip.net — Cisco Umbrella Rank: 23336
452 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 914
1 KB
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1193
598 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1525
id5-sync.com — Cisco Umbrella Rank: 639
13 KB
2 reddit.com
www.reddit.com — Cisco Umbrella Rank: 3035
3 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 9741
4 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1221
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1007
api.btloader.com — Cisco Umbrella Rank: 1209
38 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 19687
cdn.firstimpression.io — Cisco Umbrella Rank: 20822
100 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2389
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3427
463 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5511
277 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5795
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2235
395 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1172
674 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1869
366 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 3257
530 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212
33 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1295
63 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 720
440 B
1 walmart.com
beacon.walmart.com — Cisco Umbrella Rank: 2091
581 B
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 7367
345 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 424
337 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2408
586 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1599
546 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4028
308 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 1830
945 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 778
814 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3930
391 B
1 inmobi.com
sync.inmobi.com Failed
mweb.ck.inmobi.com — Cisco Umbrella Rank: 2800
347 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1746
829 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1164
834 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 833
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1520
17 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3271
115 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1341
595 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
67 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 223
3 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 773
649 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6803
539 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1436
4 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1602
855 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 24025
5 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1134
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58
38 KB
1 bleepingcomputer.com
www.bleepingcomputer.com — Cisco Umbrella Rank: 67368
17 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
0 Failed
function sub() { [native code] }. Failed
899 149
Domain Requested by
75 cm.g.doubleclick.net 33 redirects eus.rubiconproject.com
rtb.gumgum.com
googleads.g.doubleclick.net
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
www.bleepingcomputer.com
eb2.3lift.com
us-u.openx.net
u.openx.net
40 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
srcdoc
www.googletagservices.com
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
38 tpc.googlesyndication.com googleads.g.doubleclick.net
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
tagan.adlightning.com
tpc.googlesyndication.com
32 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
26 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
www.bleepingcomputer.com
tagan.adlightning.com
24 ib.adnxs.com 12 redirects a.pub.network
vpaid.springserve.com
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
acdn.adnxs.com
23 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
tagan.adlightning.com
s.amazon-adsystem.com
bh.contextweb.com
ap.lijit.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
eb2.3lift.com
us-u.openx.net
contextual.media.net
22 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
um2.eqads.com
22 us-u.openx.net 7 redirects googleads.g.doubleclick.net
a.pub.network
us-u.openx.net
u.openx.net
de.tynt.com
22 eb2.3lift.com 8 redirects a.pub.network
eb2.3lift.com
21 simage2.pubmatic.com 4 redirects ads.pubmatic.com
21 match.adsrvr.org 20 redirects ads.pubmatic.com
20 x.bidswitch.net 18 redirects www.bleepingcomputer.com
ads.pubmatic.com
20 s0.2mdn.net imasdk.googleapis.com
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
tagan.adlightning.com
s0.2mdn.net
19 router.infolinks.com 1 redirects resources.infolinks.com
tagan.adlightning.com
router.infolinks.com
ssum-sec.casalemedia.com
18 contextual.media.net ap.lijit.com
a.pub.network
contextual.media.net
18 rtb.gumgum.com 1 redirects vid.springserve.com
rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
16 dmx.districtm.io a.pub.network
cdn.districtm.io
www.bleepingcomputer.com
16 securepubads.g.doubleclick.net www.googletagservices.com
cd.connatix.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.bleepingcomputer.com
tagan.adlightning.com
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
15 sync.springserve.com www.bleepingcomputer.com
rtb.gumgum.com
ads.pubmatic.com
15 tagan.adlightning.com a.pub.network
tagan.adlightning.com
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
14 ssc-cms.33across.com 14 redirects
14 ups.analytics.yahoo.com 10 redirects www.bleepingcomputer.com
us-u.openx.net
13 btlr.sharethrough.com a.pub.network
13 c2shb.ssp.yahoo.com a.pub.network
12 csi.gstatic.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
12 b1sync.zemanta.com 12 redirects
12 match.prod.bidr.io 11 redirects s.amazon-adsystem.com
12 capi-tier-1-us-east-2.connatix.com cd.connatix.com
11 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
11 www.googletagservices.com a.pub.network
googleads.g.doubleclick.net
tagan.adlightning.com
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
10 match.bnmla.com 10 redirects
10 sync.mathtag.com 10 redirects
10 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
10 eus.rubiconproject.com cd.connatix.com
eus.rubiconproject.com
rtb.gumgum.com
s.amazon-adsystem.com
hde.tynt.com
a.pub.network
9 odr.mookie1.com 9 redirects
9 pixel-sync.sitescout.com 9 redirects
9 image2.pubmatic.com 1 redirects ads.pubmatic.com
9 pr-bh.ybp.yahoo.com 4 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
us-u.openx.net
u.openx.net
9 bh.contextweb.com 5 redirects s.amazon-adsystem.com
bh.contextweb.com
9 token.rubiconproject.com 8 redirects eus.rubiconproject.com
9 www.youtube.com www.bleepingcomputer.com
www.youtube.com
8 dt.adsafeprotected.com 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
www.bleepingcomputer.com
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bleepingcomputer.com
8 sync.1rx.io 8 redirects
8 ads.pubmatic.com vid.springserve.com
rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
router.infolinks.com
resources.infolinks.com
a.pub.network
8 sync-tm.everesttech.net www.bleepingcomputer.com
rtb.gumgum.com
ads.pubmatic.com
u.openx.net
ssum-sec.casalemedia.com
8 pixel.advertising.com 8 redirects
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
8 www.gstatic.com www.bleepingcomputer.com
www.youtube.com
googleads.g.doubleclick.net
www.gstatic.com
7 cms-xch-chicago.33across.com hde.tynt.com
de.tynt.com
us-u.openx.net
7 image6.pubmatic.com 3 redirects ads.pubmatic.com
7 stags.bluekai.com 6 redirects www.bleepingcomputer.com
7 rtb.openx.net 6 redirects us-u.openx.net
7 id.rlcdn.com 3 redirects eus.rubiconproject.com
contextual.media.net
us-u.openx.net
7 c.pub.network a.pub.network
7 img.connatix.com www.bleepingcomputer.com
7 www.google.com 2 redirects www.youtube.com
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
6 pm.w55c.net 6 redirects
6 cs.media.net 2 redirects contextual.media.net
6 rtb.mfadsrvr.com 6 redirects
6 cdn.doubleverify.com 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
tagan.adlightning.com
6 resources.infolinks.com tagan.adlightning.com
6 pixel.tapad.com 5 redirects us-u.openx.net
6 ad.turn.com 6 redirects
6 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
6 um.simpli.fi 6 redirects
6 sync.srv.stackadapt.com 6 redirects
6 sync.search.spotxchange.com 4 redirects googleads.g.doubleclick.net
6 ads.adaptv.advertising.com vpaid.springserve.com
6 c.deployads.com a.pub.network
www.bleepingcomputer.com
6 ads.yieldmo.com 1 redirects a.pub.network
sync-amz.ads.yieldmo.com
6 secure.adnxs.com 6 redirects
5 image8.pubmatic.com 5 redirects
5 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 ce.lijit.com 1 redirects ap.lijit.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 px.ads.linkedin.com 4 redirects eus.rubiconproject.com
5 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
5 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
tagan.adlightning.com
5 js-sec.indexww.com a.pub.network
ssum-sec.casalemedia.com
5 a.pub.network www.bleepingcomputer.com
a.pub.network
4 tpsc-ue1.doubleverify.com cdn.doubleverify.com
4 medianet-match.dotomi.com 4 redirects
4 p.adsymptotic.com 2 redirects eb2.3lift.com
4 cdn.districtm.io a.pub.network
cdn.districtm.io
4 cms.quantserve.com 4 redirects
4 gum.criteo.com 1 redirects contextual.media.net
4 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
de.tynt.com
4 p.rfihub.com 4 redirects
4 pubmatic-match.dotomi.com 4 redirects
4 image4.pubmatic.com 2 redirects ads.pubmatic.com
4 idsync.rlcdn.com 1 redirects ads.pubmatic.com
us-u.openx.net
4 pixel.quantserve.com 3 redirects www.bleepingcomputer.com
4 sync.technoratimedia.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 c2shb.pubgw.yahoo.com vpaid.springserve.com
4 cks.connatix.com www.bleepingcomputer.com
4 jnn-pa.googleapis.com www.youtube.com
4 adservice.google.com pagead2.googlesyndication.com
tagan.adlightning.com
4 adservice.google.ca pagead2.googlesyndication.com
tagan.adlightning.com
4 fonts.googleapis.com www.bleepingcomputer.com
googleads.g.doubleclick.net
3 pixel.onaudience.com 3 redirects
3 dis.criteo.com 2 redirects ads.pubmatic.com
3 aa.agkn.com 2 redirects ads.pubmatic.com
3 static.adsafeprotected.com 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
3 sync.ipredictive.com 3 redirects
3 px.owneriq.net 3 redirects
3 loadm.exelator.com 3 redirects
3 ap.lijit.com 2 redirects s.amazon-adsystem.com
3 ad.360yield.com 3 redirects
3 match.deepintent.com rtb.gumgum.com
de.tynt.com
ads.pubmatic.com
3 creativecdn.com 3 redirects
3 cs.emxdgt.com 3 redirects
3 pixel-us-east.rubiconproject.com 3 redirects
3 hbopenbid.pubmatic.com a.pub.network
vpaid.springserve.com
3 vid.springserve.com cd.connatix.com
vpaid.springserve.com
3 secure-assets.rubiconproject.com 3 redirects
3 ssum.casalemedia.com 3 redirects
3 tag.escalated.io ecdn.firstimpression.io
tag.escalated.io
3 s7.addthis.com s9.addthis.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
3 d.pub.network a.pub.network
3 cds.connatix.com www.bleepingcomputer.com
cd.connatix.com
2 ade.googlesyndication.com www.bleepingcomputer.com
2 io.narrative.io 1 redirects www.bleepingcomputer.com
2 simage4.pubmatic.com ads.pubmatic.com
2 c21lg-d.media.net contextual.media.net
2 districtm-match.dotomi.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 ads.avct.cloud 2 redirects
2 rtb.adentifi.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 sync.crwdcntrl.net ssum-sec.casalemedia.com
www.bleepingcomputer.com
2 tags.bluekai.com 1 redirects ads.pubmatic.com
2 event.clientgear.com 1 redirects contextual.media.net
2 hbx.media.net contextual.media.net
2 c.bing.com eb2.3lift.com
2 bttrack.com 1 redirects www.bleepingcomputer.com
2 acdn.adnxs.com a.pub.network
2 tps.doubleverify.com tagan.adlightning.com
2 partners.tremorhub.com googleads.g.doubleclick.net
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 mug.criteo.com www.bleepingcomputer.com
2 fw.adsafeprotected.com 1 redirects 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
2 33across-match.dotomi.com 2 redirects
2 csync.loopme.me 2 redirects
2 sync.resetdigital.co 2 redirects
2 u.openx.net 1 redirects a.pub.network
2 de.tynt.com 1 redirects a.pub.network
2 rt3013.infolinks.com resources.infolinks.com
tagan.adlightning.com
2 pulsepoint-match.dotomi.com 2 redirects
2 pippio.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 sync.sxp.smartclip.net 1 redirects www.bleepingcomputer.com
2 pbs.publishers.tremorhub.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 sync.bfmio.com 1 redirects www.bleepingcomputer.com
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 tlx.3lift.com a.pub.network
2 htlb.casalemedia.com a.pub.network
2 grid.bidswitch.net a.pub.network
2 fastlane.rubiconproject.com a.pub.network
2 prebid.media.net a.pub.network
2 www.reddit.com s9.addthis.com
2 api.floors.dev a.pub.network
2 ad-delivery.net www.bleepingcomputer.com
2 ins.connatix.com cd.connatix.com
2 capi.connatix.com cd.connatix.com
eus.rubiconproject.com
2 z.moatads.com s9.addthis.com
tagan.adlightning.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ad.doubleclick.net www.bleepingcomputer.com
tagan.adlightning.com
1 dmx.us-east-31.districtm.io www.bleepingcomputer.com
1 dmx.us-east-34.districtm.io www.bleepingcomputer.com
1 rtbc-nyc.doubleverify.com cdn.doubleverify.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 bcp.crwdcntrl.net 1 redirects
1 cm.smadex.com 1 redirects
1 cdnjs.cloudflare.com s0.2mdn.net
1 d.agkn.com 1 redirects
1 code.createjs.com s0.2mdn.net
1 s.ad.smaato.net 1 redirects
1 pixel.everesttech.net 1 redirects
1 beacon.walmart.com 1 redirects
1 rtb0.doubleverify.com tagan.adlightning.com
1 cdn.bizibly.com 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
1 api.rlcdn.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 beacon.krxd.net eus.rubiconproject.com
1 check.analytics.rlcdn.com a.pub.network
1 cms-xch.33across.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 sync.extend.tv 1 redirects
1 api.intentiq.com resources.infolinks.com
1 sync1.intentiq.com router.infolinks.com
1 sync.intentiq.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 s.cpx.to router.infolinks.com
1 onetag-sys.com router.infolinks.com
1 hde.tynt.com router.infolinks.com
1 vid-io-cle.springserve.com vpaid.springserve.com
1 bc-ssb-cle.springserve.com vpaid.springserve.com
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 tags.rd.linksynergy.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 s-jsonp.moatads.com www.bleepingcomputer.com
1 tg.socdm.com 1 redirects
1 id5-sync.com cdn.id5-sync.com
1 ssbsync.smartadserver.com 1 redirects
1 jadserve.postrelease.com tagan.adlightning.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 ads.yahoo.com eus.rubiconproject.com
1 ck.connatix.com 1 redirects
1 freestar-d.openx.net a.pub.network
1 ssc.33across.com a.pub.network
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 vpaid.springserve.com cd.connatix.com
1 api-public.addthis.com s9.addthis.com
1 api.btloader.com freestar-io.videoplayerhub.com
1 vid.connatix.com cd.connatix.com
1 geo.privacymanager.io ats.rlcdn.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ats.rlcdn.com a.pub.network
1 btloader.com www.bleepingcomputer.com
1 freestar-io.videoplayerhub.com 1 redirects
1 pghub.io a.pub.network
1 m.addthis.com s9.addthis.com
1 v1.addthisedge.com s9.addthis.com
1 cdn.firstimpression.io ecdn.firstimpression.io
1 widgets.outbrain.com www.bleepingcomputer.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cd.connatix.com 1 redirects
1 static.cloudflareinsights.com www.bleepingcomputer.com
1 s9.addthis.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 googlecm.hit.gemius.pl Failed 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
0 b1sync.z Failed router.infolinks.com
0 sync.inmobi.com Failed s.amazon-adsystem.com
0 usersync.gumgum.com Failed rtb.gumgum.com
899 265
Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-16 -
2022-05-15		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2022-03-19 -
2023-04-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.escalated.io
Go Daddy Secure Certificate Authority - G2		 2022-01-03 -
2023-02-04		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.springserve.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
api.floors.dev
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-04-24 -
2022-07-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2022-08-16		 6 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-03-22 -
2022-06-20		 3 months crt.sh
*.yieldmo.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.deployads.com
Amazon		 2021-06-03 -
2022-07-02		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.intentiq.com
Amazon		 2022-03-20 -
2023-04-17		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
analytics.rlcdn.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
io.bizible.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-30 -
2022-07-05		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-17		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
truffle.bid
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
cms-xch-chicago.33across.com
GTS CA 1D4		 2022-04-02 -
2022-07-01		 3 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh

This page contains 122 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Frame ID: DFFAA708D8791C13ED51615EA3899E8E
Requests: 217 HTTP requests in this frame

Frame: https://cds.connatix.com/p/159756/connatix.playspace.js
Frame ID: 2AFD03477402F9550D41E630120D773F
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jK9a7IoMu5I
Frame ID: A1A1E813B9719E849474B1025501C478
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Frame ID: 693154980CF65DBD8983542C1F571C03
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 19EC33CD9B8141C75174C04DB59A6E84
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B6EEDB7060CA22FE2A80E1890B8AB03F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Frame ID: AB1F67B02A5DCEA76387432045243E32
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1650444326&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907763003&bpp=1&bdt=428&idt=414&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=7213177364871&rume=1&frm=20&pv=1&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=432
Frame ID: 49508CA06B607B3587482C06C1403990
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Frame ID: E6B0410D5D0C852784946D62BDB74607
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: DB0865F31E47A4E3B551ED447A357916
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 6813BD5D46C97278623594A50A74BC15
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: EC20826DA3A83966E2659C049E5E5043
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Frame ID: 30104B489112C6094156FC5F3EE114BA
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7E2737006299897DA9EF4C6853AEE274
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6C548DF76BE9B8DD9A3CC151B935F114
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5B3613E4B35756FAF70C2B68E1514119
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2061459A6B2AFA41144DB1328355C82C
Requests: 5 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: F0DDCAA6AF2E985AD5536801C2BB4A41
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 0A6C1F0EC07D4088B5CCC9150083B2DB
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2C39E90D02B8D1093B6F2877E0C20324
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain
Frame ID: 4968D9D81D745B56A2981E7E783DA1A4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=&gdpr_consent=
Frame ID: A4DAC901ED0C3696AD535CA04D04CF4F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Frame ID: 6BDA98DAB33EAB59FA75C55DE78402BB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kNTI3ZTg2MS00ZWE0LTQxMTEtODUwNy05MTczOTg2YzUzNTc=&gdpr=&gdpr_consent=
Frame ID: FF489D371A82BAE2D75DE689498BA090
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 8A8B0B3E095AC7ADC8D8706B24917E3F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=7aabbd52-0742-4133-a07d-fda9f86dc1fd&t=1653499766
Frame ID: 57EE262603919CDE4903F86260F22461
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A96D140B5F28798085196FFE1C0F7315
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=emx&i=6802119093282668307brt57371650907765473749b6
Frame ID: 2BD52923856348BEAA3F2B4E6F573CA2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YmbadsCo8XsAAIX.z-UAAAAA
Frame ID: 87F061E457FAF098515B676D921A74E4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=j5RTQx45mQtw6eZgZkFZ&pi=gumgum&tc=1
Frame ID: B45522D177A17723159279A1D849483F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C5E072247806C22B913278ECF2ECA26C
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: 4BEFD5B3B1833DE1318C2373C01889C0
Requests: 4 HTTP requests in this frame

Frame: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 571B93A98C5D428E1F4FBDEF4D1CA2EE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKPnY1mvFlAN2Q6DqAAAAAAA&expiration=1650994166&is_secure=true
Frame ID: 4B84AED29867926384EFCA81BD9BC427
Requests: 1 HTTP requests in this frame

Frame: https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
Frame ID: 44AAA4E00D7023B3EC33EB059D631233
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 4B1682E9F4987494449118CEC8B7843A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 8D735ACC1DEAA2F4DCF6967696EB4498
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: D9CB11A3CAFECB4A8E6A15878B7C516D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B61158C49E4CE47DF230C81DE88778E8
Requests: 2 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 3A97998C853823CBDD033B66A4366309
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6802119093282668307&ex=appnexus.com
Frame ID: 9296AC378AFE583D0C5EF04B5CA646D8
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 840F52B6FE5DDB9015F9D43A70142C15
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2632727191946335783295
Frame ID: 63E36EF30FDA20EC683A9623FF6675C6
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Frame ID: 6CE33CA6B80D62ADE68D00C303A46465
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 6802DDF222B3B0F5D3FAEDDE7DC7643B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
Frame ID: 8B8A5C6A0C655DFC41B2ADC0CB7D61AA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADyjE7EzbUAADr2VhfLPg
Frame ID: 193E5AA11C5FB85232E25CC8B195ECBC
Requests: 1 HTTP requests in this frame

Frame: https://sync.springserve.com/usersync?aid=1000010&gdpr=&gdpr_consent=&us_privacy=&uuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Frame ID: 442D911155494BA602EAF7DAC912824E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Frame ID: 1A7F7027A587170C46C5DE33778923B6
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Frame ID: 2FB6EA014B6DF48AB1E5668C9667A2A1
Requests: 9 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Frame ID: 99C0AC8B85B6BD55BFE9554942A15794
Requests: 19 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: D966B1CBB243FD2553DE1BF819FB7A46
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Frame ID: 06EFE2A639F376A55B41BEC0D3CC91D4
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 552B7C085B900D2FB35BE760610A0A62
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 927A7037FCBE87B018963A686F6765AB
Requests: 11 HTTP requests in this frame

Frame: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8C552EBE98EEB999496A1EF76B4605FA
Requests: 3 HTTP requests in this frame

Frame: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA418E77AC3FEBBAA8DBB65C3B228F66
Requests: 26 HTTP requests in this frame

Frame: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FD4CB4FD8D141109C69ABE8604AD4FD2
Requests: 19 HTTP requests in this frame

Frame: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 68AC2E698A5C7E0060D580768664ACAE
Requests: 21 HTTP requests in this frame

Frame: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 688D0D7A718026D4644922A1E02E6D43
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD65wEQ77nsARiPrtmiATAB&v=APEucNXYbGpwwxGd7YdhsttI0KVLiTFqkxu6pH2GAEyotRk106hORVbwCOXU8GcKFkoFAYa3ZXafSo-Q8Couho2qNa7Ng5MWzQ
Frame ID: B1E17490F4ED3A01D599EE279694603E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkpFusnftenbJcjKm5O8m1YfmWU1OnsGyDXiOFEtANl5G13uqKt2Nk5uN2Y966Gxq057Y9aqaBmGcB829U31KoAohud-1oupTPZRgO5Fe-3bxorUFJLtwas7-xsOuhDwckEWdo34UOHFaipmMaxn7jjsr6fw&dbm_d=AKAmf-BPg0YkDbAoOUcWq53JWWCjYnq2E2g0YL-XcBs2G-e4S_VRZKk2ozPi9PkaMtjwjfoLnzpl-euQ5bpd0pyEm1j5qyLegVI6NNT6kLnlcIiUsw-0VPXXPaBVyvEo1F_eczy9glmZ1DQXZsJ-p-ZX2bAT_hTHUXhAuLT7McLEOHY2jtbdg6agzlS7Ecnk9eWh0oI_nBobg9uZxiOR2MxPFeGqM2_oT0FfyGQmBjc49AvhqEvefweUmwtOVGk-L4RItYjNez55-0zJ98k68PO3A2oWBkztLlPJRy9nu4PWc2vXhrg9u0hcibJjiEl_rH0RMreJ4ETc-18l7TgCxF-q6n1vxjgBlrNqCK7fEucfhuswTqkF3It9RGQdxP9hkg7sdbgXF-_KteY92gKCcsR-M2zxCWY-9iZF_Ibi1k7MTb4Ihjlx2FdPBelCrkd7HaD9cLOwSNJPTF6qqjni2jULis9RJlf0biKzpg1bBCXdhYLZW5wiMOeUnYZ80snwB5MtkxMuozVrcZLT8Ay9Ft724flLqsFUaoq-uE1QJYT3XmDk13y7YkSSL1PhzWIRd-C2QKoauEZ0JHAfN7ClmVgG7eNBmN4Xlwigm71JrPj0MGgknulex6mzYdJyeL_8nJ3sT_DIIFyerr_wHj8d57gSwgcovmNMOdKHKSO4bXT_9UuSK3Go6yaOdUFjR2pZzQIt3smj1Oknji6IPGXaIqbR6pqnPTrPghIACDJUe6EZW429AZniDwevXg5iZnohINN-M_lswt_WKeYuZW05l9O4CAG05umbEr8qTmUmxhZbun4h_lGN3FW8BXIXVlJcZfxYdlumdrG2ApdBhEQCIliM5-7zxW3cE0QHYSUOAwnZT1Thk_SJvZGUEoGsoo9S3jS3l7VT1Rfln6AuQ7dIKv2kBphit48Aa5dHn4LlMr0SA6IiC__YCsxjAongdfYB65g4ICcuc2Jnm_NASmoWQzDxAV_axu0Gr_q5qnVdt36Xeu9ActcH1eNO69aB91le93REoNZo3bMXAmyU49Tm3d2j26EHO_N_ObL7AzKO4O8LBC1p_od5T024qG5qvMxuev0X2LFHRZOVS6nf2qEJxxpvhIw2FxrFLJ0Q6auzvTYA1f7z2fJS5EAgtverIGBg1BMnq0bVKKQ-0zMDltcX4SiZBtj-h3hIX5wBE9l9SMeAz4KFH4ZCVIbwvCWijQNSTQ1A5GY9pEsloW1TYdW5eAwiOvNYL0X0HELZJz3y3bvZo_be-X2VWACrpU6vnW7IePoOcV73HLf6pOcnKkhbaRjj8J_XVoMwU_IvpGoC0Qb6syOXw9H5Ea3R8-3L1ktIQzliHybIdx_SqP92ODJ7id_hg2yQ9mXVlZsHCofEE-9tSvha4ynB7txXGTyYgbwwDUE7iPvtTGi36t5Fu0bxZ4MPdXsN8d90p7gJw-SnXqxYcYtd5XjPhm5UO5kjj7L5MM0_L1G28fQfvYfqX1u0exVi0m0JBQORhEyyCrX_ElKlogaAF9umLE56L0P1_5ilB1kidEniGXKrs8E1_fQnjxC0f9XIXtD1qzS8-JKHkqq2cGqisk6uI2jb8BAOloNmYxDPXQXkM_pjF8eUYsVWZEEB41-OYgrmNkWiDEU5MQXysgki9zkqIFR6PqN_t4uWVxUy5VOYNBp12xvyxR0os25Bj25kiWtPvWzAOEPkSEIF45NXLynAuq7nPZ7GZ42uJ3P_6qe8WXf-CY9dVZy8ndBdAgECKdiIEk9fMI6gJ29Jr1oe-dFWIO1fLS2s2Jxr7_BmazkuNjiSF04FOu18Tv8rypwggsvIB35U_U_raJfnJEieZ2eyL-L3DfYqo0kbk9SOiGgu1efyvU8mvnmfFYrckH_ux8yrXb_Od4mrr694jq-vnJv1fPYppQSwLJeXMCJJd5hPP944woK0a-ZHPdbGZF-OVpzsAap-NgFNgz-GHFAWYwS9BB0hmhgSW4DDJtVCQApCocSI0GiQaF8Bf0yqr2JlaAChTcuex-iLcfBIQs2rcRmEiKk19iWVJ5BtvITzLL0oKUpnJNLhTjDBCcEUwhVQk3eQbevv7PIyAb3ZVl8246XCnd_LBABYaho1DMSq5aSGaLKbRkw7rtxrEDiVa6XHBMIVV9u981KKZthfxzFsif0Wheld_TmxWCEbMKTeA-BggwHD42nr5czI2jR4GzEIWhMLo-nO_Vdl2wesYPmwbdc5wDBTwwMKahq-Yon8rnCpt3fH-T2vdcg9YKk97AerpmUcjl-4sQd6TAqB-MZ1p2sw21IrdbE5HaOVvPlKYCaXU_o6tIoEwMzjxm4J5nTNnkFqsBo_9DcDDTCJJlc_yEig2623GeQu8smVjdjL3HRxO0nbLDLIhRTk5ov1mlkT-clNef16zeq0RadwZk8GyzWugcwO7yis6sBYcg3RV-P0XWP0jONsDCoXsEmReO6dqwflx5aHiWJ-PKVXx2a8ycXgWbNx_IsTihpVjm6u3La4BpyfZrtQg4Wa-SpwEtkX8B0CyVWht-MQmzixgFLOd0YdCPwv3XCHKyvBHc_-XTZqPbrjVlvxc0sHrhex37pjpLgVhMhJD0RUUx2LTVEhmjE0NU752_ZLrl8vR8doC7ll5a-4tjqvzbVOAL9x9Z48cSamVvAAlB96epMLBysW_CkyU228uQ_NNeuvV9OOReBlhZu7mBXuYxGh8yNdaKMvaqXLENAgxB_qQ0tDSCKM24Lb-1wTz2RNMi896sR-V6cqmqV0oTO4XyoWDIvP86a1f84qzB5Z42FUvN6WHczVXj_NLypj3ccIJVsElWbDVB2xoiDiTTsLHsnUjKSlIa3zP-LgJMKhpxmlDGhkOOmFdV25X-qX8rpLyVyuYWumOZoWURO6laupBAnUfLLdtyGFXTZK2gap8GiisKgk7e5g-WIIqrh17V9xGBbnFPDEjHyPvOCPwtkZ9OFxi0qVVQa21akqBQ&cid=CAASJORodj2RjjZd0Ol7nnvB-v0Un-xfc64-1_xNCxR_r8b7-c7MFw&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Frame ID: 4078B5EC26C5415A6CB388E5E92E2BF2
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhCb17WdAhj_04y9ATAB&v=APEucNU2klUzrO0oZmRUf2I8HD8F2XtZLnkPTexQZz17CSIOcseR46wfzzyscu_yIxo304D797eWPNv6Nt1Fo_4pVQ6Vfbg0Hw
Frame ID: 6EC86A9535F3307E1FF250115258D3A9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMew9gIQ7P3b8wEYz-yTvAEwAQ&v=APEucNWSEBuN8JX3bYxjgsOmtHlVHOfLj3UKmW6C9TzzNifsdCGnN_ClmfqNcK249Ks4wOLm47oA6dYo0xKiME6AxRjwDOlXQA
Frame ID: 3612C24778F984235E68F17A7C77C50F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQz9TeAhisjOPHATAB&v=APEucNXj0GUSVTcRbpJuUWgSYZMn5FBhNCAXJSIwahsN6KCjwfUK-G0tv2JfkgynK36EM550tyQ41Nh-GEIADB9GCbYTmSnM2g
Frame ID: 93757B0E22D08DC7E2534B95F38BCFAD
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCnlAEQj8-UARjflOi8ATAB&v=APEucNV0l1QXxouiwV2CPdYXTeH2L07ZfhFsVVhCkgfbQXQkgFCRmZ-G1H_QHDaRgMAkurNO1Dzq1Ev9V-_vLQAyFuGfyetj4w
Frame ID: 8815753A093D4E051982484BD457AF3D
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 934F1BEE4DC3C22AB4333845342A35CD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5012CC4AFAA4534A9819FAF66C6971B3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE217FB00C299931E85E8C2A9372B282
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5DA550BF53E73FC24CFF7013902DDDE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B150565E49951D992C82D37EB95DFDD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F98C1D51726F5EF5C3174FE5F21AD707
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 32F5B8ED22425219222288D71D903F19
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1812EE3F4FEF5AFEB097B9278F7FA504
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F633834008C1521410C7EFFC5735B1AD
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.html
Frame ID: 25A3C867A95828394A5ADC46CCDF11A4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1979554762D07013E6A0C6C4BCD738EB
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2647.js
Frame ID: 2B67EDE6FF6F2EC9BA1A9B332491C0B1
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D882237360D593E73410F880BD4AA4FE
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2650.js
Frame ID: 85F2154B4FB434C2B9D7E7164A23A0F9
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C33523572D0C98E848011D1223AABD8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
Frame ID: 8796BCBBE72E86C72968AF0E15CB3AA9
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 509DD6FCF3871749C42FAAE0D28A3A33
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BBFA47B4D89396B23AC7BCC870E67DA3
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 07A0EFB98B2EE6F2F00BC71965E1BD68
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B53D9F7CA71C9586A528BC69B2B0711B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: BB6503A2BB338253E91DFA8BD5C166E9
Requests: 18 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 3F0C11E0E4D648BE9711C83F02794704
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 24E67BF89B33299E1020658457C5B173
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: E17156D80CF1730CB0EA5EEEB2721054
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 42B61EA51DF7D1965F6BCF095EAB040E
Requests: 15 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8AB0B42E0857564D8ECC422D817FE1F1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: FBCBDBC2AA8D7202D657C6BFCAED20CD
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7C809BDBDEBB9645137684ECBE98FA13
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9F2D9E39E5FACD80ACCAB1C1819E1014
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 08B0B5CAAB1896D794811BFD5C535E50
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 57253824E27185071F67DEDD5A342ED5
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A0A8C6FC2897B8909D0129D1AB00A109
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4488D74EDCCDB071267FC874BDEFC51D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3F47FE08442DA7AC986B848E6F586E4C
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077722832939093661455357000V10&ovsid=978477405519839003
Frame ID: 2B8FF1C8A5D802EB85742F14A5489A58
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 9D16C2A92E70F96459CCC7B6A61385B6
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077723592939093661455357000V10&ovsid=978477405519839003
Frame ID: E481A6B612FC75CA36FF7DB100E0F9FA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 116899B2B9746645B0B3251ACE7A7548
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 64ED904039011430AAF541B512DF8F8A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=44e1885e-c4bd-11ec-bdca-6837431987b3
Frame ID: D1F53741C490836FC0F542ABE3E7D7A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Frame ID: D0236AD1B2B3465B9E3C6ACB24C183D5
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Frame ID: 112D0F570071A9D269C3065F6DA10509
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D3837C66D08B9B2BD73164603A7D3B07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=665481160117
Frame ID: EA1708CEA7B18F5F5B50AD44172E5987
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0WJAwHhz1NJ2wI5&gdpr=0&gdpr_consent=
Frame ID: C49CF52E9636EC45141CE5DFE780AB2C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 01B41B0AC3581C1ED342D87E10E1AE30
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7041941671499242023
Frame ID: 7A7C95F8559191886A23DB3685F58F99
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9527fb6-47e9-4397-be30-49f30e5bdb8b-tuct9605ffc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 65C8A38D022A0071AA805AD51CC09B8F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a7f15ab5-7d7b-40ef-b515-ad45de9ccc06
Frame ID: BD9A895088731F6E74F921E8EB1051C9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=p9ElZ9tzCbSsD3XbfNpmYg
Frame ID: 0E8133D04BDD7E5838C87DEEDA3E6098
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E8529F62FE04513713D3D8FCB92F0939
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6cb153d2-e004-48c6-b146-cf2b023e215c
Frame ID: 895162F5C22D354061332D2BB38A20F4
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 8D5D931CCFEBC0DFAE55DA7CDF9B54F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: F36B36B620CEDE0EDB80BFE4B57EDED8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
Frame ID: 5930DDF255E38B76776CE7FA903018CF
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 722C2F7199EBD254355991614C39ABD2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon Web Services fixes container escape in Log4Shell hotfixFacebookTwitterLinkedInRedditHacker NewsEmailFacebookTwitterLinkedInEmail

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

899
Requests

70 %
HTTPS

21 %
IPv6

149
Domains

265
Subdomains

161
IPs

11
Countries

8208 kB
Transfer

22498 kB
Size

299
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 24
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/159756/connatix.playspace.js
Request Chain 73
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 77
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650907763324&ns_c=UTF-8&cv=3.5&c8=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650907763324&ns_c=UTF-8&cv=3.5&c8=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&c9=
Request Chain 87
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 108
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dee458dd6e82741618dfe564baf3b9b43%26pname%3dIndex%26api-tier%3d1%26uid%3d HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dee458dd6e82741618dfe564baf3b9b43%26pname%3DIndex%26api-tier%3D1%26uid%3D&s=190549&C=1 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Index&api-tier=1&uid=YmbacxfUheiJLy59JDCIJwAA%26153
Request Chain 109
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dee458dd6e82741618dfe564baf3b9b43%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid} HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dee458dd6e82741618dfe564baf3b9b43%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Beeswax&api-tier=1&uid=AADyjE7EzbUAADr2VhfLPg
Request Chain 110
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttl=1653499764
Request Chain 111
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dee458dd6e82741618dfe564baf3b9b43%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253dee458dd6e82741618dfe564baf3b9b43%2526pname%253dAppNexus%2526api-tier%253d1%2526uid%253d%2524UID HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=ee458dd6e82741618dfe564baf3b9b43&pname=AppNexus&api-tier=1&uid=6802119093282668307
Request Chain 112
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Request Chain 207
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L2EZUVRD-W-HD2J HTTP 302
  • https://ck.connatix.com/cks?pid=11&uid=L2EZUVRD-W-HD2J HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L2EZUVRD-W-HD2J&UserId=
Request Chain 216
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0MDgxZTM5Yi1jNGJkLTExZWMtYWY3ZS0wYWIyMjk5NTU5NWI%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESELSVbVY0ZYq3zQji5dRM8P8&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELSVbVY0ZYq3zQji5dRM8P8&google_cver=1&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Request Chain 218
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&_origin=1&gdpr=0&gdpr_consent=
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH71Tu3_yy8uOK-cIDWstdA&google_cver=1
Request Chain 230
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=&expires=30
Request Chain 231
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJFWlVWUkQtVy1IRDJK
Request Chain 232
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 233
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2EZUVRD-W-HD2J&sigv=1&esig=2~d9e91b2f52b64069824fc2d3f22c9436797e7d39
Request Chain 235
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2EZUVRD-W-HD2J
Request Chain 236
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=O7vG5fJCQx64Qqq8wFXorg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O7vG5fJCQx64Qqq8wFXorg
Request Chain 284
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307
Request Chain 285
  • https://sync.bfmio.com/syncb?pid=111&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Request Chain 286
  • https://cs.emxdgt.com/um?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnNwcmluZ3NlcnZlLmNvbS91c2Vyc3luYz9haWQ9MTAwMDAwMyZnZHByPSZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9JnV1aWQ9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6802119093282668307&redirect=https://sync.springserve.com/usersync?aid=1000003&gdpr=&gdpr_consent=&us_privacy=&uuid=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnNwcmluZ3NlcnZlLmNvbS91c2Vyc3luYz9haWQ9MTAwMDAwMyZnZHByPSZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9JnV1aWQ9JEVNWFVJRA== HTTP 302
  • https://sync.springserve.com/usersync?aid=1000003&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307brt57371650907765473749b6
Request Chain 287
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=&gdpr_consent=&us_privacy=&uuid=YmbacxfUheiJLy59JDCIJwAA%26153
Request Chain 288
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=&gdpr_consent=&us_privacy=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=&gdpr_consent=&us_privacy=&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b HTTP 302
  • https://sync.springserve.com/usersync?aid=759&uuid=y-uefom4ZE2uHrZO1g2ECefJiohWoJEt32~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Request Chain 289
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000008&gdpr=&gdpr_consent=&us_privacy=&uuid=c406667f-0bc5-470b-93c0-8e6967bf6638
Request Chain 290
  • https://bh.contextweb.com/rtset?gdpr=&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=&gdpr_consent=&us_privacy=&uuid=gbIPVn2xryOu&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=
Request Chain 291
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D&cb=1650907765482 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=&gdpr_consent=&us_privacy=&uuid=OPTOUT
Request Chain 292
  • https://sync.go.sonobi.com/us.gif?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000013&gdpr=&gdpr_consent=&us_privacy=&uuid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
Request Chain 293
  • https://sync.search.spotxchange.com/partner?gdpr=&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=40f82800-c4bd-11ec-80c1-143e1ea80203 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=&gdpr_consent=&us_privacy=&uuid=40f827af-c4bd-11ec-80c1-143e1ea80203
Request Chain 294
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000015&gdpr=&gdpr_consent=&us_privacy=&uuid=a29f4abea21b4738af63eedb066d756e
Request Chain 295
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000016&gdpr=&gdpr_consent=&us_privacy=&uuid=2632727191946335783295
Request Chain 296
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000017&uuid=g1d07c92a55447ed0d01&gdpr=&gdpr_consent=&us_privacy=
Request Chain 297
  • https://ups.analytics.yahoo.com/ups/58518/occ?gdpr=&gdpr_consent= HTTP 302
  • https://sync.springserve.com/usersync?aid=1000019&uuid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
Request Chain 298
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent= HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Request Chain 307
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6802119093282668307
Request Chain 308
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_d527e861-4ea4-4111-8507-9173986c5357&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_d527e861-4ea4-4111-8507-9173986c5357&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4153669688251824763&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Request Chain 309
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%284WKF5K1vrDlWzTfG13N3QdWEl2ulNstIWcsZrxtb2VQx_5huiLKlzjdW0gmtQrsR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%284WKF5K1vrDlWzTfG13N3QdWEl2ulNstIWcsZrxtb2VQx_5huiLKlzjdW0gmtQrsR%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_d527e861-4ea4-4111-8507-9173986c5357&obuid=ENC(4WKF5K1vrDlWzTfG13N3QdWEl2ulNstIWcsZrxtb2VQx_5huiLKlzjdW0gmtQrsR) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=j5RTQx45mQtw6eZgZkFZ&pi=outbrain
Request Chain 310
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=0ae54dc0-9a4f-4cb4-9f37-5e912eb4a5f3
Request Chain 311
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-98484270-4f25-4f2e-70cc-721199c32fd5$ip$149.56.153.185
Request Chain 312
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-q9zk7utE2pe45Yvk6TwB8l6a.LZezyB6Tus6~A
Request Chain 313
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=40f8252e-c4bd-11ec-aad8-9f94043e2d80
Request Chain 314
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://rtb.gumgum.com/usersync?b=snc&i=D990985F6F06492F8EC771FBEE66DEDA
Request Chain 316
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_d527e861-4ea4-4111-8507-9173986c5357&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVNHE2DMLBFDSRTROR3GEMCSJVTFE5TQFU HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVNHE2DMLBFDSRTROR3GEMCSJVTFE5TQFU HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=ZrhlXJ9Fqtvb0RMfRvp-
Request Chain 317
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=d51a365d-3699-41f1-b44c-b622530268ee
Request Chain 318
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1650907765940 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 319
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=gbIPVn2xryOu&ev=1&pid=558355
Request Chain 320
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=306996922530740619&gdpr=0&gdpr_consent=
Request Chain 326
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=&gdpr_consent=
Request Chain 330
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=7aabbd52-0742-4133-a07d-fda9f86dc1fd&t=1653499766
Request Chain 331
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 332
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=emx&i=6802119093282668307brt57371650907765473749b6
Request Chain 333
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YmbadsCo8XsAAIX.z-UAAAAA
Request Chain 334
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=j5RTQx45mQtw6eZgZkFZ&pi=gumgum&tc=1
Request Chain 341
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=3F695155CBEA40AA8059773D874F9164&ex=simpli.fi&status=ok
Request Chain 342
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HALI HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HALI HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ZrhlXJ9Fqtvb0RMfRvp-
Request Chain 349
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=6c4406a7ea6e08e5&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKPnY1mvFlAN2Q6DqAAAAAAA&expiration=1650994166&is_secure=true
Request Chain 356
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6802119093282668307&ex=appnexus.com
Request Chain 357
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 358
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2632727191946335783295
Request Chain 360
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Request Chain 362
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
Request Chain 363
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeWpFN0V6YlVBQURyMlZoZkxQZw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADyjE7EzbUAADr2VhfLPg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=306996922530740619 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADyjE7EzbUAADr2VhfLPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D306996922530740619%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=306996922530740619&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADyjE7EzbUAADr2VhfLPg&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADyjE7EzbUAADr2VhfLPg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D306996922530740619%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=306996922530740619&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADyjE7EzbUAADr2VhfLPg
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 366
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=316060d589f8fdd9275bb3f787c8a3d38e00fd1b03e8b86a225b6916d2af5463791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzMTYwNjBkNTg5ZjhmZGQ5Mjc1YmIzZjc4N2M4YTNkMzhlMDBmZDFiMDNlOGI4NmEyMjViNjkxNmQyYWY1NDYzNzkxNDI2YjU0MTdkY2UyMRAAGgwI9rSbkwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzMTYwNjBkNTg5ZjhmZGQ5Mjc1YmIzZjc4N2M4YTNkMzhlMDBmZDFiMDNlOGI4NmEyMjViNjkxNmQyYWY1NDYzNzkxNDI2YjU0MTdkY2UyMRAAGgwI9rSbkwYSBAgCEABCAEoA&google_gid=CAESEJA7xCm2Koog6sU3vqiiNZc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0859266d-9401-4f88-9783-795890aa92ac
Request Chain 367
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7e9b6266-da75-4600-97fa-93bd39c882d1
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkI4OTY4NUYtM0Y3Ni00OURFLThFRjYtMUI2RUE1RTlDMDhD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKMoe_6mPqCSNtjGbThZYC4&google_cver=1
Request Chain 370
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
Request Chain 371
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 372
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Request Chain 374
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hTk3eopE2uVSufLIdDOgOD1kbdPt5yo-~A&gdpr=0&gdpr_consent=
Request Chain 375
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 378
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L2EZUVRD-W-HD2J HTTP 302
  • https://rtb.gumgum.com/usersync?b=mag&i=L2EZUVRD-W-HD2J
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZE9CS0d6QmNNb1lxM0xmTnNMU2ZQUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEI9aABOsoENVhY0OuGQwMIg&google_cver=1
Request Chain 380
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4cfe5a4237f208e4&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADKJ7lyYFJ8AMND4CsAAAAAAA&expiration=1650994166&nuid=&is_secure=true
Request Chain 381
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%2526gdpr_in_effect%253D%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%2526gdpr_in_effect%253D%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%26gdpr_in_effect%3D%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%26gdpr_in_effect%3D%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr_in_effect=&gdpr_consent=
Request Chain 388
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=aasy8Dv4M_Ny-DT2b6kp9zv4M_ByqzT0ban7vH18
Request Chain 389
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=9622508e9f7a7f72bfce4ab6&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
Request Chain 390
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=L2EZUVRD-W-HD2J&gdpr=0
Request Chain 391
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=6802119093282668307&gdpr=0&gdpr_consent=
Request Chain 393
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
Request Chain 394
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
Request Chain 395
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
Request Chain 396
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Request Chain 399
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6802119093282668307&pn_id=an
Request Chain 400
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=87VZj6HmWIzo5l-J9bdCiKHmWI_otV-L97e34oiB HTTP 302
  • https://ads.yieldmo.com/sync?userid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
Request Chain 401
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Request Chain 402
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Request Chain 403
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=gbIPVn2xryOu&ev=1&pn_id=pp&pid=561118
Request Chain 429
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 432
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=30f99d81433e08e3&is_secure=true&networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKJ7lyYFKMwN8A8PlAAAAAAA&expiration=1650994167&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OJ17dGrOencjzn1yPp9gc2rOenQjnX1wPJ_NIuXW HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Request Chain 433
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=6802119093282668307
Request Chain 434
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=d64fcb21-a18e-436e-b983-798e1e430120
Request Chain 435
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
Request Chain 436
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1650907767103 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
Request Chain 438
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/tplift?uid=2632727191946335783295
Request Chain 439
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/sonobi-usync?uid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
Request Chain 440
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.bleepingcomputer.com%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F&pid=12306&adnxs_uid=$UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&pid=12306&adnxs_uid=6802119093282668307
Request Chain 441
  • https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D HTTP 302
  • https://router.infolinks.com/dyn/earn-usync?uid=A7722154196437862207
Request Chain 442
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=d51a365d-3699-41f1-b44c-b622530268ee&partner_id=1531
Request Chain 443
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-d0n6SOZE2uF4j36JO_SVFIvHZ_nkPzKL~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Request Chain 444
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://match.bnmla.com/usersync?dspid=1&uuid=gbIPVn2xryOu&ev=1&us_privacy=${us_privacy}&pid=558752 HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=3F695155CBEA40AA8059773D874F9164 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=D990985F6F06492F8EC771FBEE66DEDA HTTP 302
  • https://sync.resetdigital.co/csync?pid=12&redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D162%26uuid%3DBUYER_USER_ID HTTP 302
  • https://match.bnmla.com/usersync?dspid=162&uuid=000000AA229FB4C1 HTTP 302
  • https://ce.lijit.com/merge?pid=278625&3pid=&us_privacy=0&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D175%26uuid%3D%5BSOVRNID%5D HTTP 302
  • https://match.bnmla.com/usersync?dspid=175&uuid=9622508e9f7a7f72bfce4ab6 HTTP 302
  • https://csync.loopme.me/?redirect=%20https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D181%26uuid%3D%5BUUID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=181&uuid=%5BUUID%5D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160379&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D19%26uuid%3D
Request Chain 445
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=9622508e9f7a7f72bfce4ab6
Request Chain 446
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=21e3704c62b08e4&is_secure=true&networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKVTL6Rgv1QM6PHKcAAAAAAA&expiration=1650994167&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Request Chain 447
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=978477405519839003
Request Chain 448
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP 302
  • https://router.infolinks.com/dyn/33a-usync?uid=2051871529581
Request Chain 449
  • https://router.infolinks.com/dyn/iq-usync HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=OPTOUT&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=d64fcb21-a18e-436e-b983-798e1e430120 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=OPTOUT&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=d64fcb21-a18e-436e-b983-798e1e430120&ckls=true&ci=1rdZ0F89h1&nc=false&trid=-999818362
Request Chain 452
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&expiration=1653499767&gdpr=0&gdpr_consent=
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1
Request Chain 455
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YmbacxfUheiJLy59JDCIJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Request Chain 456
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7041941671499242023&uid=Q7041941671499242023&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7041941671499242023
Request Chain 457
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=27b6829a-ef84-40d1-9931-2a14adc348f5
Request Chain 459
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
Request Chain 466
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 467
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33across%26bsw_param%3Df367a548-43b2-4ca6-9e67-1de5d4a782b6%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=3158d42f5b874679b55b310eac5de4cb&ssp=the33across&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3Df367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Request Chain 468
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907767566.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Request Chain 469
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-4XVfXFBE2uHikkx354T99Jos.i7kxaj5~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-4XVfXFBE2uHikkx354T99Jos.i7kxaj5%7EA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 470
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5190f3ee699808e5&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKJ7lyYFKZAMlOmreAAAAAAA&expiration=1650994167&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKJ7lyYFKZAMlOmreAAAAAAA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 471
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1653499767%26external_user_id%3D7aabbd52-0742-4133-a07d-fda9f86dc1fd HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653499767&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Request Chain 479
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L2EZUVRD-W-HD2J HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L2EZUVRD-W-HD2J HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L2EZUVRD-W-HD2J&ts=1650907768&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 523
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uB8VUFGtbe-WfsnQ4IosRA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2182880639564062749
Request Chain 524
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Request Chain 525
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L2EZUVRD-W-HD2J&ex=d-rubiconproject.com&status=ok
Request Chain 526
  • https://pixel.rubiconproject.com/token?pid=27384 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L2EZUVRD-W-HD2J
Request Chain 527
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7e9b6266-da75-4600-97fa-93bd39c882d1&expires=28
Request Chain 528
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3F695155CBEA40AA8059773D874F9164&expires=365
Request Chain 529
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4146191290397438279&expires=60&gdpr=&gdpr_consent=
Request Chain 530
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=40f8252e-c4bd-11ec-aad8-9f94043e2d80&expires=30
Request Chain 541
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=hygefnx3aGFsMXQwV2xyeExacm5OOU16Y29hSE5iZzc2dnNNMDNzaTdLL0xJbjVXSmpzdG9kdTFaRkVGRisxV0YvMXJ1VlNhOXljQ0RHa2R4Z2p0R2djUnRmNDhHZER3VGYzc1BlbHlObDZkYnVQMVI3K3hRYmlhYWZ6Z3NtNzhXeUlobTNCaWhReHl6SmZDamNpcFMvcUowR28rOWVsWTI1cXlIOERyYVRwb2V2enlWdGdOamx3Z0Y4MnplbmR0cjZhWjd2cnFyQlV1V2t6ZStpNFJieDhpTU83WFp3RDhBVjhWdThadXg5bzBhZGhMcUpWR2RzVVdBQk01MTd5QWVVOHFNfA&cppv=2
Request Chain 545
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Request Chain 546
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmbacxfUheiJLy59JDCIJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Request Chain 547
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
Request Chain 548
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
Request Chain 551
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Request Chain 552
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmbacxfUheiJLy59JDCIJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Request Chain 553
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
Request Chain 554
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
Request Chain 555
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
Request Chain 556
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFiNzNhN2EtN2IyZC0yYTQ2LWVkYWMtMTRjNTJjMDY2YWQ1
Request Chain 557
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIykEnjm3-l2wAWYN9ksojs&google_cver=1
Request Chain 558
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDJhMTNkYmMtZmY2Yi00NzQ0LTlhMTMtNjBmNWMzMjJlZjNj
Request Chain 559
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
Request Chain 560
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
Request Chain 561
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
Request Chain 562
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
Request Chain 563
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
Request Chain 564
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
Request Chain 566
  • https://fw.adsafeprotected.com/rfw/bgd/691104/54013511/xbbe/creative/adj?p=APEucNUCTSBOfFfMl-UztwXSLzrKdOEx64Nx88FzdzL4F1pBuVJKfaY&d=CokBAKAmf-AnP4yHRJR37Yot8g3NhCvB7icdaCBzfMr7n4ZvcsXSDqTV3Qb-P0ivXlyMZqYdPuH70HmFg6CyyTwZjl3crmBC6umLN9B9ieimLWaO7fmBwd9yX2RmDSHn5JsvnR6jvgCa-CESaqV98L3MCdSpbB-usdyYlu0hDBCVSCwEpLKvoomFbNgSuRMAoCZ_4LAySosgdjPSJm6Fcq3bPtllAAaDB-QGXGqGpfCPdQG0DU9ogekDx4OcruOTgQFqRwNKdMVS-9a7eZYx2apOQIGHAl28IrWuz3dT2x3YhL-qrbzsPotHvb4HlOxW8nIh1gGUSVXNzwWVRf066uFggDXAbneRVaSihdajvb8450i6aWiGRKveY1GfI0IBIwXEBA-YPlgoTuU1348I_TsJr8TD0a4bqGvibE9qqZ4jKHOX4beddLvm0LlCJ_dMClYFKcG4Va_ZxPYaqSgeef1z0AP6KW5ZSO-QmKbxHqhniNScSSKDF86B9FoykTREc8RKwlsAaPWWNEoua2e7A1ngvAdUQap2i1l5pQzpDWt5aVYhJGI98BGh7VP5hnR41rP1cH1jUYxAzawv_JeQfN4vfJmhAkATKdcfBIZNtmtZUP58xUbhrVpyyHGNiyaoe_SnHk2DB1zkRqR7zp9GS9licxXPHKwnQ8V2gFJNgA3ZLup79Waxh43UAjwsDSQFzxFsgT7nmwVTX2H67wLl91qM8QdOsDVOvnRtmJW-dj1LJoZJQCuno1FMAlQs7zSM0jVN6JbyV9P8IcgPdl4rRakowvbx-Qdf6YQc8Uk79z9o55cf9nI6L6bAIHwDw5NgEDnrdVo3ys33aaOLzPulRlp11OlvpNuotkXFB6VMmFJB1Tk59w3rlOBjpclPzt1X9u0Q3lKdU9suIAcw-KqNSM1grWa5Rd0BiH1autmbzZC8AnH1VXp04xkP7AyPOcK61u3ohyShT705x8EXGcE_u-1tmajEu5OShuRv2Hje36ZeZE_RMoDkCKGA-ruXZm8IPRjBReGINe3Dyy-4U37f5PZyTxC_UeNfJjSpyRFU6P-vlbwEMt1gQy5vOWkrZP_8K-g1ycv6MtlsbWPc9QtL9B33pGwOyCXMeXLI8ds9SMOKgRWSk76GKKs--Q4IWmodCFucmx4jFxOsCmJ4lJmsSNx7qRuvWfMxWptg-lz4ttOsGvrYIb_-UTgvNviCc5P1jF89jkCt2JeuVJ44wjt4JgELo7DSGDkJ6OnIM94k6jYL3Pbd3LQRCCv70zt7eaO9haX307q00leLWU2s4UT_cBb32BRd_VKxyEtc7vMY0WnaSPJzlKcu9thy3s6GOhxhz7H5RTmIKT-vWn8lJwXeVZb_lgbr-PGOJS64rWQIetZYUvL5WUNG3dQGUGjy6Kq04JB1fdNFvBNRqhqY0lPKOFshwMwowDQY2zoPrroYtszYrHWEoaDueA3Y26AqUaPDrtWs-lvxrFvdmPtrp7a_mcoQ66qVaq5aAU_Gue4L32OQTxh-ht6nKvgL7XGKQts4kP62MZqVdo-r_fQzR0zF71OIEkAZM3Hg2I1bONchZ9qcMTVFiz6r5vx5VFEH06MlcNAGw4YY-CiAWSWD_ZVx1jQ6ZLjUhliWtaQUuKjJa-EPOqgZZgKdjbvB5mWuSbQm0OCXJET8AVOn1o3vvlVt_1xtLzbjvC4oxxPZ1ZnNDTkqtgsJoGdmkOCA1_17Y7nUPmUxLxDo8d9iW9mEdAr3Wxbs5bAHlgKC0SAwT2tW090atnLIGGnkUv27XVJ__Lc2cKoVK0nOAHbbOOR85UcmfZthoaOXjAWnFaIDdc0wo79ypFxdpv6OhE-OSKAbFeCzyQ14YehoV9ve7VRmKnzA5HZGNsjlnldC0DuboZeYseJ8RRWkRCBpC2ZSQyWyjpVbLX8tQo2DAknlcKAoG1RTI9fsRcfjTkMD-Azl2RbSylAjAFOQgFDJUget6OkK9RE8EzVLe0hQXkzgQ52UTPZmoZ0TDTj7qytHpB4tUb6j0IaYtstOGYLX3RcCBP_--VLVaYj1vZ7EmhnHqulfUdkZWtxVA3LGRHB-_fZ5WdeaKVJ0IcNvNfFBpjTQY7NXLu48lYfEuIXJV6lQZbSitfXbXUuGB8U1eD0pL2c6cJ_9nylmY08E4JhkRanyjYFgdkiNVwBAXrVpRe2PBUEQun4jRo4yJ10ltwIdWTdhHnLDHwzanbizsv9Q98FN45aVyJ4YrMMOlCGJ-WZ4g9hEnKkPNrHnfeQZQUGKttxhS7IJ811veygPl3CWtvWxfskLq9KaCDLjTJDzUoRnIpejbcKN3YtPv9nJSrFMn-J5OJZJrNhVC9rRxFFJ9QzUJUE1yGU8CFZQrkTjm495bKnoVn_--g0wEkZFn3T7F4F9KD_aHbtORC02OzuxKXj7kcrVloA2Ylb4E3NlMXt0hmDr3EWw0LIhsDLkaSwGCK8JK4MX_Ww_WhlEP_C_ZIgrQ38gep4DgVguhTvTul_dHXj_mM8jge6qpLPPAYAR7Hed7oJ7lJXYqrl_j2r_0CREMFJch5kE0kYddqY0veUUkVRcL71hanaLX3XkTFf3lIswLbW7wWE3prXvViv4KH09xoizfRvGdz0GPWjjLJXLfAMjNFY9jIkV0hsbub1dK9knvWC2Ext0T2d_adBEF4XKQLy0Qr3-d8bFlVKIFVITE7X7fQe1_cNb0m1bwh1yMVEhXHlcVVTwyuHd0-UYbWQbj0fGrqeW8-0_M_opv4gSxfidWN6DI00ypq3PKm4_mjaqjQPQBFe3KJdta6JNLyr7eSxfTCtPbrh_IEb7Clmt3kkgiz0y2pyDK7lmy0xnGdGlZEdybXZZbnf-W02V2lKO68xCrr4t4CsUKMgXqE7J_1Mae9tEd41j5ZWV_NR2gLn3Ky55qWgkWgvKYEKZFGWZ20tbRFI0xm96sHJX1GURu7PXqSKoiIwByNedLP9pyYrYLhylHiK8N4yy05LsNeoRZboYytASQvZEg7mm6l1hSLsBW6h4F9cKD83B40d__zgJhcv9_YEviNbDTACyQ0uTq_rLBPKKuMGx4_no4IwtuZDI4LDoOdaG-Btw2L4al9KhaZbAup4HHpuaw3PAiwj5-en9NUr26ELH4kJE8Xfb_dMQxd4md-5sreY0OII-eTZu2zBCsbsDQ9vFLqF73qHzhwcfvNTyBZRqkTKBRCLc507rsAEQLzSZlhF5nBui3LznYtXxdHKHGUSpqNLptTIcDxVhoNDgLaGB54k4ki76K9rk_2T7B6dgG7kagcFHLRZhOagOO1XtyeIvUluaP4qLdyLdsakby3wnyWMlUfgWme7EOHV7qSPdX0mssxNRmQqyyr6L3kWt1b8Fm17HsmNs0Y-CB7QC8bvOtH-MbVAmUTfG3RyFSDpN4OFgseRp-nUMQZ4sG_F3ht7_QHiNE6eT8QcUeVbLQMAW_TwLsY8PCMTaCmUqvi7XcHohOnR1hDOChMl0VUJ7Oxm1D7SuqhooCAASJORodj2RjjZd0Ol7nnvB-v0Un-xfc64-1_xNCxR_r8b7-c7MF2AB&cry=1&adsafe_url=https%3A%2F%2Fwww.bleepingcomputer.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.bleepingcomputer.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:494e4c86-a31e-0844-2f58-ac8672b396bc,c:aOQ8ex,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bcf4f657b-b6xm8,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:427acdb0-c4bd-11ec-972e-d6416b78610d,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_728x90.js
Request Chain 607
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPKUpAM9LOHfYouGF7zCN_qxxoj5jPdesu2sEiVmM0VFSmISVU5swQLkn6_dw-tfrWc7tQhczG6JPl8lLhKojpSS33pcaFFk HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKUpAM9LOHfYouGF7zCN_qxxoj5jPdesu2sEiVmM0VFSmISVU5swQLkn6_dw-tfrWc7tQhczG6JPl8lLhKojpSS33pcaFFk&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Request Chain 608
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEOk3Wv9ioh8o3VaAMpqh0lY&google_cver=1&google_push=AYg5qPKo31RtT_LgVLYjtL49ctQ2EL6LWTCWTlVnrto-bcEut1CcPkMr68vbvpLiSbe1JwTRApdKS5Wbnhb8_BA7IM2XUOhsitZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKo31RtT_LgVLYjtL49ctQ2EL6LWTCWTlVnrto-bcEut1CcPkMr68vbvpLiSbe1JwTRApdKS5Wbnhb8_BA7IM2XUOhsitZA&google_hm=MTA1OTc2MDMyNDQ3NjIxNjQ5NzU
Request Chain 609
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPIfqVzoXsyK3ipwHJKRq7IJXQXmmR2MqskrMCjs0N0d5h5hvevzWBtFAGqBveX_SDD41Y1xFsbD0v68_Jx_hONhSVmeGh2D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfqVzoXsyK3ipwHJKRq7IJXQXmmR2MqskrMCjs0N0d5h5hvevzWBtFAGqBveX_SDD41Y1xFsbD0v68_Jx_hONhSVmeGh2D&google_hm=Io5jjBvczcweOALLNf2eDw==
Request Chain 610
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEB2ywMX0khGdT_hz_B2uH_Y&google_cver=1&google_push=AYg5qPKMDn2_SVQavN233-_xlWsEISjQCHGL2yPjaTMCZslb4bzr6QP9sskm1k-52stiWd1Ah2iZMJ-9wroP9ZPNwwTIzCvfDQY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Request Chain 611
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1
Request Chain 612
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOkyWvzkZhngW9ZpDwWZWlU&google_cver=1&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Request Chain 615
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPK40YeWzSlPjaKRzmTMsIqJA4BUAaCuzKFp-XcmG4vXw80w9yDkvLxOLLvv0RF4itEQI-PpfUY58hScPvIwD7vAtswnMRU1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPK40YeWzSlPjaKRzmTMsIqJA4BUAaCuzKFp-XcmG4vXw80w9yDkvLxOLLvv0RF4itEQI-PpfUY58hScPvIwD7vAtswnMRU1&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Request Chain 616
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESED_8OFqnjAr13ZiCvgzbIBM&google_cver=1&google_push=AYg5qPL5ZkTPwzF-5USDm7qCOLkOVTMvN_rBMoOG1QApYLwvja8KGxoAthO8DxOwkKyRkVIYkCAfYpEY7X9Ld2dRBrpLH6Yg7eTl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aGdDc2E-zjlMOdKUX_itJ4&tap=gAds&google_gid=CAESED_8OFqnjAr13ZiCvgzbIBM&google_cver=1&google_push=AYg5qPL5ZkTPwzF-5USDm7qCOLkOVTMvN_rBMoOG1QApYLwvja8KGxoAthO8DxOwkKyRkVIYkCAfYpEY7X9Ld2dRBrpLH6Yg7eTl
Request Chain 617
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECzWvMMOWQBBubCmOkc0kOw&google_push=AYg5qPKA534n7A4dMlcsDXq4S_skxsc5nL7b90LHfAv4h8pa2csCjlSW91TR5KYWN66c7l6Y8VKEqQoYZ1vECieDfANOdwyr1UkF&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPKA534n7A4dMlcsDXq4S_skxsc5nL7b90LHfAv4h8pa2csCjlSW91TR5KYWN66c7l6Y8VKEqQoYZ1vECieDfANOdwyr1UkF&google_hm=MTA2MDMwMjE2MzY3NjY4MTY0NTY
Request Chain 618
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEOk3Wv9ioh8o3VaAMpqh0lY&google_cver=1&google_push=AYg5qPKrek7Y5YamHwFWnylJTgTEB0Pbn-Yht0EIcI4MRjA8m1mQgGUl1R76yVvaCVOyAdr1RQIzL15n2adv0s3oZDIWy24FpauU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKrek7Y5YamHwFWnylJTgTEB0Pbn-Yht0EIcI4MRjA8m1mQgGUl1R76yVvaCVOyAdr1RQIzL15n2adv0s3oZDIWy24FpauU&google_hm=MTA2MDM2NTQ5NTUzNzYwNTQ2NTM
Request Chain 619
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPL7CsKh5TxwdDY7UX4joLA0yUWgKOAkcvh9wR2L2Y3S5PdWfHco9cHmLdKFSuIuiAr8VUwSRXk93QMv03zWr5UNwfFRdb2k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL7CsKh5TxwdDY7UX4joLA0yUWgKOAkcvh9wR2L2Y3S5PdWfHco9cHmLdKFSuIuiAr8VUwSRXk93QMv03zWr5UNwfFRdb2k&google_hm=Io5jjBvczcweOALLNf2eDw==
Request Chain 620
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECbkxb5E6DiHDa_wD8Ah9Ao&google_cver=1&google_push=AYg5qPJdsGV2EEReX-JdyRxYpH5KdfC3unh3UPE9_7dFaDJZ0UV35JzAHqXBH9tj5n30p7zOpyGsVhM0msbQ-xniTJ_5rfBRiy-K HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdsGV2EEReX-JdyRxYpH5KdfC3unh3UPE9_7dFaDJZ0UV35JzAHqXBH9tj5n30p7zOpyGsVhM0msbQ-xniTJ_5rfBRiy-K
Request Chain 621
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1
Request Chain 624
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLMLZwK3RGGnBmeFmLacf_a1EKAHvm5KdJrcfoPOhViLGEclFAmAzH2sEo-EGaUTgnF66hHdcVAuo_MfKyLSWL8Uqt4gl8&google_gid=CAESEEyl7N610_NO-7lQphTKnUQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1iYWVnQUFBT3I0dHlSSQ&google_push=AYg5qPLMLZwK3RGGnBmeFmLacf_a1EKAHvm5KdJrcfoPOhViLGEclFAmAzH2sEo-EGaUTgnF66hHdcVAuo_MfKyLSWL8Uqt4gl8
Request Chain 625
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHIxtuwuSFLoL7lcPy5Fj58&google_cver=1&google_push=AYg5qPJEGfoxl4SUlI6KZ5VE6I6zHBiyIqZ2VsQ_duHOL02up7UhEnR0dcYFUKMfCSmGDgUofW9inkVVZwb8cX08ceD8s44cnOaL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHIxtuwuSFLoL7lcPy5Fj58&google_push=AYg5qPJEGfoxl4SUlI6KZ5VE6I6zHBiyIqZ2VsQ_duHOL02up7UhEnR0dcYFUKMfCSmGDgUofW9inkVVZwb8cX08ceD8s44cnOaL
Request Chain 626
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIY-q9kX4S38Ap6TQ5vVeYI&google_cver=1&google_push=AYg5qPL3GX0t6UK72d_0VL6cP7ByPOYBydy_S8e2CWRpMjT-mDSutlhurEXWIgBy4tixuPWwD71VSSClM_m7IaNMV2U1uPzd5JeT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tu5kQtpPT2W6E6utJRW_w2Jm2nY
Request Chain 627
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg
Request Chain 628
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECsIJ_xGJ0aObg-W6NjcJFY&google_cver=1&google_push=AYg5qPK6ArBhJuoH4e-Yr6DIGiaLz5-MffEFcEOQhqThgsRIJ3P84_uzThsYGpNXu4PgTnBgpb2KGPcZsKwXWAa6IenzKQRofXo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6ArBhJuoH4e-Yr6DIGiaLz5-MffEFcEOQhqThgsRIJ3P84_uzThsYGpNXu4PgTnBgpb2KGPcZsKwXWAa6IenzKQRofXo
Request Chain 629
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEK-ougINWnh8zeWD00SPJeI&google_cver=1&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESEK-ougINWnh8zeWD00SPJeI%26google_cver%3D1%26google_push%3DAYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://rtb2-useast.torchad.com/sync?adkuid=A7722154196437862207&exchange=309&google_gid=CAESEK-ougINWnh8zeWD00SPJeI&google_cver=1&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI
Request Chain 639
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPKU-sPAFFh8NImUh0UJYxXEI0ZsB8v6OYtqhyqBRgElFtP9aksJypl7qoCsYOYw4S27Qifvpaa_8B8QQUWeBq5RpaxFitlE HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKU-sPAFFh8NImUh0UJYxXEI0ZsB8v6OYtqhyqBRgElFtP9aksJypl7qoCsYOYw4S27Qifvpaa_8B8QQUWeBq5RpaxFitlE&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Request Chain 640
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLUFFpa_WQH4clmy9Zf1LmYCG2u9EKclswjJx0FWsfXPm6Ws8QLfTxKXTDcO3Qi1N6Z6M8tizIvaLgC5jjqXhRr9RsTWgtr&google_gid=CAESEFGhn27Xw8wiqWV92VMTrEs&google_cver=1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2lOMHR4VlduN0tfcHY4azdhLUNDbTBSVWx5Nk5LYm10c1c2NUVaN0tlcw==&google_push
Request Chain 641
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPJBNzB8vy5EJXHge0kBF68pkiGOS0TG6clDDr_2LedLGtDGVsTF_YvI-2oZVDONCY-uNsTCVr4ed3yhRSDUjI2jUSQm-sqt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJBNzB8vy5EJXHge0kBF68pkiGOS0TG6clDDr_2LedLGtDGVsTF_YvI-2oZVDONCY-uNsTCVr4ed3yhRSDUjI2jUSQm-sqt&google_hm=Io5jjBvczcweOALLNf2eDw==
Request Chain 642
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECbkxb5E6DiHDa_wD8Ah9Ao&google_cver=1&google_push=AYg5qPLnnscUYdnHpmjnUB1JbLWeNEeSGDbiH8H4QYh94r8RyXfQAdGG4FEiT5gU4TynN98HRLvpJ0xOPJJfDdxZ-11RJ4tMrFE- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLnnscUYdnHpmjnUB1JbLWeNEeSGDbiH8H4QYh94r8RyXfQAdGG4FEiT5gU4TynN98HRLvpJ0xOPJJfDdxZ-11RJ4tMrFE-
Request Chain 643
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEB2ywMX0khGdT_hz_B2uH_Y&google_cver=1&google_push=AYg5qPLqvtuVakuF05X6cjAYV1tETLVPp9P7rRsWnfTgUrVGGfFjVE15Sv4870CmEoxQdE_LPaTa7uvLq4Aa1cYo8uS8C7TY6sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Request Chain 644
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg
Request Chain 645
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOkyWvzkZhngW9ZpDwWZWlU&google_cver=1&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Request Chain 676
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPIisArPl4-Zc6eo00lCNbmng5sAlzP4l2JSEdcg39CCyMF19rKlL3r8HK7IGn8cU8_XZSUj9oMePWTeUOWDe3eAY61IHgzWRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPIisArPl4-Zc6eo00lCNbmng5sAlzP4l2JSEdcg39CCyMF19rKlL3r8HK7IGn8cU8_XZSUj9oMePWTeUOWDe3eAY61IHgzWRw&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Request Chain 677
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJ5hSS57UMjSImNjYlQBLXY&google_cver=1&google_push=AYg5qPI2QCGonZ2voU7kckH4y3vBeaNYBUSlWM5QvtXbsTzGA66f3Y2KAssYMAS4edy4oO4EgOCAHQJSApU7p3xaVdYlfsF-bhID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI2QCGonZ2voU7kckH4y3vBeaNYBUSlWM5QvtXbsTzGA66f3Y2KAssYMAS4edy4oO4EgOCAHQJSApU7p3xaVdYlfsF-bhID&google_hm=Q0FFU0VKNWhTUzU3VU1qU0ltTmpZbFFCTFhZ
Request Chain 678
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPKUF19C2cOS4N6iuOa4jWLe1wgAgAHKIsEdG0gsDgqgImqW_jGSMG5GjwnReNdTrnD2Oe3ZHChkKNh_UKgR0SFOQxVscgbdyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKUF19C2cOS4N6iuOa4jWLe1wgAgAHKIsEdG0gsDgqgImqW_jGSMG5GjwnReNdTrnD2Oe3ZHChkKNh_UKgR0SFOQxVscgbdyw&google_hm=Io5jjBvczcweOALLNf2eDw==
Request Chain 679
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECbkxb5E6DiHDa_wD8Ah9Ao&google_cver=1&google_push=AYg5qPJWcodrxXPi33dD4TsyQ0_eNzukrjsTV6Qq_V47EVZplhchqQNkUjm1Sycug5xp8SmanX2AkW1WoS7TPQo4Hf-KPoFs_4uaCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJWcodrxXPi33dD4TsyQ0_eNzukrjsTV6Qq_V47EVZplhchqQNkUjm1Sycug5xp8SmanX2AkW1WoS7TPQo4Hf-KPoFs_4uaCw
Request Chain 680
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEB2ywMX0khGdT_hz_B2uH_Y&google_cver=1&google_push=AYg5qPL606SBAYKiOaotv1LDjrbLCZVWWYO7XHp924w5gxoulO7VL9CJKeR8Q6ksQC6IHFSitweZ_mwEr9iFGCGv2FS6C14Cfol1XA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Request Chain 681
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q
Request Chain 682
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOkyWvzkZhngW9ZpDwWZWlU&google_cver=1&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Request Chain 714
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Request Chain 725
  • https://ups.analytics.yahoo.com/ups/58423/occ HTTP 302
  • https://c.deployads.com/cs/VRZN?b=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
Request Chain 726
  • https://ad.turn.com/r/cs?pid=56 HTTP 302
  • https://c.deployads.com/cs/AMOB?b=4146191290397438279
Request Chain 728
  • https://ssc-cms.33across.com/ps/?ri=0013300001cFpYHAA0&ru=https%3A%2F%2Fc.deployads.com%2Fcs%2FACRS%3Fb%3D33XUSERID33X HTTP 302
  • https://c.deployads.com/cs/ACRS?b=2051871529581
Request Chain 729
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f367a548-43b2-4ca6-9e67-1de5d4a782b6&ssp=themediagrid&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603021636766816456&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dthemediagrid%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=62c5f73e-003c-4737-b163-4ba2cdd1040e&ssp=themediagrid&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 730
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%26partner_url%3Dhttps%253A%252F%252Fc.deployads.com%252Fcs%252Fcent%253Fb%253D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%2526gdpr%253D%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://c.deployads.com/cs/cent?b=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Request Chain 732
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
Request Chain 733
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 734
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 735
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
Request Chain 736
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=be5235e71624be0fdc2b5fd3a8e6a8a7
Request Chain 737
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2632727191946335783295?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
Request Chain 738
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2632727191946335783295&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=63f747aa-00e2-48e6-a26e-a0af68ff62cf&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 741
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJZGQ3CYJI4UM4LUOZRDAUSNMZJHM4BN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJZGQ3CYJI4UM4LUOZRDAUSNMZJHM4BN HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
Request Chain 742
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
Request Chain 743
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 744
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 745
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
Request Chain 746
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=ae70048061a598ccbffb5853fb3294e4
Request Chain 747
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2632727191946335783295?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
Request Chain 748
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2632727191946335783295&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=858da0a0-76d4-474e-963a-590376490cd9&expires=10&ssp=triplelift&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 751
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJZGQ3CYJI4UM4LUOZRDAUSNMZJHM4BN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJZGQ3CYJI4UM4LUOZRDAUSNMZJHM4BN HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
Request Chain 754
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Request Chain 755
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d
Request Chain 756
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
Request Chain 758
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 759
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YmbagwALH7wGxwA- HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmbagwALH7wGxwA-&_test=YmbagwALH7wGxwA-
Request Chain 761
  • https://match.adsrvr.org/track/cmf/openx?oxid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
Request Chain 763
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
Request Chain 766
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 769
  • https://match.adsrvr.org/track/cmf/openx?oxid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
Request Chain 771
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
Request Chain 778
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Drkt%26refUrl%3D%26vid%3D09077722832939093661455357000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077722832939093661455357000V10&ovsid=978477405519839003
Request Chain 779
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dcon%26refUrl%3D%26vid%3D09077722832939093661455357000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=9897b49c75208e6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dcon%26refUrl%3D%26vid%3D09077722832939093661455357000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077722832939093661455357000V10&ovsid=AAADKPnY1mvHQAMHz2xHAAAAAAA&expiration=1650994172&is_secure=true
Request Chain 780
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dmma%26refUrl%3D%26vid%3D09077722832939093661455357000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077722832939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
Request Chain 781
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkzOTA5MzY2MTQ1NTM1NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
Request Chain 782
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077722832939093661455357000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077722832939093661455357000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077722832939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
Request Chain 783
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=8f8c55da-e4cc-4dd9-8169-ba51bd19ddfd
Request Chain 784
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=f367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 302
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Request Chain 785
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dzem%26refUrl%3D%26vid%3D09077722832939093661455357000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HALJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDSMBXG43TEMRYGMZDSMZZGA4TGNRWGE2DKNJTGU3TAMBQKYYTAJTWONUWIPJSHEZTSMBZGM3DMMJUGU2TGNJXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HALJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDSMBXG43TEMRYGMZDSMZZGA4TGNRWGE2DKNJTGU3TAMBQKYYTAJTWONUWIPJSHEZTSMBZGM3DMMJUGU2TGNJXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077722832939093661455357000V10&vsid=2939093661455357000V10
Request Chain 786
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2939093661455357000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2939093661455357000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
Request Chain 788
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Request Chain 789
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2939093661455357000V10 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
Request Chain 790
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.3&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 791
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.1&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YmbacxfUheiJLy59JDCIJwAA%26153
Request Chain 792
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.2&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D45%2526external_user_id%253D%257BuserId%257D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://tags.bluekai.com/site/17724?id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%2526bidder_id%253D45%2526external_user_id%253D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341 HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
Request Chain 793
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.4&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6802119093282668307
Request Chain 795
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1650907772080.6 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=2c34304c-ea38-4407-9157-7e7dbba2353f HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=66&external_user_id=2c34304c-ea38-4407-9157-7e7dbba2353f&ts=1650907772&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 798
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkzOTA5MzY2MTQ1NTM1NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
Request Chain 799
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Drkt%26refUrl%3D%26vid%3D09077723592939093661455357000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077723592939093661455357000V10&ovsid=978477405519839003
Request Chain 800
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=6bd221a2-7bef-4af3-a3e8-2e164b4d8d34
Request Chain 801
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6&google_hm=ZjM2N2E1NDgtNDNiMi00Y2E2LTllNjctMWRlNWQ0YTc4MmI2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEP1Avk9zEdl1E-A11o8KX48&google_cver=1&ssp=medianet&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 802
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2939093661455357000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2939093661455357000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
Request Chain 804
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Request Chain 805
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2939093661455357000V10 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
Request Chain 806
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dcon%26refUrl%3D%26vid%3D09077723592939093661455357000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=460ff0db8e0608e3&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dcon%26refUrl%3D%26vid%3D09077723592939093661455357000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077723592939093661455357000V10&ovsid=AAADKVTL6RgxQQNOqI1qAAAAAAA&expiration=1650994172&is_secure=true
Request Chain 807
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dmma%26refUrl%3D%26vid%3D09077723592939093661455357000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077723592939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
Request Chain 808
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077723592939093661455357000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077723592939093661455357000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077723592939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
Request Chain 809
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dzem%26refUrl%3D%26vid%3D09077723592939093661455357000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HALJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDSMBXG43TEMZVHEZDSMZZGA4TGNRWGE2DKNJTGU3TAMBQKYYTAJTWONUWIPJSHEZTSMBZGM3DMMJUGU2TGNJXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HALJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDSMBXG43TEMZVHEZDSMZZGA4TGNRWGE2DKNJTGU3TAMBQKYYTAJTWONUWIPJSHEZTSMBZGM3DMMJUGU2TGNJXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077723592939093661455357000V10&vsid=2939093661455357000V10
Request Chain 812
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
Request Chain 813
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Request Chain 814
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
Request Chain 815
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YmbafAAEpQ-GsAAZ
Request Chain 816
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0WJAwHhz1NJ2wI5
Request Chain 818
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Request Chain 821
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
Request Chain 822
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Request Chain 823
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4146191290397438279
Request Chain 824
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
Request Chain 825
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c0a2a580-f9bc-4598-8cfa-f0f45211b393&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Request Chain 826
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d6e8f84f-7192-4d58-479d3afa
Request Chain 831
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=44e1885e-c4bd-11ec-bdca-6837431987b3
Request Chain 832
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Request Chain 833
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d0d69b25-b299-4c6c-9dae-79cee72642b7&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Request Chain 834
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 835
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=665481160117
Request Chain 836
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0WJAwHhz1NJ2wI5&gdpr=0&gdpr_consent=
Request Chain 837
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650907772455 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 838
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7041941671499242023
Request Chain 839
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9527fb6-47e9-4397-be30-49f30e5bdb8b-tuct9605ffc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 840
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=3F695155CBEA40AA8059773D874F9164 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=D990985F6F06492F8EC771FBEE66DEDA HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a7f15ab5-7d7b-40ef-b515-ad45de9ccc06
Request Chain 841
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=p9ElZ9tzCbSsD3XbfNpmYg
Request Chain 843
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6cb153d2-e004-48c6-b146-cf2b023e215c
Request Chain 845
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 846
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
Request Chain 847
  • https://pixel.onaudience.com/?partner=214&mapped=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=7aabbd52-0742-4133-a07d-fda9f86dc1fd&icm HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=30d885adeb54e82e
Request Chain 848
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&addseg=10,33,39
Request Chain 849
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 851
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40f8252e-c4bd-11ec-aad8-9f94043e2d80&gdpr=0&gdpr_consent=
Request Chain 852
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6802119093282668307&gdpr=0&gdpr_consent=
Request Chain 854
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f367a548-43b2-4ca6-9e67-1de5d4a782b6&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603021636766816456&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=62c5f73e-003c-4737-b163-4ba2cdd1040e&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 855
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_EEE4CE38_4BAE5C4D&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 856
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Request Chain 857
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4153669688251824763
Request Chain 858
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AA229FB4C1
Request Chain 859
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6802119093282668307
Request Chain 860
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21a782a5-b5cc-43a9-a869-36c4546cfb9d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 862
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 864
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YmbafAAEoYnHnAAZ HTTP 302
  • https://dmx.us-east-34.districtm.io/s/10016/YmbafAAEoYnHnAAZ&_test=YmbafAAEoYnHnAAZ
Request Chain 865
  • https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
  • https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
Request Chain 866
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Request Chain 867
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
Request Chain 868
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b HTTP 302
  • https://dmx.districtm.io/s/10051/y-8KJ6zx1E2uH06dKJ2w49xGBPiI1X.Vkh~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Request Chain 869
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/59e32e91-d4fa-43e2-b46f-81986f95b9e8
Request Chain 870
  • https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
  • https://dmx.districtm.io/s/10056/978477405519839003
Request Chain 871
  • https://match.prod.bidr.io/cookie-sync/districtm HTTP 303
  • https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
Request Chain 872
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&rurl=//dmx.us-east-31.districtm.io/s/10007/ HTTP 302
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=39da34f7ca2508e3&is_secure=true&version=1&networkId=33921&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&rurl=%2F%2Fdmx.us-east-31.districtm.io%2Fs%2F10007%2F HTTP 302
  • https://dmx.us-east-31.districtm.io/s/10007/AAADKPnY1mvHTQMP2AiiAAAAAAA&expiration=1650994172&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&is_secure=true
Request Chain 873
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Request Chain 877
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Io5jjBvczcweOALLNf2eDw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 878
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e9b6266-da75-4600-97fa-93bd39c882d1
Request Chain 879
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=40f8252e-c4bd-11ec-aad8-9f94043e2d80
Request Chain 880
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Request Chain 882
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Request Chain 883
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFGhn27Xw8wiqWV92VMTrEs&google_cver=1
Request Chain 884
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
Request Chain 902
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=469314b0-c4bd-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C

899 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/ 		72 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.60.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf5d841ba74ddf99bea783d669b3d4e688b9bc273d78304605c2243a7ffb552
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7018ccea9b291778-EWR
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
last-modified
Wed, 20 Apr 2022 08:45:26 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 17:18:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 17:29:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 17:29:22 GMT
bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1769864
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"624975547"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=po%2Ba%2FsssHJRiX26BxIHbzReJFOv3d0W5oteyWHSk%2BGCpEWhbcMqLmS%2FrBGtYpOw4QGH8lTg2XAQVUdIkS0pyrJKxOKbvZP1AWFX6gIpcDP%2F5TRk77oarN5YV6ovShenSc6eHYl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
7018ccecaacaa23b-YYZ
expires
Tue, 10 May 2022 05:51:38 GMT
main.css
www.bleepstatic.com/css/redesign/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b37f3d8aa5e1f298bf71477c945f576745020ce44f048ec67e19a93cd285372

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783486
cf-polished
origSize=62676
last-modified
Tue, 27 Apr 2021 20:09:53 GMT
server
cloudflare
etag
W/"2761713618"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1zokL2UzWqmXPayenoghmBUxt90T%2F91NijQehEdhf%2FUSpO85cu59MLbvKUVHc1BnCiB19FJkSMCYU588S6tMTOGvIMr65besXaceEyryVMLf4o%2BrMN%2FK6frxuWktVLRYKL6IXo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 10 May 2022 02:04:36 GMT
cache-control
max-age=3024000
cf-ray
7018ccecaacda23b-YYZ
cf-bgj
minify
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134
cf-polished
origSize=15024
last-modified
Sat, 21 Nov 2020 17:53:40 GMT
server
cloudflare
etag
W/"2807382579"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuLJusPIr8bZTiGfipfmxDuBhIOO1bsEOcxm52U29ncg9GZEHvVda%2B8h73pYovzHRd7dKgCmKhOaI8WwYmaFvVFLfJUMLj2LjF9khBX3Ktozn6c5RZ2iEhOSXFypAdwiklisU8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Fri, 08 Apr 2022 11:24:10 GMT
cache-control
max-age=3024000
cf-ray
7018ccecaad0a23b-YYZ
cf-bgj
minify
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4901b094a91ea6d5aba73774bb9803fdca22599cfca597ef81249225b5ed01b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3688
cf-polished
origSize=33102
last-modified
Tue, 24 Aug 2021 22:50:05 GMT
server
cloudflare
etag
W/"57477024"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPBJl99ZMqIS7TzFAZd4ojoghPbGb432kawjs7aFTYlbwBu%2BVia3XzBSSGXvyzlH8v7tkOtheG%2BT9iDqNXNQnis90UgSzK4DW8pzxjPkGiZdxN9AOoiKxnVS7dStPKlSkl0jV28%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Fri, 08 Apr 2022 11:24:10 GMT
cache-control
max-age=3024000
cf-ray
7018ccecaad3a23b-YYZ
cf-bgj
minify
jquery-3.5.1.min.js
www.bleepstatic.com/js/redesign/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
cloudflare
etag
W/"1177690299"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29sUxDLisWEe%2BMF%2FEC%2F1mO%2BoC3oRR8%2B70azIdaFiq%2FAmnXjC7hsPVINOfyRN4WkS%2BO9jNitPiRWk77Jb8CKuEnNlkxCWhu2GiVmv1srmqzYDeXhydH0RaRzk2X%2B0VVW8i%2FRCuao%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
7018ccecaad5a23b-YYZ
expires
Fri, 08 Apr 2022 11:24:10 GMT
jquery-migrate-1.4.1.min.js
www.bleepstatic.com/js/redesign/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5175
last-modified
Fri, 20 May 2016 01:26:30 GMT
server
cloudflare
etag
W/"2177127834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP98kBXRVI2aHnjclOVKda3hhB%2BrbLdaTVFWpheOxvjrbE0cPGdcGEWveO%2FIAiz08D523zhOVvZfDkQYfU2OEj%2Fj%2ByJmVtba5JYRCl%2FLqd0jWaklRVP1IGqJxG6QQfArB49VtGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
7018ccecaad6a23b-YYZ
expires
Fri, 08 Apr 2022 18:29:01 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1769864
cf-polished
origSize=247
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdru8LDoB%2F7Np0mxkv5MD%2Fs891ltvoS7nNR5nr8qyLpec6xhERtnyOUkxbnqyMZoa9GyGafILHOfjbTGyhBmTy2hMRUjnTahbDa4n6Z3EPdoT%2Bt8EA9awNJ8jxk8H72Eu7LGg3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Tue, 10 May 2022 05:51:37 GMT
cache-control
max-age=3024000
cf-ray
7018cced3bb8a23b-YYZ
cf-bgj
minify
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash
crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1225
x-guploader-uploadid
ADPycdssLRBdbrwbEkcofaW-rEUD-t8nNIegWO6r69jL9nWaCoxufvT95G61-XgYKmqsaFoMBJLiIUzBnCjT7fH_K1OGCi83xxCm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/css
last-modified
Tue, 11 May 2021 20:31:48 GMT
server
cloudflare
etag
W/"2ad42c99ece77b46e5a42a85207a3750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzyDS7amMjhneASkEIR%2FxbXyfvUcuaA%2BiA%2FRjC6aWjWKwS4JiQq08FtYl0bMyGOoKjF9nVFgl61gAdfPTJVBUBOeKAdo0E3%2FF6RT0LczcDb%2BbMHBUR%2BfWW1NisaezayvbtBItoYHfFbAvQo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620765108454625
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1752
cf-ray
7018ccec7d85ca53-YUL
expires
Mon, 25 Apr 2022 18:08:57 GMT
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2084062fff698fe4865f688cafdd7898038b0293b89ac6a5506ee3310652922

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash
crc32c=ZJnYuQ==, md5=Ao6xZMb5FN6JSXyNa3b5Lw==
date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
980
x-guploader-uploadid
ADPycdsW8i5KQls-sM1b4GGGK_sr2i9oG80psFUtnK5Qm72Ysiy7X9uOTP0pHn3yLb-9S0LdrXN0Y2domY1GDrcguVcP9Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 25 Apr 2022 17:05:59 GMT
server
cloudflare
etag
W/"028eb164c6f914de89497c8d6b76f92f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZfYCJ%2FJqguPt3kRbgbZIUG7glymDmLrIMQAK%2FmEfaiKhjVfEzjg1aQYztVgng0vXpn2qwwvWbAsLCki8o6k7Q97HCxJ69Tno02zUB9r%2FwUSpcm8t1odP%2BEf1s%2BaB7onkkQvBUXhePWnXUI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1650906359677519
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
120893
cf-ray
7018cced3e46ca53-YUL
expires
Mon, 25 Apr 2022 17:14:02 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2eb1483bde4617aa5f7e54730965c731203ec585576b2b56ee857f305d3de2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38733
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 16:31:53 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Apr 2022 17:29:22 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
458702
cf-polished
origFmt=png, origSize=1882
content-disposition
inline; filename="logo.webp"
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml%2FrmhZ6qc7UEsByjxP0QmDjYgb8Eu0NrPGHLyC2WE92xZksJ2BAJNQ41OfrCa%2BYN4v0vvlf9XSO%2F84J9Cg5vfWprcuscLIy1i3T1kNYlhsUo6nRlFw32oKERGBVHeN5FDIsEfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 20 May 2022 10:04:20 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced3bc0a23b-YYZ
cf-bgj
imgq:85,h2pri
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 00:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 26 Apr 2022 00:19:48 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:04:02 GMT
x-content-type-options
nosniff
server
sffe
age
1520
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:34:02 GMT
AWS.jpg
www.bleepstatic.com/content/hl-images/2021/04/09/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2021/04/09/AWS.jpg?rand=1339337180
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048fa91c330ac00a3580897d8774f49d42c1c3b03232b03386b92cde1065378a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86403
cf-polished
qual=85, origFmt=jpeg, origSize=226501
content-disposition
inline; filename="AWS.webp"
content-length
53160
last-modified
Fri, 09 Apr 2021 19:53:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kD9pTxUuoQetNbgawfP6%2Bqiq2%2Beok5za7xDTb1mD956H0hXQKN6jFjzFcN8NTiLkazx%2Fx1Ve3HTDuc15SEOssmpTbuCrYNo%2FfwKVsKrE1Qp2fKs9ya3wzvrnBsRfwCwP3plAqCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 24 May 2022 17:29:18 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced3bc2a23b-YYZ
cf-bgj
imgq:85,h2pri
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c336e70e95b15337d773638cc60a27d504c236862f21039f5bbd0ceebcde3e4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54438
x-xss-protection
0
server
cafe
etag
6131303911442123178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 17:29:22 GMT
FP_FinServ_Bleeping-Computer_400x500.jpeg
www.bleepstatic.com/images/comp/flashpoint/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/comp/flashpoint/FP_FinServ_Bleeping-Computer_400x500.jpeg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19ccb209bb4a5900d07e56f1e992cb8b2688a40139ae5c3cfde158ccf4c206a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201597
cf-polished
qual=85, origFmt=jpeg, origSize=40462
content-disposition
inline; filename="FP_FinServ_Bleeping-Computer_400x500.webp"
content-length
25438
last-modified
Thu, 17 Mar 2022 17:53:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5EIS%2BBwcG6FFjbzhYnkyoQ0LuG7XZf1IwLqIuS8j%2BZvzp3Sr7FWvnhWD08SpACueLKKnWQc1ag1NHSdcZoOl7%2FKVriIP7NIbb4Hd8vWi7NTxhwodVZOqFQWXAXKhn%2BpwmmtM2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 23 May 2022 09:29:25 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced3bc4a23b-YYZ
cf-bgj
imgq:85,h2pri
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
298236
cf-polished
origFmt=png, origSize=475
content-disposition
inline; filename="twitter.webp"
content-length
282
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPpD0PPNrvlGHq8r2v4qnoFSnZTx2FPQ2CFpwdYrLPbm%2BWMwLdOmH79KfFY645OrLCHbNpazNP%2BO22vZBtxpvovn8VGLGjtlduuqvOB820mCaX%2FjARfLT4NZcGspv2nlvmSPsrM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 22 May 2022 06:38:46 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced3bc5a23b-YYZ
cf-bgj
imgq:85,h2pri
bootstrap.js
www.bleepstatic.com/js/redesign/bootstrap/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1769864
cf-polished
origSize=75484
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"984724076"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dA2ogpMpts1sPZHNfA1B1tImW9lN85KDgjEMPc2nXQdnlCBagT03I%2BmBnOEcJckYKw5tpHC6%2FsrmM2T24tmrRjfKKK7klBWbsSHgx8hg62Xmh0tJmT41%2BHNYcsrgeuV5kiwauGI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Tue, 10 May 2022 05:51:38 GMT
cache-control
max-age=3024000
cf-ray
7018cced3bc7a23b-YYZ
cf-bgj
minify
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2880
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHkyL3hJO6XD17L%2F%2BJZztkOLI89Qrhro75mMUYt4HYyi9ZOC2wv7ByErlYe1%2BfQa25xaC6vjeMu2RYnejBrkfFQfJmN8TZvJMNH8HLxnQTPbDmr6Ch2z0%2FDWKezM1adtzA4RtK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
7018cceceb3da23b-YYZ
expires
Mon, 25 Apr 2022 16:40:10 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2880
cf-polished
origSize=3600
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W13f0nth6ad6yUGupiwraM5MPvCURzlNIOjWBr2MilAoOsncGnSq9itk3au1U0tl69t0yEl9Pz2FHrkhQ%2F52DP3c8kvhj8Nj7O2XNrOArFGlbIPyUDClJMDvmhI4ZysLZQ1qek0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Mon, 25 Apr 2022 16:40:10 GMT
cache-control
max-age=3024000
cf-ray
7018cced4bc9a23b-YYZ
cf-bgj
minify
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1769864
cf-polished
origSize=48706
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ed0GUHD%2FfWXJExIzNKwZn1jUHR7FbxH1wRCcmv4GLOVyJG%2BaEbItbj4j8r%2FJgeUtD7K1fLJA%2BnVceyhVfq7KmRUxW67JQTqOsQd85SqFRhgNwhy54fpbzIYUp9TTTU3RBbFzssU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Tue, 10 May 2022 05:51:38 GMT
cache-control
max-age=3024000
cf-ray
7018cced4bcaa23b-YYZ
cf-bgj
minify
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5225
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuX5iAsJSeKpbZmmfIhxO9WA26swfTqnUJHuUvMuwJmVZKm4Es5v7uv2tpGA%2F%2B%2BjT0yguS9GhzECuU1Kj%2BcU6UfzxoeAoQcib6CquXuwxxCeocwEhg%2Bxu21nQvc6BlbIAvuMwwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
7018ccecfb5ba23b-YYZ
expires
Sun, 24 Apr 2022 23:30:26 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
x-check-cacheable
YES
cache-control
public, max-age=600
date
Mon, 25 Apr 2022 17:29:23 GMT
x-host
s9.addthis.com
content-length
116325
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7018cced8e89ca53-YUL
connatix.playspace.js
cds.connatix.com/p/159756/ Frame 2AFD
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/159756/connatix.playspace.js
886 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/159756/connatix.playspace.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b17655f2ac3f2629a0bf346ebff0d7e9a4959289f1f09620e64c1eaa0a46269b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
last-modified
Thu, 21 Apr 2022 16:20:10 GMT
age
349567
etag
"31778d982c77796a87ccefd78e03b1cf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
210380

Redirect headers

location
https://cds.connatix.com/p/159756/connatix.playspace.js
date
Mon, 25 Apr 2022 17:29:22 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-5.ewr53.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:33:24 GMT
via
1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
3358
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
content-length
4240
x-amz-cf-id
3VK3mFW6IDnU5OeP2dJC_3-2sFtTktUVWjQu8dgqMhrMjMX82oyEJg==
expires
Mon, 25 Apr 2022 17:33:24 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-73.ewr52.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
6a1ea606fa44a20f5613ecaf7f258483c6905dc8511d1a855474560136c389c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:49:32 GMT
content-encoding
br
etag
W/"11c963ef08ade5b0636b69d03453c9f5"
last-modified
Mon, 25 Apr 2022 16:49:32 UTC
server
nginx/1.20.0
age
2390
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 94fb69b274bb5ab206667cb69fcc5932.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
WtbyZ7is8dCLGYiSmsFSR3fpzPTfnvLTKaqGM8yjlIuYwM8Tj2ypAQ==
x-xss-protection
0
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/gif
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201597
cf-polished
origFmt=png, origSize=187
content-disposition
inline; filename="login_bg.webp"
content-length
126
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVV7qW%2FIm51HEzpYcvfLGgCkKxGlkFlKq1d3bFdzR8Ib%2BjgdPzATZ98qj49%2FZZu5vuxxp4pgbKP6kKQtSEHwl7d84x1KveboKxWiCK3z1D3OjcohkK6%2Bcx8v6LA%2FGU6z%2Bis5qsg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 23 May 2022 09:29:25 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced4bcca23b-YYZ
cf-bgj
imgq:85,h2pri
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
373344
cf-polished
origFmt=png, origSize=83
content-disposition
inline; filename="nav_bg.webp"
content-length
72
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPCqi4oWB6KeQVDZh8P9Oe6Kre%2FiW82iy1HAmXH0jwAzDXFns%2Fv0vJy3gnvlChCEIDx2o3PIkVNm6sOXnLwZW82EbqsXey%2FDgKL6F9hO1dUZYeLdhzigdQr%2F4%2B6M6RQnKqJerGc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 21 May 2022 09:46:57 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced4bcea23b-YYZ
cf-bgj
imgq:85,h2pri
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 16:23:56 GMT
x-content-type-options
nosniff
age
522326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 16:23:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 01:28:42 GMT
x-content-type-options
nosniff
age
316840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Apr 2023 01:28:42 GMT
jK9a7IoMu5I
www.youtube.com/embed/ Frame A1A1 		61 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/jK9a7IoMu5I
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
434698ea8b3e7b3d7af701ce1075968ef901f59302c2d1124969aca2241c336d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 25 Apr 2022 17:29:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199746
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgGo%2F8h5U07XiCQKSFSgebQyRzvbP1FUsJR9VAtHgnK0nGzxOxcFbaMZM6HYx9U%2FHXjZjR7zynjEaBii3iU0C%2FEAbD%2BTUP7TD%2F0MPLMo4g%2FMGJQOnFs7PSLOFHGyg%2B1SsS%2FInKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 23 May 2022 10:00:16 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c40a23b-YYZ
cf-bgj
imgq:85,h2pri
calendar.png
www.bleepstatic.com/images/site/ 		86 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
497550
cf-polished
origFmt=png, origSize=129
content-disposition
inline; filename="calendar.webp"
content-length
86
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gho5LqnoMvY5pQ%2FCUHTHpFsUB9iwOQv6P70xdcsp8n31trroxwQe9qa1wD9tUe4Zt%2F64YWwIfdinsoDSNR1Tito3rq4Ip7crXlh%2FM3iwFO0DGeEZAW0tUO%2BDzCMKaTdDRfzQDmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 23:16:52 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c44a23b-YYZ
cf-bgj
imgq:85,h2pri
clock.png
www.bleepstatic.com/images/site/ 		252 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
519895
cf-polished
origFmt=png, origSize=1316
content-disposition
inline; filename="clock.webp"
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkgnMrPADkmu9J0Q0mNnWHgHiMRC8P1UomxNcVQHUu6hH5DiBUCJcWk4kr3yOq2U0ylTweQO932ullQAI9SQEz9hJX18PtpPNPpNftMcxBVZqqmctYzgH7bIJZlNua1FX2%2BO4xE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 17:04:27 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c45a23b-YYZ
cf-bgj
imgq:85,h2pri
comment-light.png
www.bleepstatic.com/images/site/ 		94 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520894
cf-polished
origFmt=png, origSize=1034
content-disposition
inline; filename="comment-light.webp"
content-length
94
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYeFiC9nO2sGO3kMVgWCFHNnym3aCD%2BeGPiEovFo9lfjWjKjnY4ipPXhKqFl5eLaRu8%2B6iHiJ0n3NZ5yKR2fOeDPTgQ1MH00FLTOuIw7Xjmcfwo8I%2Buc1N1VtgwQhgQzBt249mA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 16:47:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c46a23b-YYZ
cf-bgj
imgq:85,h2pri
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520895
cf-polished
origFmt=png, origSize=618
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giYkISxCLO7aYgyww4t6%2Fm559x4ZYyRUPgqc3coJGIC2FTKe0oa4F0wJr2WOTrGgph12ZNMxf0O0TpNeRfdOKo9y9xsy0BtIwQlwG0r1ZljKwgom2UvfXObJVTbVTCqurghH8IY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 16:47:47 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c48a23b-YYZ
cf-bgj
imgq:85,h2pri
42758747b8592c683aa2b2162019ddfa.jpg
www.bleepstatic.com/author/photos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/42758747b8592c683aa2b2162019ddfa.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
519293
cf-polished
qual=85, origFmt=jpeg, origSize=12322
content-disposition
inline; filename="42758747b8592c683aa2b2162019ddfa.webp"
content-length
7248
last-modified
Tue, 28 Sep 2021 21:25:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0%2FutHfqFCebtsD%2FhrcBydRdnv3SjelKqYtvdnx%2BQXVG1X3OULm6BUeUw0SscHPR%2B3iv4NXrWQi%2B1hB6zNmy84XO6voNhNf%2FriLHJdmoFXdHWDM1OSRW1apQYD0Omhv78hrPv5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 17:14:28 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c49a23b-YYZ
cf-bgj
imgq:85,h2pri
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
209599
cf-polished
origFmt=png, origSize=72
content-disposition
inline; filename="h4-bg.webp"
content-length
38
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F33ZD0YvEcFmmE3SZyY%2BdzgxDd0aVY3SMnPORq3ukgq6fnXR0P259KszppM5KZLZjN84HjC8KqEJoPKuaMDx3AzjS1AktyvZY5QoLBYrsfCluzYHBd536hv9feW92Sa2ytKFz%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 23 May 2022 07:16:03 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c4aa23b-YYZ
cf-bgj
imgq:85,h2pri
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/home.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
210765
cf-polished
origFmt=png, origSize=1105
content-disposition
inline; filename="news_email_icon.webp"
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njWTdiwSrFjHtgGbgpPqLgj8oxraingWTcsDwxik1gH7nHdIOCzYbYQvQnz%2FIbfoFA1dIsnV%2B8ORE%2FEhCuvdFXHVZwJNteAQJxIGjh4W5%2Fbd647NPrYkZHPM4xs%2FPIobsDLiqZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 23 May 2022 06:56:36 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c4ba23b-YYZ
cf-bgj
imgq:85,h2pri
news_footer_icon.png
www.bleepstatic.com/images/site/ 		110 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1783483
cf-polished
origFmt=png, origSize=186
content-disposition
inline; filename="news_footer_icon.webp"
content-length
110
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BiATBMqwyKkv%2F8B6a0m9KN7s%2BQkpjQJpjFhpE59Du9IJacL%2FEujqLwFaUt09htYoAnYA68Gsa7%2BBVemSVFTDPls%2FezutyT5uj9nLkk1sq7cJOV7zx%2BtrXLtMWOIT7p74zsoKgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 05 May 2022 02:04:38 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cced8c4da23b-YYZ
cf-bgj
imgq:85,h2pri
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 04:56:13 GMT
x-content-type-options
nosniff
age
477189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 04:56:13 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 00:09:49 GMT
x-content-type-options
nosniff
age
148773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Apr 2023 00:09:49 GMT
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1762224
cf-polished
origSize=4895
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i30JavBmKN%2F7sbP%2F6DQfd0rWB3fiNLRo6LSD8NxBDuOpRuVN1sF%2FNpoQvUgw%2FzZZul%2BIP8Hu5zAPDOsxC61YCRHjU9YMMDcHk1v8aNALiRGnzuFM0%2B1feWpnnPTBpYr1XodB15o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 10 May 2022 07:58:58 GMT
cache-control
max-age=3024000
cf-ray
7018ccedece5a23b-YYZ
cf-bgj
minify
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6136
cf-polished
origSize=26776
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK%2FjfWPaiZq%2Fn%2BPqzZpuhXg9%2F71jVOSk53c6jlI7mKPWih%2ByiJe7HVds5CZ%2FL%2BKzOHLQPm8eukOT3%2Fz6c8TRnM3zBT%2FqiZd%2BGvtDN2z1Sh1iYbGNwdpGbFIhdxKPvuckyebjMaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Mon, 25 Apr 2022 13:46:26 GMT
cache-control
max-age=3024000
cf-ray
7018ccedeceba23b-YYZ
cf-bgj
minify
init
d.pub.network/v2/ 		63 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=535&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
fee0cc4b41c2a9e4556ace3acbc166aa62e64252de972ba518c5dab5caccd851

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Apr 2022 00:54:15 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
last-modified
Sun, 10 Apr 2022 10:23:26 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Wed, 25 May 2022 17:29:23 GMT
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:22 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
6232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4MeOMEczudYhxDA0X%2FNk8bNiwQqvRlC9k3PtAF3asbmLh1ApFsV721SnxtHWbDOzi1uP2D%2BJrOuORDZYXaw0oOLGRgxPVjD8Ol8VpByukCBa%2FuIWJKj3rP2U7kGNG7oK2q3fR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7018cceead4e53e9-YYZ
content-length
65452
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/ 		304 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
505fda74065e25ae3fdc0807820fd861383338cf47c24bd1bf27994c2fa4b853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110909
x-xss-protection
0
server
cafe
etag
11088129338280563861
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 17:29:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/ Frame 6931 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
70283
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 21:58:00 GMT
etag
14837630671339829333
expires
Sun, 08 May 2022 21:58:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
292x176_Windows_11.jpg
www.bleepstatic.com/content/hl-images/2021/10/06/thumb/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2021/10/06/thumb/292x176_Windows_11.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52682f3e4c11623e5a096a24adde817b7eea913d8d8f8c4df0416d33671192b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66079
cf-polished
qual=85, origFmt=jpeg, origSize=35436
content-disposition
inline; filename="292x176_Windows_11.webp"
content-length
5114
last-modified
Wed, 06 Oct 2021 08:32:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoFc4ldOGaG6TyhGIK3lxnmnlqSu0mJmfoacBMk%2F%2B8iyBQcV6FJlYZFFZuufcDyMcnet9hAggnhhNElVr3f44B27Mpqjg%2BHH5i7Aw%2F4Y0kr8Q2zVqjHs811Fh27f9m%2Fz%2FV9Qfq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 24 May 2022 23:08:03 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cceefe9ea23b-YYZ
cf-bgj
imgq:85,h2pri
292x176_qr-pink-background.png
www.bleepstatic.com/content/hl-images/2022/04/23/thumb/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2022/04/23/thumb/292x176_qr-pink-background.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40af323bd1cd60a8e1ff0e8bd9463a849f4b95ba0787b091d682068d1a744c33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85848
cf-polished
origFmt=png, origSize=144626
content-disposition
inline; filename="292x176_qr-pink-background.webp"
content-length
63064
last-modified
Sat, 23 Apr 2022 06:05:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihdKoSf0FRQDqSeKHQWfN8VMe9CPqg37%2BHfcK%2BZIURkEqPANCpYS9dowf16EQ8Idz8EK%2FjNJMh3%2B7HIVty8L0qCltV1h3gsOCLIXv9qSyMdnOaf0hqOJ4Znd7GQha7xCjqof%2BiI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 24 May 2022 17:38:34 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7018cceefea0a23b-YYZ
cf-bgj
imgq:85,h2pri
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2521
date
Mon, 25 Apr 2022 16:47:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 25 Apr 2022 18:47:22 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-100.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 25 Apr 2022 07:40:01 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
35363
etag
W/"1827f116c73f319409b97f10b8a58ade"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
zGWZW2wMP8F2vYoI8z-6NkVcCr5l0HWVD41LsG728qUbhzHlGIEZHQ==
pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
a.pub.network/core/pubfig/ 		325 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78da514c9f16a47d8e2374012619445409c56fd4da464e9cbd7b581cbf809b08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash
crc32c=eaAmeQ==, md5=uqkd784+dh9bFq38ORsvMA==
date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1226
x-guploader-uploadid
ADPycdu14RZzMYdEcxSKckYGBFrxDYJNdLmB0o7ftdOD3UDWv4lRblmsdkD1tL4RulPyif4qC-vxSynWlDY27Jz50Hr4VXOkCp26
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
access-control-allow-origin
*
last-modified
Thu, 14 Apr 2022 20:41:55 GMT
server
cloudflare
etag
W/"baa91defce3e761f5b16adfc391b2f30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm4ftP4Kz8vbcJD8nChVa7EBLMOSyu8mBnATxRllYvLlMEIaNNh6IL3criM%2FxvmeDY%2BDFA5vuunYqhV4Vh%2F0EHB0U%2F2vozcEtOvpVUUYn4H2rPVRyNxh%2FGQSBdJ%2F1uIyx0VnJrtY20emDY0%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
x-goog-generation
1649968915458077
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
332978
cf-ray
7018ccef0ff5ca53-YUL
expires
Mon, 25 Apr 2022 18:08:57 GMT
www-player.css
www.youtube.com/s/player/534c466c/ Frame A1A1 		346 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/534c466c/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af6f2c85ecc99d72bcc3598161f057c701338bfe66584d9d588dfe3ea6fafd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 23:19:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
65414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47506
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 00:15:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 24 Apr 2023 23:19:09 GMT
www-embed-player.js
www.youtube.com/s/player/534c466c/www-embed-player.vflset/ Frame A1A1 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
095e9c8ccd5f0d3e01056097d0dba6ed3860ede26cda210079d9321b287ea18a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
355259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87611
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 00:15:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Apr 2023 14:48:24 GMT
base.js
www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/ Frame A1A1 		2 MB
523 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0c085b72dacb34ac8292b08fdbf0a692009320dcf4040eea77c0be553302855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 09:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
114222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
535584
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 00:15:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 24 Apr 2023 09:45:41 GMT
fetch-polyfill.js
www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/ Frame A1A1 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/534c466c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
355259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 00:15:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Apr 2023 14:48:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1A1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:59:51 GMT
x-content-type-options
nosniff
age
523772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 15:59:51 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&charset=UTF-8&ch=17&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=46772382
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-73.ewr52.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
de08c16f85c5a0c60dc46ad7db95ddccae6b277c33bfe9b0866edd5ac642d294

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-amz-cf-pop
EWR52-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.bleepingcomputer.com
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 94fb69b274bb5ab206667cb69fcc5932.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
v8gsfDtUXQ0Yx5TtGP9Ne6UWzrKuJU4ujiDRy8tdZdS7zUZEny3WqA==
expires
0
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/159756/ Frame 2AFD 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/159756/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
br
last-modified
Thu, 21 Apr 2022 16:20:11 GMT
age
349567
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
connatix.playspace.css
cds.connatix.com/p/159756/ 		99 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/159756/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
br
last-modified
Thu, 21 Apr 2022 16:20:10 GMT
age
349566
etag
"132acf023a5a30ef72888d6e359a6663"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13634
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3BDAE1FAB05E52F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11454
accept-ranges
bytes
content-length
948
x-amz-id-2
JQEtOEyiFCqCP1YLI1OIPGBGUg/WHgpDv22+z5rvn/G8szLTqEelRVwbxuu0H6mk2GphOf1hSec=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
etag
-1659864586--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=38, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
678
300lo.json
m.addthis.com/live/red_lojson/ 		100 B
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6266da730169849f&bkl=0&bl=1&pdt=326&sid=6266da730169849f&pub=ra-561517d2c7f964d6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bleepingcomputer.com&fp=news%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=computers%2Cwindows%2Clinux%2Cmac%2Csupport%2Ctech%20support%2Cspyware%2Cmalware%2Cvirus%2Csecurity%2CAmazon%2CApache%20Log4j%2CAWS%2CContainer%20Escape%2CLog4Shell%2Cvirus%20removal%2Cmalware%20removal%2Ccomputer%20help%2Ctechnical%20support&colc=1650907763215&jsl=1&uvs=6266da736ccc7266000&skipb=1&callback=addthis.cbs.jsonp__7293745502168860
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fde4d6a1d913a32f7d05d204d1cc29bf4683bbd6794ccacefc474d267fd2c4ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:23 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length
100
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 19EC 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B6EE 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Mon, 25 Apr 2022 17:29:23 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-check-cacheable
YES
x-host
s7.addthis.com
/
tag.escalated.io/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.143.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-143-18.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e2a2f47ce38a4bc850f961e0a889b5e953f4d956bd6f8bb21a103b0a23283bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-store
Connection
close
Content-Length
4887
X-XSS-Protection
1; mode=block
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:11:05 GMT
content-encoding
gzip
age
1098
x-guploader-uploadid
ADPycdvqDhHvEYo2DA10619aqexmS2scD8jA5D7Q-5et0CasDVMlB7dcjJOj9EokuHo0_34HwgWv2Y7OPxdnx5c8TnAjWgoGxXKt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation
1649178504809914
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
3690
accept-ranges
bytes
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d67f2f0944bd8b74e4733f49da6111b3aff1250b368d707950f479474fd37e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28541
x-xss-protection
0
server
sffe
etag
"1196 / 731 of 1000 / last-modified: 1650903517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 25 Apr 2022 17:29:23 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
205 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d19e7d56aa281565beef26a0f1c99a292b9246f806ce2e6f76dca3e3f35ec1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray
7018ccf2deb57142-YUL
date
Mon, 25 Apr 2022 17:29:23 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 16:16:17 GMT
server
cloudflare
age
676
etag
W/"14618d39e6934dc198c6b3ee9e94722e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FkfiXLOlQ36%2FLG2JrqNuQPT9AFSth5uPHjSNTScyPC4MzbbmzmysTbOdtetGcI0xlkWFJPwrAQTfg8AhKth8HPCiyU7OrhCd9HPVay8Y9tNEwCJBrRE1ws9VKUOqev2MhByQ52v5vZFtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br

Redirect headers

date
Mon, 25 Apr 2022 17:29:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oFAIrud7FOG%2Fs3lUdEZ12OVVi3NEzCSI4MJBp3%2F1Xo38sJACF8GxgMj6Vwz%2B3KEpLkkNU4ueBLhTnTGEcM8gwnsp8VhyiXnfSMuOjN0ii%2Bly60f0Pj4r5n5%2FlzWSD%2B5XHZDhbUIUO5XSRE7w7JV0RFChLlzrzipk1IGMw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
7018ccf0e849ecea-YUL
expires
Mon, 25 Apr 2022 18:29:23 GMT
ats.js
ats.rlcdn.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-10.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 04:52:41 GMT
content-encoding
br
age
45403
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
vary
Accept-Encoding
x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
via
1.1 a5bdbdd1958d4d023b03427095a0a97a.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
EWR53-C2
content-type
application/x-javascript
x-amz-cf-id
Qfmg2mYXN4F7GxfuuQRwLgocFOOn_wi0mq34Fbr8XwHcctUGKFZfuw==
184310-82987131453484.js
js-sec.indexww.com/ht/p/ 		0
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Apr 2022 16:35:21 GMT
Server
Apache
ETag
"9025ea-0-5dd7d29899ac2"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=632
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
20
Expires
Mon, 25 Apr 2022 17:39:55 GMT
prebid-analytics-5.20.4.1.js
a.pub.network/core/ 		501 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aef37c7abe75530fac92a34f337cd7f558956e9800f5b0e05094fb83e963be6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash
crc32c=nVgvkg==, md5=5nTDrv99g3t6RfM7pUYl1g==
date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1221
x-guploader-uploadid
ADPycdvJuT2nLBH3UKEUwjbcdKn3w2FhzBYTtFu73FVa3OsI06rhTHGQAXKrNRhYIMl5Ok_8eYSlmZ31kpiemQOwIWbwtBcSlW_b
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Thu, 07 Apr 2022 15:31:56 GMT
server
cloudflare
etag
W/"e674c3aeff7d837b7a45f33ba54625d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APvyyF3%2Biv11J9iVB0XpP7TT65vNaiyOlyOB%2FcWXb6BWTlnvkYtnktSSS7dXOqaRJUZ25w00GIzISMJqwjMxrxkGynwPgvZcMx8w0V3dqHDxExVTEXun8fhSK%2FUtGplKpi06aqi1qHY9N3I%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1649345516571407
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
512965
cf-ray
7018ccf0c9d5ca53-YUL
expires
Tue, 25 Apr 2023 17:09:02 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650907763324&ns_c=UTF-8&cv=3.5&c8=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&c7=https%3A%2F%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650907763324&ns_c=UTF-8&cv=3.5&c8=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&c7=https%3A%2F...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650907763324&ns_c=UTF-8&cv=3.5&c8=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
52.85.61.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-100.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
oeJUrrJTeMp1svHPmfXUK_VifdMRhPMTKCMs1obeDii4MycV9GEvUQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650907763324&ns_c=UTF-8&cv=3.5&c8=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&c9=
date
Mon, 25 Apr 2022 17:29:23 GMT
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
content-length
0
x-amz-cf-id
U04RJ94YbhED-SzE30pZlbu71jRjCX5NgLVIFP1SY69uORauV-jB2A==
x-cache
Miss from cloudfront
story
capi.connatix.com/core/ Frame 2AFD 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
709532cb1ade3ef49dd15c524486af68d1eec94746048e93bdd96f2b94dc7c35

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3996
rum_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/rum_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e026ec057f2e046c1379531120241ca1a9d65330247416e40b352cc813430ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22368
x-xss-protection
0
server
cafe
etag
9895551757536594049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 02:35:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		224 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bleepingcomputer.com&callback=_gfp_s_&client=ca-pub-0920899300397823
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
5f3516cece6b9d560c6ae8743de31eee8365a976e864d22cb6016e88669fb613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AB1F 		114 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc45cf63819ce01f17a53e7c070e874b3f288bcad2405da097de2c24c236927d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
27834
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:23 GMT
expires
Mon, 25 Apr 2022 17:29:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2010554407&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&ul=en-us&de=UTF-8&dt=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1232773025&gjid=1386764769&cid=3926409.1650907763&tid=UA-91740-1&_gid=2067551352.1650907763&_r=1&gtm=2ou4k0&z=71202295
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4950 		159 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1650444326&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907763003&bpp=1&bdt=428&idt=414&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=7213177364871&rume=1&frm=20&pv=1&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=432
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e95a438c1e3b5a3308484a56d2cfc9886ee990d37767296e7b6c1c236eb3437b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
44559
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:23 GMT
expires
Mon, 25 Apr 2022 17:29:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
id
googleads.g.doubleclick.net/pagead/ Frame A1A1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H3
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2417421beb6c3ccfcd47d04e2d96429eeb99b12c729989d7cf05c27baeea3b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:29:23 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A1A1 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:17:05 GMT
x-content-type-options
nosniff
age
738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Apr 2022 17:32:05 GMT
insights.bin
ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/18416afc-1e3e-408d-8bcc-23693bad5213/ Frame 2AFD 		216 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/18416afc-1e3e-408d-8bcc-23693bad5213/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b0e4eb471137744496db869c870e0bcbf1a363a403494e7bc8c02cea951d253

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
last-modified
Mon, 25 Apr 2022 14:59:15 GMT
age
8920
etag
"ffb83deeb69556f4480c0c78d67600a8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
153
insights.bin
ins.connatix.com/b743a7c827ab143bf5e6934b49e237fe/ Frame 2AFD 		792 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/b743a7c827ab143bf5e6934b49e237fe/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58dc1988dc8c797f981d80cf596d4082b07f66de99a051f4d70975143c3ad66f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 15:14:52 GMT
age
328659
etag
"7c7a7698631055b866b8e7ac398a6b67"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
453
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 25 Apr 2022 17:29:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1A1 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10fe74aba1e8e28a02e2237adb9fa2dd2fe26d969284d269de0c79a49bc4c5c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22203
x-xss-protection
0
remote.js
www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/ Frame A1A1 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0642f2d3480718da1bd887fc38069674f03434e804f2d0a5e58f9470c3a3c8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
355261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37515
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 00:15:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Apr 2023 14:48:22 GMT
ZDKn9Ao6LrwgLr6Bhp-GsoMP53s4KpZzcjXXH8E2ORI.js
www.google.com/js/th/ Frame A1A1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/ZDKn9Ao6LrwgLr6Bhp-GsoMP53s4KpZzcjXXH8E2ORI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6432a7f40a3a2ebc202ebe81869f86b2830fe77b382a96737235d71fc1363912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 00:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
147830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13756
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Apr 2023 00:25:33 GMT
embed.js
www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/ Frame A1A1 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69cc363e146d13633145ec5961b8a93cdac15e0389cf2cf23e3205a25aefedf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
355259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8101
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 00:15:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Apr 2023 14:48:24 GMT
truncated
/ Frame A1A1 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
goZ4Vv-jNTjnAXn-ai8pxuEp7tkQfecj5KEkI4CEuy1SzpA_-TQfWokQYdEYhyKamBybYHIfCpQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A1A1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/goZ4Vv-jNTjnAXn-ai8pxuEp7tkQfecj5KEkI4CEuy1SzpA_-TQfWokQYdEYhyKamBybYHIfCpQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
22470cc61ec7eaa9220f1aee09c0dc08d1864fba232e996f8e573460835c2e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:49:58 GMT
x-content-type-options
nosniff
age
2365
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2946
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 16 Apr 2022 07:52:36 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/jK9a7IoMu5I/ Frame A1A1 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/jK9a7IoMu5I/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jK9a7IoMu5I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2016 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3126e2043f141e9eec91532cc1738eefedb560ef1ec5af233492979a4f74356d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:09 GMT
x-content-type-options
nosniff
age
14
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67770
x-xss-protection
0
server
sffe
etag
"1649086306"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 25 Apr 2022 19:29:09 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 25 Apr 2022 17:29:23 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77651
pubads_impl_2022042101.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
baa7346a51ac22b01b0f63ef8be8a7b0946a67fbe68ccf2c8a783a769bad8870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126124
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 08:41:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Apr 2023 16:11:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		194 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
4d312294a06982e0377c120ec4264047c63fcb56b327468835938bcc8f144ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:23 GMT
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.64.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-64-68.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:33:20 GMT
via
1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront), 1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
age
42962
x-amzn-requestid
2718fc55-1c63-4fa2-82cd-476fccaffc3d
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-626632a0-36b6f24536526bae34069905;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD89-C1, EWR53-C1
x-amz-apigw-id
RHzZLF9rjoEF2qA=
content-length
30
x-amz-cf-id
obtkJcNf8pJK8Ucl8wkWQNAJybyP8GOKv4ay5TXH4GfHRqsWoxcs9w==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
9c0adf732a1f4ed03a2c996bc775b6fafe3335cdc264d12b48a6704dd5e03ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28539
x-xss-protection
0
server
sffe
etag
"1196 / 921 of 1000 / last-modified: 1650903517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 25 Apr 2022 17:29:23 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2AFD 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9be0e66a8aad7fc8e5583a98a3823b31a5b7ffa0b3109d551bb95cb8ffb9ec99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128369
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:23 GMT
18416afc-1e3e-408d-8bcc-23693bad5213.bin
vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 2AFD 		2 KB
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/18416afc-1e3e-408d-8bcc-23693bad5213.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e4547e63b34e6b2abe4d8f884907f436be6d8b404c6e5e49418d7893da623c88

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
last-modified
Mon, 25 Apr 2022 14:57:49 GMT
age
8990
etag
"cb02384ec2ed2bb929bdff52146a3a89"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
854
1.png
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/067e5169-ece3-4ce8-87ad-c7961b8bb396/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/067e5169-ece3-4ce8-87ad-c7961b8bb396/1.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
br
age
2442120
etag
"o7hSHwAUmCBIixIgiGzuW02nJNU8oGEvPnjWp++AQj4"
access-control-max-age
86400
fastly-io-info
ifsz=11996 idim=794x206 ifmt=png ofsz=9784 odim=794x206 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
9610
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d17%26ev%3dee458dd6e82741618dfe564baf3b9b43%26pname%3dIndex%26api-tier%3d1%26uid%3d
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3Dee458dd6e82741618dfe564baf3b9b43%26pname%3DIndex%26api-tier%3D1%26uid%3D&s=190549&C=1
  • https://cks.connatix.com/cks?pid=17&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Index&api-tier=1&uid=YmbacxfUheiJLy59JDCIJwAA%26153
138 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Index&api-tier=1&uid=YmbacxfUheiJLy59JDCIJwAA%26153
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d596fe893e8f28aef689b557a4c420792f126e10f6bf9175f90e5c241f65dc59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
138
retry-after
0

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cks.connatix.com/cks?pid=17&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Index&api-tier=1&uid=YmbacxfUheiJLy59JDCIJwAA%26153
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
329
Expires
Mon, 25 Apr 2022 17:29:23 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d15%26ev%3dee458dd6e82741618dfe564baf3b9b43%26pname%3dBeeswax%26api-tier%3d1%26uid%3d{userid}
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3Dee458dd6e82741618dfe564baf3b9b43%26pname%3DBeeswax%26api-tier%3D1%26uid%3D%7Buserid%7D&_...
  • https://cks.connatix.com/cks?pid=15&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Beeswax&api-tier=1&uid=AADyjE7EzbUAADr2VhfLPg
132 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Beeswax&api-tier=1&uid=AADyjE7EzbUAADr2VhfLPg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e9c50e789e5f710a23b459e30376d94aed570c731ac03635a6ab46e987cd99c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
132
retry-after
0

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=ee458dd6e82741618dfe564baf3b9b43&pname=Beeswax&api-tier=1&uid=AADyjE7EzbUAADr2VhfLPg
Date
Mon, 25 Apr 2022 17:29:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
  • https://cks.connatix.com/cks?pid=19&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttl=1653499764
146 B
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttl=1653499764
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95b91f9d7966da014f691b2461df67d9ca4a134c665661b57c9bdecc52ed7e08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cks.connatix.com/cks?pid=19&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttl=1653499764
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dee458dd6e82741618dfe564baf3b9b43%26pname%3dAppNexus%26api-tier%3d1%26uid%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcks.connatix.com%252fcks%253fpid%253d6%2526ev%253dee458dd6e82741618dfe564baf3b9b43%2526pname%253dAppNexus%2526api-tier%253d1%2526uid%...
  • https://cks.connatix.com/cks?pid=6&ev=ee458dd6e82741618dfe564baf3b9b43&pname=AppNexus&api-tier=1&uid=6802119093282668307
128 B
162 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=ee458dd6e82741618dfe564baf3b9b43&pname=AppNexus&api-tier=1&uid=6802119093282668307
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f93b9a90fe00d1b8b03712468e90bb19b51dda5e80deb21454813295905ea1fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
128
retry-after
0

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:23 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e1c3333e-fdc9-4d2e-867c-9dd52b39b19c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cks.connatix.com/cks?pid=6&ev=ee458dd6e82741618dfe564baf3b9b43&pname=AppNexus&api-tier=1&uid=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame E6B0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:23 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 25 Apr 2022 17:29:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
server
AkamaiGHost
m-9a9d1fb158.js
tag.escalated.io/ 		113 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/m-9a9d1fb158.js
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.bleepingcomputer.com&type=display&cust=5971&sid=direct&c=&cust2=direct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.143.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-143-18.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e0e83202a9ee204ef43f827c6577a14f183f0fb12e3b96ca6edb852d5c6d9a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Apr 2022 17:15:57 GMT
Server
Apache
ETag
"1c281-5dd4161348d40"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=600
Connection
close
Accept-Ranges
bytes
Content-Length
44052
X-XSS-Protection
1; mode=block
px.gif
ad-delivery.net/ 		43 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Mon, 25 Apr 2022 17:29:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1276613
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV9BxhrNG2ev1ivczUn9mPTy8xibxezR2r%2FyEx2zepEqe6e36FZf2f0CoBkerEtWIhe7r17vbQ5NcgMgkRgjgoF%2BggoZPJK%2FRWJNmu4l2fRaeLIaghliGm%2FNjPDrj1KF1Pe8MpiHAzzlXayw%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7018ccf47b50713f-YUL
expires
Sun, 10 Apr 2022 22:56:41 GMT
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6960800124761277
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Mon, 25 Apr 2022 17:29:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1276613
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRG7kWksiDVOeGhGIRwtjxh2BFacN1qJxxiaK3k10um%2FOvBDvC1nSS9Dpq6vEr6o2V5UWkDkvAOeXnRX%2BBlXKK1U4Ek0B%2FKYU%2FI%2FsnCCM5NTSoxFRFZjuCjI9uBtbXkvUTxffe4fgJrCtynLrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7018ccf47b52713f-YUL
expires
Sun, 10 Apr 2022 22:56:41 GMT
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 2AFD 		573 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
637844c5e197cb22325c055bc6dccbf08706c6e51519fa744fe5f5912c00dceb

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
445
514171
vid.springserve.com/vast/ Frame 2AFD 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.250.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-250-134.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
40fd0d3eb16813d64ca762e80d746f887f3d923248e1d8f53dc2c0d1b0cb7a70

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:24 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml;charset=UTF-8
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
3d3f914e-15b2-4c7f-854a-b330b39a21f5.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/3d3f914e-15b2-4c7f-854a-b330b39a21f5.jpg?crop=834:541,smart&width=834&height=541&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1710d464b48f69445575b1673de0e936ea93501348df7ce54ebebfc7298b409b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
br
age
9028
etag
"N0puh3e5dyU/VZ/BMwrv0ZOz5VlkDPYIl6yymcyrZZQ"
access-control-max-age
86400
fastly-io-info
ifsz=189799 idim=1600x800 ifmt=jpeg ofsz=42076 odim=834x541 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
41636
3d3f914e-15b2-4c7f-854a-b330b39a21f5.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		38 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/3d3f914e-15b2-4c7f-854a-b330b39a21f5.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76cb1e71e0c10f007a1c5746441477c4f25371db40e01628b59f746698d38618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
br
age
9028
etag
"laPg1Y7y4s3WDjzGzODQ0lfiGiEWY9gYO/TInaLX/+E"
access-control-max-age
86400
fastly-io-info
ifsz=189799 idim=1600x800 ifmt=jpeg ofsz=38441 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
38013
ff1ef547-3bb3-48a9-843c-0f960168cc07.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		14 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ff1ef547-3bb3-48a9-843c-0f960168cc07.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
642d23e21b0ad266ebcd9a4b593bb0b182b4485d1c0dcfd32a7bc3165e75c694

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
br
age
9028
etag
"6Z4D77OeHHccsJhZrpx0iBRt8bDh3/+Xq1aoU/sbqyo"
access-control-max-age
86400
fastly-io-info
ifsz=53046 idim=1600x900 ifmt=jpeg ofsz=14230 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
12564
32011ab0-ef6c-43eb-937e-8c4cb3b089d3.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/32011ab0-ef6c-43eb-937e-8c4cb3b089d3.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
46276a23d2b32f72628baac7a401b919f0896237a699e4176cdc02a8af4bbd09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
br
age
9028
etag
"eR+ipHKI8Bt2LHSZJp6hrGVpHmnENGHd85+Kyl5k9WY"
access-control-max-age
86400
fastly-io-info
ifsz=170571 idim=1600x950 ifmt=jpeg ofsz=35175 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
34807
05e048d3-0f16-4baf-aab2-4b5e0cf21983.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/05e048d3-0f16-4baf-aab2-4b5e0cf21983.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0db94e2ca1a13b6c69d8b540d0729dd83e3247dba1f9413c3f761ba0258ed96c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
br
age
9027
etag
"h7B9oNq4cDGBk54bB3a9txzey6EOUNKveSXePwx0u/Y"
access-control-max-age
86400
fastly-io-info
ifsz=1285779 idim=1592x1058 ifmt=png ofsz=119019 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
119024
50beb3b5-16e4-4dac-8847-83fa8527ab70.jpg
img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/50beb3b5-16e4-4dac-8847-83fa8527ab70.jpg?crop=834:469,smart&width=834&height=469&format=jpeg&quality=60&fit=crop
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e4a783177bbd97d5981bdc4b33b9bf4692fb715864e15dd9a693f339e7d01867

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
br
age
9027
etag
"3KLLCg4nyGx1kwPDasjRJo6R6JalLWdR34sk2oJAI/I"
access-control-max-age
86400
fastly-io-info
ifsz=267428 idim=1600x800 ifmt=jpeg ofsz=75995 odim=834x469 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
76003
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Mon, 25 Apr 2022 17:29:24 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
56c9e3755e85285bc0d81df0c04bdd0d83cd39419d8d496dc9454722b7f70894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:24 GMT
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000;includeSubDomains;preload;
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
854
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A1A1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:24 GMT
generate_204
www.youtube.com/ Frame A1A1 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?AEeNZA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usync.js
eus.rubiconproject.com/ Frame E6B0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
18f25152e6157a80c22560120612d9f9c18790e176d7165194cf5ee62a7773d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=23369
content-type
text/html; charset=UTF-8
content-length
9542
expires
Mon, 25 Apr 2022 23:58:53 GMT
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=HJevT9nEBD&w=5733492711227392&o=5714937848528896&cv=2.0.6-2-g96db28a&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:24 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
583c04eba622323b1bc7d6fda2f57e1e.js
www.gstatic.com/mysidia/ Frame AB1F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 00:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3720
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 00:58:27 GMT
css
fonts.googleapis.com/ Frame AB1F 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 16:01:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 17:29:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 17:29:24 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame AB1F 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:14:52 GMT
8379bd799781452a89c3d81734c358e1.js
www.gstatic.com/mysidia/ Frame AB1F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8379bd799781452a89c3d81734c358e1.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68903a24bc807c4491573b87d97cfb3caf2565ab3fc00230764056dd33d1acb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:43:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8337
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 13:43:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame AB1F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:11:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame AB1F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB1F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame AB1F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:22:55 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame DB08 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
147918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 00:24:06 GMT
expires
Mon, 24 Apr 2023 00:24:06 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2AFD 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Apr 2022 17:29:24 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 6813 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
147918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 00:24:06 GMT
expires
Mon, 24 Apr 2023 00:24:06 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame EC20 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
147918
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 00:24:06 GMT
expires
Mon, 24 Apr 2023 00:24:06 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
48.008759e9efe1c1b693dd.js
s7.addthis.com/static/ 		281 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-119"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 25 Apr 2022 17:29:24 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
246
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.216.126 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-216-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
last-modified
Mon, 25 Apr 2022 17:00:00 GMT
server
nginx/1.15.8
date
Mon, 25 Apr 2022 17:29:24 GMT
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
info.json
www.reddit.com/api/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&jsonp=_ate.cbs.rcb_2fv90
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e53d6119a4bd801c50d6e4a9847b051ebac8d49c77e9806efc252934d1d19cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ratelimit-used
2
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubdomains
vary
accept-encoding
content-length
1774
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
date
Mon, 25 Apr 2022 17:29:24 GMT
x-ratelimit-remaining
298
x-reddit-backend
29D23357A3A84814757D4F8DBA593F2626A933BD026BA2E380C2C4C583AA0E90
content-type
application/javascript; charset=UTF-8
via
1.1 varnish
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset
36
accept-ranges
bytes
expires
-1
info.json
www.reddit.com/api/ 		143 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&jsonp=_ate.cbs.rcb_7rx0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
c7fdafd753353d1bdab95edb3f3c94a6d3eb77154b7fe3dfdfd8d45118025460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ratelimit-used
1
via
1.1 varnish
x-content-type-options
nosniff
x-ratelimit-remaining
299
content-length
143
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
date
Mon, 25 Apr 2022 17:29:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-reddit-backend
29D23357A3A84814757D4F8DBA593F2626A933BD026BA2E380C2C4C583AA0E90
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset
36
accept-ranges
bytes
expires
-1
vpaid_4dcb004e.js
vpaid.springserve.com/production/ Frame 3010 		501 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:e400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab3a2d19cd2bb396e69bd66e061bda8cf1c32b50e9239d58d49b7e3c4011c6d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 17:39:36 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 17:22:39 GMT
server
AmazonS3
age
517789
etag
W/"50ceacea1f5e38f258d19f3ef6e5b5e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ec9b50c7bee8c251b0724c3c8490c1e4.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
IAD79-C1
x-amz-cf-id
M4AXRfWUCoyRJfwScyXIQQJZkkBhVZxZWREyhVWrRVI24SaaIqxMmg==
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06d26806f601d17472ce3fdc3db3dd3f0cd0fb946f0ced4507b1bbaed5b2d2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52665
x-xss-protection
0
server
cafe
etag
13774583545168293602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 17:29:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7E27 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:30:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6C54 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:30:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5B36 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:30:08 GMT
pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
a.pub.network/core/pubfig/ 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daffdd6f62e491d3b2ab8012fb6c886e904863487f503e76a4fc6281594d533b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash
crc32c=g723/Q==, md5=cMEEZ9k/uijR78lkvnZ7nw==
date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1227
x-guploader-uploadid
ADPycdspvu-RwI0csQu7IYA-LanyH-QI9i2s52byyJVxZQspHprzHEGmnuJaHF835mTMLULLu4G7j_fOqJ4EpTzB72Yt-ktlA-Gf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Thu, 14 Apr 2022 20:41:58 GMT
server
cloudflare
etag
W/"70c10467d93fba28d1efc964be767b9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9ya9Agn%2BH5yQv4Txk2bE1GCaRvFRayHT2pgyVilQAU9bRIgsXp3YEoGzUaBxC%2BI2gfQlpT%2FZzSTveljzX3sQvwsenNc48HYp3W9%2Bt3xVGYle0UQ%2FL83wko5tCs9qFcFDGzQ5%2Bu9CPW5pUY%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1649968918804884
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
186084
cf-ray
7018ccf7b92aca53-YUL
expires
Mon, 25 Apr 2022 18:08:57 GMT
khaos.jpg
token.rubiconproject.com/ Frame E6B0 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/jpg
cast_sender.js
www.gstatic.com/eureka/clank/100/ Frame A1A1 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/100/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 02:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15463
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 16:04:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 26 Apr 2022 02:02:43 GMT
us
capi-tier-1-us-east-2.connatix.com/core/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi-tier-1-us-east-2.connatix.com/core/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi-tier-1-us-east-2.connatix.com/core/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:23 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
us
capi-tier-1-us-east-2.connatix.com/core/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/core/us?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
7yz_RBbUaUL.c9AHi_yCDNj.QPtoJsmz
content-encoding
gzip
etag
ae8d955adf98458335c127f4461070c2
age
73357
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1RHQW6CN6R2ZKQGKEE7T
date
Sun, 24 Apr 2022 21:06:47 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
sDBsvAiKU7zN3xHmUAOrI_Y4U64IS8pnp9GOso3eUmMPh7BzKoE6nw==
op.js
tagan.adlightning.com/freestar/ 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/op.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b6b3612f6ea743469b6432f038309068cea9b3a6dd45c922fa2c357e07b31a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:32:51 GMT
content-encoding
gzip
age
3394
x-cache
Hit from cloudfront
content-length
24084
x-amz-meta-git_commit
5a99e50
last-modified
Mon, 25 Apr 2022 05:15:55 GMT
server
AmazonS3
etag
"8da269bcabc3bd8a97321bec4d6ff9b0"
x-amz-version-id
Ilta9e6lAI5DIEY3lbvZrzSBDw7eBNNB
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lEL95VoOur97Ysml68dGZOyOEpvXN00-EeS48NNxqCWA7wHXhII5QQ==
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1A1 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
704ab6b2b015b3d75b71f41b9ae452a2d102c5733ae68e629b1ae21e30778adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 25 Apr 2022 17:29:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
11837012157140954480
tpc.googlesyndication.com/daca_images/simgad/ Frame AB1F 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11837012157140954480
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61ca2b0bd76424a3689e4ce2339fef8d23ea6cb40d89c2ec8f9f64f3e00d70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 00:35:43 GMT
x-content-type-options
nosniff
age
492821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41750
x-xss-protection
0
last-modified
Sun, 18 Sep 2016 02:57:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Apr 2023 00:35:43 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12178660057211907024/ Frame AB1F 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12178660057211907024/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
047a097643ca9c369d217ef0d73fc841ba403173f3bb6ce91b40dcb78a5f480c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 13:48:41 GMT
x-content-type-options
nosniff
age
13243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52210
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 22:58:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 25 Apr 2023 13:48:41 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15419001250272682346/ Frame AB1F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15419001250272682346/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48e95820e6f2d2f595ada168f6bbdfd50bc78c1f10ab46d8a6eb723ed608502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 17:08:59 GMT
x-content-type-options
nosniff
age
519625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23627
x-xss-protection
0
last-modified
Tue, 28 Dec 2021 16:44:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Apr 2023 17:08:59 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7603631181995269272/ Frame AB1F 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7603631181995269272/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4eda19b2b9b196cf08423854eb70ab85d2c098b4af80cf8e2c4287c505f91b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 04:44:53 GMT
x-content-type-options
nosniff
age
218671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63788
x-xss-protection
0
last-modified
Tue, 10 Mar 2020 00:39:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Apr 2023 04:44:53 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4924058283768259985/ Frame AB1F 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4924058283768259985/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93ecda2ea4335893d4fb3b45ca01ba75b4e7e239efdf145afab6114155a36cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 16:20:39 GMT
x-content-type-options
nosniff
age
349725
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109383
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 21:24:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 16:20:39 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/679763090167784177/ Frame AB1F 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/679763090167784177/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66d7a3391b2504c065d23ec68e92633b37d399423b183ea9d7e68a40b4d39f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 15:51:07 GMT
x-content-type-options
nosniff
age
351497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76287
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 20:29:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 15:51:07 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13082891081201222343/ Frame AB1F 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13082891081201222343/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43ff03ab80f81f266774cedd1c8e839aa6fe9340e66b43e7a02510726cf3a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 15:39:45 GMT
x-content-type-options
nosniff
age
352179
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53729
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 07:10:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 15:39:45 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9789125833022609181/ Frame AB1F 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9789125833022609181/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0a332f58203b516c798bfc9171ee225b682827658266c785edf763ddd923a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 06:26:09 GMT
x-content-type-options
nosniff
age
212595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98883
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 19:41:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Apr 2023 06:26:09 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIMA1c9pmYqTDG6KVoPMP8M6JuA3MmZHmaZWqyazADsbbusWiGBABIMeD_AEoCGD96KKB8AOgAdfE6-IDyAEBqAMByAMCqgSkAk_Qk8iekgO5bY17brWdO3gJ9hZiOe6EcYrjuEupgT3u7bN8c18owlMGfwCq9MQHx-g_Jtqw8wTUeeQLhF6ZtcHiGWXxC-DTOcTC9QzL5I_l9i_SZmdDrmeuRtz80DuRAlRqjcQrKeRxlJLmbGALD85WbiBxR0aUh_KKd9UA5XKROBo7V3CN3fqUDrbBaQmsNyU0rXjEBVYWTvBNBzmSXXawjK_ff2EnpROrtnOc7Bbj5WeYBUUeGVq7QPjGuknw6wrpU6oTsbrO8oIN71IQXfNj_I7PMql0WX2Q3NUjGOGfhMWxhpkdbJ6oUyvSGr0aUXWlD0DJ4ucWTkkVRWeHUT9HIl1M9D8sYM-ourIxzRMp--ykLkV9h3_likc35tAG8dJJMLzABIj5gozeA5IFBAgEGAGSBQQIBRgEoAZmgAeRu5QdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQv6080ggHCIBhEAEYH4AKAcgLAcITBhjXxOviA9gTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=lCUR4RtDsHA&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8_8Mc9pmYqTDG6KVoPMP8M6JuA3AqeDJW4Sdq7eREMC06tuPDhACIMeD_AEoCGD96KKB8AOgAZTz-tQCyAEGqQKbToVMxU2qPqgDAcgDAqoEuQJP0IX9tZIAuW2Ne261nTt4CfYWYjnuhHGK47hLqYE97u2zfHNfKMJTBn8AqvTEB8foPybasPME1HnkC4RembXB4hll8Qvg0znEwvUMy-SP5fYv0mZnQ65nrkbc_NA7kQJUao3EKynkcZSS5mxgCw_OVm4gcUdGlIfyinfVAOVykTgaO1dwjd36lA62wWkJrDclNK14xAVWFk7wTQc5kl0Os4zn3_9Nji1SKI11nOxd5eVn9gJFHn5Wu0C4yadJY-3_rqSpk_VPzYeBDS-nE6gwY_x5zMeqdlmIkynWIxgUnHHGsYZsHJmdqFHe0e--G1GApu5GCDzwC1q7tu5mCsM4fNfDcEybN-m1v_F-JwNVzSrxpLaVa5DEHDlsFebeF0DoOxICWWNklpGCGYpk4hq0c9XJSVOc524SwAS4iqX47QKSBQQIBBgBkgUECAUYBKAGN4AH1IyFqwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC_rTzSCAcIgGEQARgfgAoByAsBwhMGGJTz-tQC2BMK0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=DZrBGRP4jak&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CnriWc9pmYqTDG6KVoPMP8M6JuA2N7-vMaZ2jr5zVD8aRkKeXDhADIMeD_AEoCGD96KKB8AOgAbSHl9wByAEGqAMByAMCqgSpAk_QsM-EkgG5bY17brWdO3gJ9hZiOe6EcYrjuEupgT3u7bN8c18owlMGfwCq9MQHx-g_Jtqw8wTUeeQLhF6ZtcHiGWXxC-DTOcTC9QzL5I_l9i_SZmdDrmeuRtz80DuRAlRqjcQrKeRxlJLmbGALD85WbiBxR0aUh_KKd9UA5XKROBo7V3CN3fqUDrbBaQmsNyU0rXjEBVYWTvBNBzmSXXawjKff7E2OIVBW1W-c7F3l5Wf2AkUefla7QLjJp0lj7f-upKmT9U_Nh4ENL6cTqDBj_HnMx6p2WYiTKdYjGBScccaxhmwcmZ2oUd7R774bUYCm7kYIPPALdvGb4WUKwzVkKrxwTIs3-c7yt3YncAegGPqMplT0NdI4hPCVZR8Ienzzob_W64w2iMAEju385e0DkgUECAQYAZIFBAgFGASgBjeAB7T46KMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQv6080ggHCIBhEAEYH4AKAcgLAcITBhi0h5fcAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=ubIsx4fReiI&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cy3eZc9pmYqTDG6KVoPMP8M6JuA3YntPuZo_9t-e3C9vZHhAEIMeD_AEoCGD96KKB8AOgAf6x_5oDyAEGqQKbToVMxU2qPqgDAcgDAqoEqAJP0LnvwpIGuW2Ne261nTt4CfYWYjnuhHGK47hLqYE97u2zfHNfKMJTBn8AqvTEB8foPybasPME1HnkC4RembXB4hll8Qvg0znEwvUMy-SP5fYv0mZnQ65nrkbc_NA7kQJUao3EKynkcZSS5mxgCw_OVm4gcUdGlIfyinfVAOVykTgaO1dwjd36lA62wWkJrDclNK14xAVWFk7wTQc5kl12sIyn3_tNjlE7P5V2nOxd5eVn9gJFHn5Wu0C4yadJY-3_rqSpk_VPzYeBDS-nE6gwY_x5zMeqdlmIkynWIxgUnHHGsYZsHJmdqFHe0e--G1GApu5GCDzwC3yoiyCqz8BvFBVm4GWg0vmP0A1j0B0Bz83EASt_1jXeLGudkwrKPFh8_bdC1qqujMAE2OaD6qcBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB-rNgGWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC_rTzSCAcIgGEQARgfgAoByAsBwhMGGP6x_5oD2BMNiBQD0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=T91lXCRG5Xo&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClEJdc9pmYqTDG6KVoPMP8M6JuA3BtqjgacXcveneD8LUkryKExAFIMeD_AEoCGD96KKB8AOgAfLiyIgDyAEGqAMByAMCqgSoAk_Q4pOokge5bY17brWdO3gJ9hZiOe6EcYrjuEupgT3u7bN8c18owlMGfwCq9MQHx-g_Jtqw8wTUeeQLhF6ZtcHiGWXxC-DTOcTC9QzL5I_l9i_SZmdDrmeuRtz80DuRAlRqjcQrKeRxlJLmbGALD85WbiBxR0aUh_KKd9UA5XKROBo7V3CN3fqUDrbBaQmsNyU0rXjEBVYWTvBNBzmSXXawjKff-02OcVkatG6c7F3l5Wf2AkUefla7QLjJp0lj7f-upKmT9U_Nh4ENL6cTqDBj_HnMx6p2WYiTKdYjGBScccaxhmwcmZ2oUd7R774bUYCm7kYIPPALUNjIRqrPyzVkambgZaC_hZPGAWOBOV7yz8QgK3_WNd4sFIDAOsg8WHz9twGTurWAwAT8msrS_AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHjbucAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL-tPNIIBwiAYRABGB-ACgHICwHCEwYY8uLIiAPYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMDkyMDg5OTMwMDM5NzgyMxgA&sigh=KOmfgo21dPI&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZCdGc9pmYqTDG6KVoPMP8M6JuA3F9ryLaZuht8uvDo6mn-eODhAGIMeD_AEoCGD96KKB8AOgAd29gMYCyAEGqAMByAMCqgSsAk_Qy62ekgS5bY17brWdO3gJ9hZiOe6EcYrjuEupgT3u7bN8c18owlMGfwCq9MQHx-g_Jtqw8wTUeeQLhF6ZtcHiGWXxC-DTOcTC9QzL5I_l9i_SZmdDrmeuRtz80DuRAlRqjcQrKeRxlJLmbGALD85WbiBxR0aUh_KKd9UA5XKROBo7V3CN3fqUDrbBaQmsNyU0rXjEBVYWTvBNBzmSXQ6zjOff_0WO9DOqp4yAatcJDvcq6K7FyrtQ9WwoTJv7Awk8oFyQs7rOQ3QOr1IQqAVg_EzPx193WX2SKSMgGOGfcTOyhpkfmWirUyvS7UsYUXWl77MLPRANg6ETnpNncTSpIld0H5elYk8anovKfLMjEkAbi0v-sdsWnGU7_hWy59XljadPT3wfdXdmbMAE55qiuOIDkgUECAQYAZIFBAgFGASgBjeAB4vC_7kBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQv6080ggHCIBhEAEYH4AKAcgLAcITBhjdvYDGAtgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0wOTIwODk5MzAwMzk3ODIzGAA&sigh=NZauivmcmng&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2YJIc9pmYqTDG6KVoPMP8M6JuA3qzf6rZvSVm5KjD4r8_MrZDRAHIMeD_AEoCGD96KKB8AOgAYXO7cICyAEGqQK1snDvbQBMPqgDAcgDAqoEqgJP0M2OZAMDmWsHe8TD8jshHLQRayzimn-H67ZUsYUt6KaiPX2KRH9qMnNLq7zB7fZcVjzGtPROiGy8U4QHjPfG6wxp7wXt2zfb2vEcza-epPhv0Sx-VfZn5FbM7cw9gVlMKI3TJT2maNyHrn0oChzVQ2IwOVICiov5wmeXDf59jDcWJx9n09vohwrrzSpNrnUub7kk0gFfV0qyUQ4kjBuOnQ1l3D6HjS75ELGM1-0m4p5gxgN1HyBQ5UaBw55DGuibq1OqkbG6ivKCjS9SEF3zYzyMzzKpdFl_kNzVIxjhn4TFsYaZH2yeqFMr0Bq9G1F1pRpFCTwQDWNH5eDSesr4bCr86gYyNUpkj9eV9_ilj2JlETZ13xfSNJB9m11Xq0xe86-pV9SkYE2HwASXw9i2zwKSBQQIBBgBkgUECAUYBKAGN4AH47GSvQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC_rTzSCAcIgGEQARgfgAoByAsBwhMGGIXO7cIC2BMC0BUBgBcBshccChoIABIUcHViLTA5MjA4OTkzMDAzOTc4MjMYAA&sigh=hobqsa6mRY0&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB1F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cc_d3c9pmYqTDG6KVoPMP8M6JuA2frJ_padv2k5OoD9vZHhAIIMeD_AEoCGD96KKB8AOgAb6k3oYDyAEGqAMByAMCqgSlAk_Qr8JZixqJVD7Id9qdOyFF-B9iLPeDeI7vulasgCz5sf5wcYiTxGwNeEzn8cTtHIc5Otq08E3BebwLhAfVu8jiDHz2AuTfO9nH9B3cuMLp9G2TbXVH8ju4QMr7yyacVBpmgd8-KKcrhpWpMnYcC9FcaDYvDEmFmuTUOdkB_2eZPxEsCDibzfiFG_6FbkrtNC1n6mPJDFZXC_dWFTaDCtkyj2YV_GVEbBqwzXTn6ybi1WbGAxsYIFCCSoHD3kwH6Aitpu1msjrOB4H4LFLQqPCW_4zPxaqBWn2QKdbWG-GfccZEhZkfmZ9dUCvS777uUnSl70boOrCbPTjYTWylAwv-IN7imha9lXcaptm-NrMLhM6kIlHOhGitT3MV5t4QQKhFJVJcwATx0NTK9gOSBQQIBBgBkgUECAUYBKAGN4AHqtuheagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL-tPNIIBwiAYRABGB-ACgHICwHCEwYYvqTehgPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMDkyMDg5OTMwMDM5NzgyMxgA&sigh=SVtvCqF9w6w&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 25 Apr 2022 17:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:24 GMT
truncated
/ Frame AB1F 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f629b8954c9eb4891e1269a2b6ad4e8d949abce37891832ff38812398c8d0542

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f716:921a:893c:c3d8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 02 May 2022 17:29:24 GMT
load.js
s.ntv.io/serve/ 		394 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.163 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:24 GMT
Content-Encoding
gzip
x-amz-request-id
PAQBPN3AJH773GGC
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/lApjz4kaH8jGqSSaD6oLGRG9Yo1GVXzWMelX0Xog7d6sav1GdUjR78QDWbBnOBXpl8/p4F7hmM=
Last-Modified
Tue, 12 Apr 2022 15:30:17 GMT
Server
AmazonS3
ETag
"aa068ae425ad39385b7557af7408b5ba"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid
ib.adnxs.com/ut/v3/ 		138 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dddc682f67ac8b7ae452e205772176b097944bc9fa3b5350fee2546c0c96767f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:24 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
201c9dd1-85e0-4cc7-97b2-c69f17f36b42
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7018ccfa6de5f03d-EWR
access-control-allow-headers
origin, content-type
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8fb7d8fc4e811c815faec2d6b5a702de941118005a1b5adce657483021b31f64

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
d64e0788307cdaedb90579842aa62130a826ec92f2cc2e29ab163d2f094fe6c6

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		139 B
996 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
47f19bfbc085d181c1842e3186792f81749c95844b801143e9df84d00ee7f22c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:24 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f7b2a188-4979-4e23-819e-614a10221e44
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		118 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dPGcAuqZ0r6Ok4aKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
41c3c82e012376bbc03f4fbb4e5236fc568c543c7133263fcabebf8da3a30efa

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ads.yieldmo.com/exchange/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.4&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22callback_id%22%3A%22160503ab142a52d%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&bust=1650907764823&pr=&scrd=1&dnt=false&description=Amazon%20Web%20Services%20(AWS)%20has%20fixed%20four%20security%20issues%20in%20its%20hot%20patch%20from%20December%20that%20addressed%20the%20critical%20Log4Shell%20vulnerability%20(CVE-2021-44228)%20affecting%20cloud%20or%20on-premise%20environments%20running%20Java%20applications%20with%20a%20vulnerable%20version%20of%20the%20Log4j%C2%A0logging%20library%C2%A0or%20containers.&title=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=2e74d6e9-1bdd-4b15-a29a-869482c39748&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.190.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-190-65.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/ 		25 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7709d607b439e5d7e4c97566c93da45eff008623faae6218a032e2ddc166263f

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
arj
freestar-d.openx.net/w/1.0/ 		174 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=65b2b3d9-81cf-4012-a5a4-8f6f4fd0c6b9&nocache=1650907764827&scsm=www.freestar.com%3A601&pubcid=2e74d6e9-1bdd-4b15-a29a-869482c39748&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90&divids=bleepingcomputer_970x90_728x90_320x50_sticky&aucs=%252F15184186%252C1006593%252Fbleepingcomputer_970x90_728x90_320x50_sticky%252Fbleepingcomputer_970x90_728x90_320x50_sticky&auid=540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
284242a4f9b15f5fc932a6a3d09a3f262ad90323768848482ce44bfa9643f4fd

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:24 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		777 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&rp_schain=1.0,1!freestar.com,412,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tg_i.fs_ad_product=stickyFooter&tg_i.dfp_ad_unit_code=15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tg_i.pbadslot=15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tk_flint=pbjs_lite_v5.20.4&x_source.tid=65b2b3d9-81cf-4012-a5a4-8f6f4fd0c6b9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.994930692037316
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36c9c569b00d6b113860d3c416fe5203ae70377dd9914ae31279fa1de08d16e5

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
777
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		24 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3dd10b4462486d7da1b2f3f09c160071329c1f47b9d7fc22b749ba1f1a31d692

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 25 Apr 2022 17:29:25 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cygnus
htlb.casalemedia.com/ 		37 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2227eca39b46edc7e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F%22%2C%22name%22%3A%22bleepingcomputer-com%22%2C%22domain%22%3A%22bleepingcomputer.com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.4%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228818c8c7d48199%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.210.18 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-210-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea04cb390bf3e0d9be17947dd8f2bdf25bb11fbc13d6a494c8e725e882674868

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.185], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Mon, 25 Apr 2022 17:29:25 GMT
auction
c.deployads.com/openrtb2/ 		506 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.20.4&host=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
f721c02819837ba9316e1927e1b1395791e6804741584c5a2677484c997ec382

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
506
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
auction
tlx.3lift.com/header/ 		19 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.4&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.209.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-209-43.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:24 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/ Frame 2061 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
70253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Apr 2022 21:58:31 GMT
etag
14837630671339829333
expires
Sun, 08 May 2022 21:58:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/ 		36 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
us
capi.connatix.com/core/ Frame E6B0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L2EZUVRD-W-HD2J
  • https://ck.connatix.com/cks?pid=11&uid=L2EZUVRD-W-HD2J
  • https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L2EZUVRD-W-HD2J&UserId=
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L2EZUVRD-W-HD2J&UserId=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
access-control-max-age
86400
content-type
application/json

Redirect headers

date
Mon, 25 Apr 2022 17:29:25 GMT
location
https://capi.connatix.com/core/us?DemandPartner=11&DemandPartnerUserId=L2EZUVRD-W-HD2J&UserId=
access-control-max-age
86400
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
retry-after
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
prebid
ib.adnxs.com/ut/v3/ Frame 3010 		160 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8fefbfe3af770b9da29088faf80f1cb4e2db7983937475c50b93f598a51bec14
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
dbcac85e-0e88-4e92-ad6a-4b11389fa386
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 3010 		0
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 3010 		0
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
translator
hbopenbid.pubmatic.com/ Frame 3010 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
ads.adaptv.advertising.com/rtb/ Frame 3010 		41 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-57.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
9c963a33a9c2cb053945df36c0368e88ae3f52d0c6770399428504f4f8a48e40

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
61
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ Frame 3010 		41 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-57.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
9c963a33a9c2cb053945df36c0368e88ae3f52d0c6770399428504f4f8a48e40

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
61
expires
0
sync
ups.analytics.yahoo.com/ups/57304/ Frame 3010
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0MDgxZTM5Yi1jNGJkLTExZWMtYWY3ZS0wYWIyMjk5NTU5NWI%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESELSVbVY0ZYq3zQji5dRM8P8&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELSVbVY0ZYq3zQji5dRM8P8&google_cver=1&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELSVbVY0ZYq3zQji5dRM8P8&google_cver=1&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESELSVbVY0ZYq3zQji5dRM8P8&google_cver=1&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
date
Mon, 25 Apr 2022 17:29:25 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame 3010 		0
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame 3010
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&_origin=1&gdpr=0&gdpr_consent=
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&_origin=1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
649fc78f0d874b4e2e7cde4d0ee7255fe6c6a8ed2e909566752e4ac82d7abd03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:21:46 GMT
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
server
Server
age
7659
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C2
content-length
1449
x-amz-cf-id
0xZO4brjDUrqgOO9hZEqjvuW1Y_Uer-7nkZCFOkElTp05J8fIaMbvw==
bid
c.amazon-adsystem.com/e/dtb/ 		192 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&pid=sEa89txLONzvc&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
2a3c6e99591820af61cc1982b87d337448abdab0b6cdb9a631fb7591e0ecae4a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
T6CK43QXVNFAZT10HBGP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
192
x-amz-cf-id
rfr7LVMmX9EZAbr0NJNd2ScA8TZmCZiIU7hWKk7tLM7r1q1clRS5iQ==
bid
c.amazon-adsystem.com/e/dtb/ 		192 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&pid=sEa89txLONzvc&cb=1&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
0d23a033adadf4aee3d9ae65d0057ec452e3ea117ac5a38cf59fdc6cda3f5d9a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
Z73DMC0PJPS183JC06SQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
192
x-amz-cf-id
vAXhrkeSX7vMwNHdOdj1KZ49BoAQM2X3G1NtrHlyvGWZ0hsNmMxV1Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
31967
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Mon, 25 Apr 2022 08:36:39 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 7f0fedc5c1b6155cbeb8fd32bdcdb07a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
VchW43nCeLgdq7XZnKgzEYTvmAI7HYljMhjhr3Xa9iS4dVuQnyN81Q==
post
tag.escalated.io/ 		31 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/m-9a9d1fb158.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.143.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-143-18.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5f765edf6f521fb806e06ebd1cf7d1d038a27e82b000c89a13a3fa11f5eeb235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 25 Apr 2022 17:29:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
close
Access-Control-Allow-Headers
content-type
Content-Length
51
X-XSS-Protection
1; mode=block
ssusersync
vid.springserve.com/ Frame 3010 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/ssusersync
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.250.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-250-134.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b657c21103cc9ad1ef4e90150c5d9814538331cebd0b8d0dfb048bedb11e2621

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
4710
content-type
application/javascript
css2
fonts.googleapis.com/ Frame 2061 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 17:01:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 17:29:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 17:29:25 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2061 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 08:06:39 GMT
x-content-type-options
nosniff
age
379366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Apr 2023 08:06:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2061 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 06:05:33 GMT
x-content-type-options
nosniff
age
386632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Apr 2023 06:05:33 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame 2061 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
292
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8275
x-xss-protection
0
server
cafe
etag
13275616604445095965
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:24:33 GMT
tap.php
pixel.rubiconproject.com/ Frame E6B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH71Tu3_yy8uOK-cIDWstdA&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH71Tu3_yy8uOK-cIDWstdA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEH71Tu3_yy8uOK-cIDWstdA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E6B0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame E6B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJFWlVWUkQtVy1IRDJK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJFWlVWUkQtVy1IRDJK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJFWlVWUkQtVy1IRDJK
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame E6B0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QTX3N9SEC0CTMSFX0QJQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8C8JYSNDAX6MXQKBS1YR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame E6B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2EZUVRD-W-HD2J&sigv=1&esig=2~d9e91b2f52b64069824fc2d3f22c9436797e7d39
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2EZUVRD-W-HD2J&sigv=1&esig=2~d9e91b2f52b64069824fc2d3f22c9436797e7d39
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2EZUVRD-W-HD2J&sigv=1&esig=2~d9e91b2f52b64069824fc2d3f22c9436797e7d39
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame E6B0 		42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
setuid
px.ads.linkedin.com/ Frame E6B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2EZUVRD-W-HD2J
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2EZUVRD-W-HD2J
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:24 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F179508A1CC745A9B051D4E600B3FA0E Ref B: YTO01EDGE0818 Ref C: 2022-04-25T17:29:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdferqYyJHqptR1v+YGA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2EZUVRD-W-HD2J
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame E6B0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=O7vG5fJCQx64Qqq8wFXorg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O7vG5fJCQx64Qqq8wFXorg
43 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O7vG5fJCQx64Qqq8wFXorg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HGPE4DGZRCPP830EGWX3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=O7vG5fJCQx64Qqq8wFXorg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 20:39:44 GMT
content-encoding
gzip
age
161382
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
BZ8_hnr20tKa4bBqWsEdELZKvBCJH3_fJBwnovkxpp1pkVkIg-Q68g==
bl-c5c1c29-22b38b82.js
tagan.adlightning.com/freestar/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:32:51 GMT
content-encoding
gzip
age
42995
x-cache
Hit from cloudfront
content-length
16053
x-amz-meta-git_commit
c5c1c29
last-modified
Mon, 25 Apr 2022 05:14:59 GMT
server
AmazonS3
etag
"3abd766dd9a72c2566f4dfae99481e61"
x-amz-version-id
zgrf5zkrhPVSyNvTcjz_LeKoP3oETO_z
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
rJ_WhM-HiE8-PPBUbpWYKT1wqbogNe-85XwaV7Gic4b3NqZdfcMwNg==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/webp
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB1F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 01:28:42 GMT
x-content-type-options
nosniff
age
316843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Apr 2023 01:28:42 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB1F 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sun, 24 Apr 2022 00:09:49 GMT
x-content-type-options
nosniff
age
148776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Apr 2023 00:09:49 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB1F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 04:56:13 GMT
x-content-type-options
nosniff
age
477192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 04:56:13 GMT
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.4&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.209.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-209-43.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
dmx.districtm.io/b/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7018ccfcd8c7f03d-EWR
access-control-allow-headers
origin, content-type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2%3B2%3B15%3B15%3B2&alt_size_ids=55%2C57%3B%3B10%3B10%3B55%2C57&rp_schain=1.0,1!freestar.com,412,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tg_i.fs_ad_product=banner&tg_i.dfp_ad_unit_code=15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%3B15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%3B15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%3B15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&tg_i.pbadslot=15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%3B15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%3B15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%3B15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&tk_flint=pbjs_lite_v5.20.4&x_source.tid=f0869d7d-5277-4ae2-b509-b4f37d1b61ef%3B709fb5de-14d3-40b9-920a-fed8b6db4f1d%3Baaefb960-f688-413e-955a-232a2478282c%3B2f2cd1ff-28e4-4456-a931-520376a840ad%3B678df99e-9b76-40a0-8fcd-c01234d84448&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=5&rand=0.7080503017743707
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
afc3d327a930eb2e44cb4563707eda89fab223479810257e72025ccf61d8e128

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
508
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		583 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fce0627165f79d95b2b011a25ad8b793547d319472fd07642ba93735568ad86f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 25 Apr 2022 17:29:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4998d437-20df-4e92-9c90-990ac5d17d1c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8a4356fe19981f33f33da8c78acf6dd81d82a95c7ef4030859654f391cff8746

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194700601d06e7&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6261e67d9fb22a0c074fe3b1f92197c7fbbad46584e71db9883a2d7a3016eef9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b915e1b0c7b0594da9b4566945aedcf69f7cee2998d4623fb410320eff0e5616

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3100e246781d3a8d752e7816c91dc2a722a5f3b92fad36ea7815fb4d6e96422e

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707caca0954&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
1c322b0ef334c0f3578efa2fa35430b531599ec420cc24e0d4cae7a2af567ec4

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969412017474441319470061cb06e8&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f674ac2105c83818ad1446945a7983dc00dff03223142f45145e7566062d02d6

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707caca0954&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7c518df5b590ed1146546a65bd1f5fca63baac3b3f66d1b3a6cf95feaace4c8f

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969412017474441319470061cb06e8&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3c3b7c9c6e75f7892e7e848dcb05d0a24f6895ea8584fe58d2626a51c8e0f964

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ea42e7b54ce96ed36e3c07f98823f37cac6ec220abf4dc503b0146bedc343f85

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194700601d06e7&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
66c80e4a1dab8a7bb0e74e9dcfcfcd2e1d8845b1118182107ad593c6b26e2600

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
de6095c1e70c0973c16617652129af895ef22f722ce54b2a0c96e66ca6dcdabe

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/ 		29 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b930e8c279a618118458cfbdc2d4f6e728eca2ea7e8e5dd37e7832094077631b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 25 Apr 2022 17:29:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6f89d614-3547-45ff-8936-2339785184d3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		15 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
76fed158f82e08bf6a918cd487bbe37f9918a9744aa8c7dc42f16c4f337b8120

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 25 Apr 2022 17:29:25 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
9567
cygnus
htlb.casalemedia.com/ 		37 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22982af65c20e4c3b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F%22%2C%22name%22%3A%22bleepingcomputer-com%22%2C%22domain%22%3A%22bleepingcomputer.com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.4%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2299029e356cd7c5e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%7D%2C%7B%22id%22%3A%2210269c2913f1e8a1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%7D%2C%7B%22id%22%3A%221030973bfaf9c107%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%7D%2C%7B%22id%22%3A%22105a5072b00da211%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%7D%2C%7B%22id%22%3A%22107dde3d68acc755%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.210.18 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-210-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf89d6b316de2e07cb07e429da8a8ab29f139dcb8cd3bd2932cfc12737c7f31e

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.185], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Mon, 25 Apr 2022 17:29:25 GMT
prebid
ads.yieldmo.com/exchange/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.4&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22callback_id%22%3A%22111a768de6b2f4c8%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22callback_id%22%3A%22112f7f3bbbe644ee%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22callback_id%22%3A%22113000892a127be%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22callback_id%22%3A%22114c8fa007e02a53%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22callback_id%22%3A%22115c556de1b48511%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&bust=1650907765273&pr=&scrd=1&dnt=false&description=Amazon%20Web%20Services%20(AWS)%20has%20fixed%20four%20security%20issues%20in%20its%20hot%20patch%20from%20December%20that%20addressed%20the%20critical%20Log4Shell%20vulnerability%20(CVE-2021-44228)%20affecting%20cloud%20or%20on-premise%20environments%20running%20Java%20applications%20with%20a%20vulnerable%20version%20of%20the%20Log4j%C2%A0logging%20library%C2%A0or%20containers.&title=Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=2e74d6e9-1bdd-4b15-a29a-869482c39748&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.190.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-190-65.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
auction
c.deployads.com/openrtb2/ 		581 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.20.4&host=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
dbf7574ff7c42f83ecf93b5c96e025d075677bb836b2ab68d8a70a170f5cdb53

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
581
expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Mon, 25 Apr 2022 17:29:25 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
freestar-d.openx.net/w/1.0/ 		0
0
prebid
prebid.media.net/rtb/ 		123 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e8c56f4a07013a144a6ecc5c7ccfedbf5f31684f6a04a1e0432bf403dcb4b8f0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.200.97 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-200-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 25 Apr 2022 17:44:25 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
date
Mon, 25 Apr 2022 16:32:24 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
91882226
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:2000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 16:40:21 GMT
content-encoding
gzip
age
2945
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
5_V2zWWAYDqTb9Gd76t5nVdXHtZM-8Pr4V93g-rvcLChxaezcuotvA==
t
jadserve.postrelease.com/ 		449 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&ntv_mvi
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.147.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-147-250.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
69933e17998a945d516cbefad1fef4aa0f58387669dd3c44c5f734ddc9841452

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
305
expires
Mon, 1 Jan 1990 12:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame AB1F 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&pi=t.ma~as.4359266829&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1650444326&rafmt=9&psa=0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650907762987&bpp=3&bdt=411&idt=354&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&correlator=7213177364871&rume=1&frm=20&pv=2&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31065742%2C31067068%2C21065724%2C31061691%2C31061692&oid=2&pvsid=2130312850070464&pem=872&tmod=1046575424&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WzMKTSycET&p=https%3A//www.bleepingcomputer.com&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
14048
rtb.gumgum.com/usync/ Frame F0DD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8e1f17c906b321dcdf4a10dbb4bf4287bd48e6956bc8d56749c837597671ead3

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:25 GMT
etag
W/"05a41c2bcc2f6d89700ae9a80bd04b508"
server
nginx
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A6C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131232
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 27 Apr 2022 05:56:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000001&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3a145ace-0b05-48bb-8708-950ebb2cf089
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.springserve.com/usersync?aid=1000001&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync.bfmio.com/ Frame 3010
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=111&gdpr=&gdpr_consent=&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Server
44.197.56.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-56-222.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 25 Apr 2022 17:29:25 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://cs.emxdgt.com/um?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24...
  • https://cs.emxdgt.com/umcheck?apnxid=6802119093282668307&redirect=https://sync.springserve.com/usersync?aid=1000003&gdpr=&gdpr_consent=&us_privacy=&uuid=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnNwcml...
  • https://sync.springserve.com/usersync?aid=1000003&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307brt57371650907765473749b6
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000003&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307brt57371650907765473749b6
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000003&gdpr=&gdpr_consent=&us_privacy=&uuid=6802119093282668307brt57371650907765473749b6
date
Mon, 25 Apr 2022 17:29:24 GMT
content-length
0
content-type
text/html
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26u...
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=&gdpr_consent=&us_privacy=&uuid=YmbacxfUheiJLy59JDCIJwAA%26153
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&gdpr=&gdpr_consent=&us_privacy=&uuid=YmbacxfUheiJLy59JDCIJwAA%26153
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.springserve.com/usersync?aid=1000005&gdpr=&gdpr_consent=&us_privacy=&uuid=YmbacxfUheiJLy59JDCIJwAA%26153
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
317
Expires
Mon, 25 Apr 2022 17:29:25 GMT
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=&gdpr_consent=&us_privacy=&redir=true
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=&gdpr_consent=&us_privacy=&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
  • https://sync.springserve.com/usersync?aid=759&uuid=y-uefom4ZE2uHrZO1g2ECefJiohWoJEt32~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=759&uuid=y-uefom4ZE2uHrZO1g2ECefJiohWoJEt32~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=759&uuid=y-uefom4ZE2uHrZO1g2ECefJiohWoJEt32~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
  • https://sync.springserve.com/usersync?aid=1000008&gdpr=&gdpr_consent=&us_privacy=&uuid=c406667f-0bc5-470b-93c0-8e6967bf6638
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000008&gdpr=&gdpr_consent=&us_privacy=&uuid=c406667f-0bc5-470b-93c0-8e6967bf6638
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.springserve.com/usersync?aid=1000008&gdpr=&gdpr_consent=&us_privacy=&uuid=c406667f-0bc5-470b-93c0-8e6967bf6638
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
5oofg29ll6spu90os1h2loj6ec35eonh
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid...
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=&gdpr_consent=&us_privacy=&uuid=gbIPVn2xryOu&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000011&gdpr=&gdpr_consent=&us_privacy=&uuid=gbIPVn2xryOu&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync.springserve.com/usersync?aid=1000011&gdpr=&gdpr_consent=&us_privacy=&uuid=gbIPVn2xryOu&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-588fbd8cf7-s4tcg
expires
-1
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UU...
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D&cb=1650907765482
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=&gdpr_consent=&us_privacy=&uuid=OPTOUT
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000012&gdpr=&gdpr_consent=&us_privacy=&uuid=OPTOUT
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.springserve.com/usersync?aid=1000012&gdpr=&gdpr_consent=&us_privacy=&uuid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
  • https://sync.springserve.com/usersync?aid=1000013&gdpr=&gdpr_consent=&us_privacy=&uuid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000013&gdpr=&gdpr_consent=&us_privacy=&uuid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-28
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.springserve.com/usersync?aid=1000013&gdpr=&gdpr_consent=&us_privacy=&uuid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D%26gdpr_consent%3D%26us_privacy%...
  • https://sync.search.spotxchange.com/partner?gdpr=&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D%26gdpr_consent%3D%26us_privacy%...
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=&gdpr_consent=&us_privacy=&uuid=40f827af-c4bd-11ec-80c1-143e1ea80203
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000014&gdpr=&gdpr_consent=&us_privacy=&uuid=40f827af-c4bd-11ec-80c1-143e1ea80203
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
nginx
Location
https://sync.springserve.com/usersync?aid=1000014&gdpr=&gdpr_consent=&us_privacy=&uuid=40f827af-c4bd-11ec-80c1-143e1ea80203
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
315
Connection
keep-alive
Content-Length
0
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3...
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://sync.springserve.com/usersync?aid=1000015&gdpr=&gdpr_consent=&us_privacy=&uuid=a29f4abea21b4738af63eedb066d756e
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000015&gdpr=&gdpr_consent=&us_privacy=&uuid=a29f4abea21b4738af63eedb066d756e
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000015&gdpr=&gdpr_consent=&us_privacy=&uuid=a29f4abea21b4738af63eedb066d756e
date
Mon, 25 Apr 2022 17:29:25 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000016&gdpr=&gdpr_consent=&us_privacy=&uuid=2632727191946335783295
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000016&gdpr=&gdpr_consent=&us_privacy=&uuid=2632727191946335783295
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000016&gdpr=&gdpr_consent=&us_privacy=&uuid=2632727191946335783295
date
Mon, 25 Apr 2022 17:29:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000017&uuid=g1d07c92a55447ed0d01&gdpr=&gdpr_consent=&us_privacy=
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000017&uuid=g1d07c92a55447ed0d01&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
location
https://sync.springserve.com/usersync?aid=1000017&uuid=g1d07c92a55447ed0d01&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
usersync
sync.springserve.com/ Frame 3010
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58518/occ?gdpr=&gdpr_consent=
  • https://sync.springserve.com/usersync?aid=1000019&uuid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000019&uuid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000019&uuid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
date
Mon, 25 Apr 2022 17:29:25 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.sxp.smartclip.net/ Frame 3010
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 25 Apr 2022 17:29:25 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
css
fonts.googleapis.com/ Frame 2C39 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 16:40:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 17:29:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 17:29:25 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 2C39 		2 KB
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:14:52 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 2C39 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1050
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:11:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 2C39 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C39 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 2C39 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:22:55 GMT
3bde1d5944145a46a8b91d920db5ec4d.js
www.gstatic.com/mysidia/ Frame 2C39 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 00:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12194
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 00:13:14 GMT
iu3
s.amazon-adsystem.com/ Frame 4968 		338 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
966f2d91f30369d087b2a7149623cf40a173d02985dac8d613619016e6ab81b4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
338
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 25 Apr 2022 17:29:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WAREG3XEVHJS4A70F46Y
usersync
usersync.gumgum.com/ Frame F0DD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6802119093282668307
0
0
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_d527e861-4ea4-4111-8507-9173986c5357&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_d527e861-4ea4-4111-8507-9173986c5357&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4153669688251824763&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=f367a548-43b2-4ca6-9e67-1de5d4a782b6
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Date
Mon, 25 Apr 2022 17:29:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame F0DD
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%284WKF5K1vrDlWzTfG13N3QdWEl2ulNstIWcsZrxtb2VQx_5huiLKlzjdW0gmtQrsR%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_d527e861-4ea4-4111-8507-9173986c5357&obuid=ENC(4WKF5K1vrDlWzTfG13N3QdWEl2ulNstIWcsZrxtb2VQx_5huiLKlzjdW0gmtQrsR)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=j5RTQx45mQtw6eZgZkFZ&pi=outbrain
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=j5RTQx45mQtw6eZgZkFZ&pi=outbrain
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Server
64.202.112.31 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:26 GMT
Cache-Control
no-cache
X-TraceId
e4007ce091f3ca6b02850ebcd4004756
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=j5RTQx45mQtw6eZgZkFZ&pi=outbrain
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT, Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=0ae54dc0-9a4f-4cb4-9f37-5e912eb4a5f3
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=0ae54dc0-9a4f-4cb4-9f37-5e912eb4a5f3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=0ae54dc0-9a4f-4cb4-9f37-5e912eb4a5f3
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-98484270-4f25-4f2e-70cc-721199c32fd5$ip$149.56.153.185
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-98484270-4f25-4f2e-70cc-721199c32fd5$ip$149.56.153.185
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-98484270-4f25-4f2e-70cc-721199c32fd5$ip$149.56.153.185
Date
Mon, 25 Apr 2022 17:29:25 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-q9zk7utE2pe45Yvk6TwB8l6a.LZezyB6Tus6~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-q9zk7utE2pe45Yvk6TwB8l6a.LZezyB6Tus6~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 25 Apr 2022 17:29:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-q9zk7utE2pe45Yvk6TwB8l6a.LZezyB6Tus6~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame F0DD
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=40f8252e-c4bd-11ec-aad8-9f94043e2d80
0
0
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://rtb.gumgum.com/usersync?b=snc&i=D990985F6F06492F8EC771FBEE66DEDA
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=snc&i=D990985F6F06492F8EC771FBEE66DEDA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 25 Apr 2022 17:29:25 GMT
via
1.1 varnish
server
nginx
age
0
location
https://rtb.gumgum.com/usersync?b=snc&i=D990985F6F06492F8EC771FBEE66DEDA
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
x-varnish
1050545605
content-length
0
142
match.deepintent.com/usersync/ Frame F0DD 		0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_d527e861-4ea4-4111-8507-9173986c5357&gdpr=&gdpr_consent=&us_privacy=
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVNHE2DMLBFDSRTROR3GEMCSJVTFE5TQFU
  • https://rtb.gumgum.com/usersync?b=zem&i=ZrhlXJ9Fqtvb0RMfRvp-
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=ZrhlXJ9Fqtvb0RMfRvp-
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&i=ZrhlXJ9Fqtvb0RMfRvp-
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
87
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=d51a365d-3699-41f1-b44c-b622530268ee
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=d51a365d-3699-41f1-b44c-b622530268ee
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=d51a365d-3699-41f1-b44c-b622530268ee
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1650907765940
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:25 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=gbIPVn2xryOu&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=gbIPVn2xryOu&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://rtb.gumgum.com/usersync?b=pln&i=gbIPVn2xryOu&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-588fbd8cf7-s4tcg
expires
-1
usersync
rtb.gumgum.com/ Frame F0DD
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=306996922530740619&gdpr=0&gdpr_consent=
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=306996922530740619&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=306996922530740619&gdpr=0&gdpr_consent=
date
Mon, 25 Apr 2022 17:29:25 GMT
content-length
0
usersync
sync.springserve.com/ Frame F0DD 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000004&gdpr=&gdpr_consent=&us_privacy=&uuid=u_d527e861-4ea4-4111-8507-9173986c5357
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 25 Apr 2022 17:29:25 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
pixel;r=110407031;labels=keywords.Amazon%2Ckeywords.Apache%20Log4j%2Ckeywords.AWS%2Ckeywords.Container%20Escape%2Ckeywords.Log4Shell%2Ckeywords.Security%2Ckeywords.InfoSec%2Ckeywords.Computer%20Sec...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=110407031;labels=keywords.Amazon%2Ckeywords.Apache%20Log4j%2Ckeywords.AWS%2Ckeywords.Container%20Escape%2Ckeywords.Log4Shell%2Ckeywords.Security%2Ckeywords.InfoSec%2Ckeywords.Computer%20Security%2Ctitle.Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix%2Ctitle.Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F;uht=2;fpan=1;fpa=P0-658317419-1650907765636;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=bleepingcomputer.com;je=0;sr=1600x1200x24;dst=0;et=1650907765636;tzo=0;ogl=site_name.BleepingComputer%2Clocale.en_us%2Curl.https%3A%2F%2Fwww%252Ebleepingcomputer%252Ecom%2Fnews%2Fsecurity%2Famazon-web-services-fixes-contain%2Ctype.article%2Ctitle.Amazon%20Web%20Services%20fixes%20container%20escape%20in%20Log4Shell%20hotfix%2Cdescription.Amazon%20Web%20Services%20(AWS)%20has%20fixed%20four%20security%20issues%20in%20its%20hot%20patch%20from%20D%2Cimage.https%3A%2F%2Fwww%252Ebleepstatic%252Ecom%2Fcontent%2Fhl-images%2F2021%2F04%2F09%2FAWS%252Ejpg%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ebleepstatic%252Ecom%2Fcontent%2Fhl-images%2F2021%2F04%2F09%2FAWS%252Ejpg%2Cimage%3Awidth.1600%2Cimage%3Aheight.802
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f716:921a:893c:c3d8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
882.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.186 , France, ASN16276 (OVH, FR),
Reverse DNS
p06.id5-sync.com
Software
/
Resource Hash
0631a727949497b3ad7a641b0e86693facbbfaed4cfef8ce017e779a7fb696b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 25 Apr 2022 17:29:26 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=9266
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
5E5DDF7D156679F9
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11735
accept-ranges
bytes
content-length
55696
x-amz-id-2
7TqZuV4lvFkVVomdmumv88eQfVars+gNEbRkq9SoKKUTCS/zr4F4MDeRYarlcz57hhHHVn2fio0=
PugMaster
image6.pubmatic.com/AdServer/ Frame 0A6C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69701499&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
00e0dfd3442318307a64696f55f9d8404f670522d46c2943e5f0f893bf3692d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame A4DA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=&gdpr_consent=
0
0
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 6BDA 		0
0
pixel
cm.g.doubleclick.net/ Frame FF48 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kNTI3ZTg2MS00ZWE0LTQxMTEtODUwNy05MTczOTg2YzUzNTc=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A8B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131232
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 27 Apr 2022 05:56:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 57EE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=7aabbd52-0742-4133-a07d-fda9f86dc1fd&t=1653499766
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=7aabbd52-0742-4133-a07d-fda9f86dc1fd&t=1653499766
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:25 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
209
content-type
text/html
date
Mon, 25 Apr 2022 17:29:25 GMT
location
https://rtb.gumgum.com/usersync?b=ttd&i=7aabbd52-0742-4133-a07d-fda9f86dc1fd&t=1653499766
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usync.html
eus.rubiconproject.com/ Frame A96D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:25 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 25 Apr 2022 17:29:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usersync
rtb.gumgum.com/ Frame 2BD5
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=emx&i=6802119093282668307brt57371650907765473749b6
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=emx&i=6802119093282668307brt57371650907765473749b6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:25 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

content-length
0
content-type
text/html
date
Mon, 25 Apr 2022 17:29:25 GMT
location
https://rtb.gumgum.com/usersync?b=emx&i=6802119093282668307brt57371650907765473749b6
usersync
rtb.gumgum.com/ Frame 87F0
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YmbadsCo8XsAAIX.z-UAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YmbadsCo8XsAAIX.z-UAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 25 Apr 2022 17:29:26 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YmbadsCo8XsAAIX.z-UAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
111
X-SO-Cluster-ID
53
X-SO-HostName
m-ad309.dc4p.scaleout.jp
X-SO-IP
149.56.153.185
X-SO-Key
YmbadsCo8XsAAIX.z-UAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":53,"gdpr":false,"ipv4":"149.56.153.185","key":"YmbadsCo8XsAAIX.z-UAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad309"}
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad309
usersync
rtb.gumgum.com/ Frame B455
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=j5RTQx45mQtw6eZgZkFZ&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=j5RTQx45mQtw6eZgZkFZ&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 25 Apr 2022 17:29:26 GMT Mon, 25 Apr 2022 17:29:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=j5RTQx45mQtw6eZgZkFZ&pi=gumgum&tc=1
pragma
no-cache
csi
csi.gstatic.com/ Frame AB1F 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezuwm9&chm=1&ctx=2&gqid=c9pmYoPMGofjMLDVougF&qqid=COTIsNber_cCFaIKaAgdcGcC1w&met.4=fb.s0~lb.12t~ol.1fx~bdt.-m1~bpp.-aj~idt.-s~dtd.-4~dt.-am&met.3=749.1fo_9~735.1is_1~113.1rs_6~112.1rs_6&met.1=1.l2ezuuuh~6.1~7.9~8.9~9.9~10.1d~11.9~12.1e~13.gi~14.gm~15.lx~16.1al~17.1al~18.1al~19.1fn~20.1fo~21.1fx&met.7=CAUQCBgBKAEw1gQ4zQ5QCFgxYAloMnDSBHjm2wGAAbrZAYgBwY8HsAEBuAED~CBsQBxgBINAGKNAGMOYGOBY~CBIQBxgBINAGKNAGMJsHOExQ0QZY-QZg0QZo-QZwmgd42geAAa4FiAHcPqoBGAoWUm9ib3RvOjMwMCw0MDAsNTAwLDcwMLABAbgBAw~CBwQChgBINAGKNAGMJEJOMECaPwIcJAJeJkJgAHtBogBxAywAQG4AQM~CBsQChgBINAGKNAGMOcGOBc~CAkQChgBINAGKNAGMJYHOEZQ0gZYgQdg5QZogQdwlAd47kCAAcI-iAGqmgGwAQG4AQM~CB4QChgBINEGKNEGMJAJOL8CUM8IWPsIYM8IaPwIcI8JePsMgAHPCogBsRWwAQG4AQM~CCoQChgBINEGKNEGMI8HOD4~CBwQChgBINEGKNEGMJkHOEhogQdwlwd4tTSAAYkyiAHPdbABAbgBAw~CBcQAhgBIP8JKP8JMLsKODxogQpwlQp4wsgCgAGWxgKIAZbGArABAbgBAw~CBcQAhgBIP8JKP8JMM4KOE9ogQpwpwp4npoDgAHylwOIAfKXA7ABAbgBAw~CBcQAhgBIIAKKIAKML0KOD1oggpwoAp497oBgAHLuAGIAcu4AbABAbgBAw~CBcQAhgBIIAKKIAKMNIKOFJoggpwtQp42PQDgAGs8gOIAazyA7ABAbgBAw~CBcQAhgBIIAKKIAKMNYKOFZoggpwuQp489gGgAHH1gaIAcfWBrABAbgBAw~CBcQAhgBIIAKKIAKMNUKOFRoggpwrgp4q9YEgAH_0wSIAf_TBLABAbgBAw~CBcQAhgBINAKKNAKMOkKOBlo0gpw5gp4jaYDgAHhowOIAeGjA7ABAbgBAw~CBcQAhgBINEKKNEKMOwKOBto0wpw6Ap474YGgAHDhAaIAcOEBrABAbgBAw~CCEQBBgBINQKKNQKMLULOGJo2Apwsgt4rAKwAQG4AQM~CCEQBBgBINQKKNQKMLULOGFo2QpwtQt4rAKwAQG4AQM~CCEQBBgBINUKKNUKMLoLOGZo2gpwuQt4rAKwAQG4AQM~CCEQBBgBINUKKNUKMLgLOGNo2gpwtAt4rAKwAQG4AQM~CCEQBBgBINUKKNUKMLcLOGFo2gpwtgt4rAKwAQG4AQM~CCEQBBgBINYKKNYKMLcLOGFo2gpwtwt4rAKwAQG4AQM~CCEQBBgBINYKKNYKMLgLOGFo2gpwtwt4rAKwAQG4AQM~CCEQBBgBINcKKNcKMLgLOGFo2gpwtAt4rAKwAQG4AQM~CBMQAhgBIMgOKMgOMOcOOCBoyA5w5A54gH6AAdR7iAHUe6oBDAoGcm9ib3RvEB0YArABAbgBAw~CBMQAhgBIMgOKMgOMOoOOCJoyg5w5A543H6AAbB8iAGwfKoBDAoGcm9ib3RvEB0YArABAbgBAw~CBMQAhgBIMkOKMkOMO0OOCRoyw5w6Q54oH2AAfR6iAH0eqoBDAoGcm9ib3RvEB0YArABAbgBAw~CCgQChgBIK0PKK0PMMkPOBxorg9www94gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C5E0 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 16:54:55 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
pr
s.amazon-adsystem.com/v3/ Frame 4BEF 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
fe8baad259a0b435d1dc9f563d706dfa9c7e2de2c648eb088ba50c21b27bdaac
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3048
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 25 Apr 2022 17:29:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
YC91FA4T7W6ZNZDWZY2N
9266
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/9266?t=2022325175
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
QfkN5qdufa57Pna9xkSAm8gfUaRypEpB
last-modified
Tue, 22 Feb 2022 16:16:01 GMT
server
AmazonS3
x-amz-request-id
AZBTPJTABNN2TNVN
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
binary/octet-stream
date
Mon, 25 Apr 2022 17:29:26 GMT
accept-ranges
bytes
content-length
0
x-amz-id-2
/EcCfOmE9isUphGxvQS6XBBX522saIW0zs7dZsqjkzFiWamPPpAniUt+05xJKd7JUc5yPz2+zgs=
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 3010 		39 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-57.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
59
expires
0
https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
match.prod.bidr.io/cookie-sync/ Frame 4BEF 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.88.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-88-14.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame 4BEF
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=3F695155CBEA40AA8059773D874F9164&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=3F695155CBEA40AA8059773D874F9164&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1DRFC1YHWZE8X9QVYZDF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:29:26 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=3F695155CBEA40AA8059773D874F9164&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 24 Apr 2022 17:29:26 GMT
ecm3
s.amazon-adsystem.com/ Frame 4BEF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPK2OJUGYWCKHFDHC5DWMIYFE...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ZrhlXJ9Fqtvb0RMfRvp-
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ZrhlXJ9Fqtvb0RMfRvp-
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
26T1TDJ5CBT60S60YR60
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
P3p
CP="We do not support P3P header."
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=ZrhlXJ9Fqtvb0RMfRvp-
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame A1A1 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/534c466c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/jK9a7IoMu5I
X-YouTube-Client-Version
1.20220420.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtRY21keUtpaThROCjytJuTBg%3D%3D
X-YouTube-Ad-Signals
dt=1650907763396&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C834%2C469&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame A96D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
18f25152e6157a80c22560120612d9f9c18790e176d7165194cf5ee62a7773d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=23367
content-type
text/html; charset=UTF-8
content-length
9542
expires
Mon, 25 Apr 2022 23:58:53 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2130312850070464&correlator=1250348190734279&eid=31065401%2C21065724%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=2022042101&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=4&adks=1087171916&sfv=1-0-38&ecs=20220425&fsapi=false&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D88f340%26floors_hour%3D17%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_970x90%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.03%26hb_adid%3D165d33a444d84a46%26hb_bidder%3Dmedianet&eri=1&cust_params=user-agent%3DChrome%26section%3Dsecurity&sc=1&cookie=ID%3D033f291fa76b168d-22973de042d2008c%3AT%3D1650907763%3ART%3D1650907763%3AS%3DALNI_MbsYA5fpBltM2Y4DmAIkfWxLniCBQ&abxe=1&dt=1650907766020&lmt=1650444326&dlt=1650907762576&idt=1441&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&rumc=2130312850070464&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
f10305b973d7f1d24b0319a00d494eb736084bae288e666ba49d75344ea1a66c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9867
x-xss-protection
0
google-lineitem-id
5355615764
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138309466275
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 571B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Tue, 25 Apr 2023 17:29:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 4B84
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=6c4406a7ea6e08e5&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKPnY1mvFlAN2Q6DqAAAAAAA&expiration=1650994166&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKPnY1mvFlAN2Q6DqAAAAAAA&expiration=1650994166&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 25 Apr 2022 17:29:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
7PGC1SN108G83WRWNYXA

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAADKPnY1mvFlAN2Q6DqAAAAAAA&expiration=1650994166&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
TAM
sync.inmobi.com/ Frame 44AA 		0
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame 4B16 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.153.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-153-99.compute-1.amazonaws.com
Software
/
Resource Hash
a3cef617a157185292b9a5a8b67b6686cef4a31c235c43ae00ab9b19d3a5610e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 25 Apr 2022 17:29:26 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D73 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131231
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 27 Apr 2022 05:56:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame D9CB 		886 B
939 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.116.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-116-38.compute-1.amazonaws.com
Software
/
Resource Hash
9a7e343770663ee8d26705311db11a52d8bd5d2bfa8bda100a50c8b594eb0c9c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
usync.html
eus.rubiconproject.com/ Frame B611 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:26 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 3A97 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
29048481ec02f818e13acfb118a6cab64893e4efddc3a681afbbaf7078fdcecb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-s4tcg
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 9296
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6802119093282668307&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6802119093282668307&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 25 Apr 2022 17:29:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
N6S2D80J1F439NA6QDE0

Redirect headers

AN-X-Request-Uuid
77a00ceb-67d1-4d2a-a93b-9c4897d7a65c
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Apr 2022 17:29:26 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=6802119093282668307&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ap.lijit.com/beacon/ Frame 840F
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
3599c50dcd34df00b5f369a16543e9e48c8cb271bb19ec6ddb3a3c2486bcc14d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:26 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Mon, 25 Apr 2022 17:29:26 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2dca1
ecm3
s.amazon-adsystem.com/ Frame 63E3
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2632727191946335783295
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2632727191946335783295
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 25 Apr 2022 17:29:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
YZ5EX5WSN2W61KTTP3W5

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 25 Apr 2022 17:29:26 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2632727191946335783295
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 3010 		39 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-57.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
59
expires
0
match
c1.adform.net/serving/cookie/ Frame 6CE3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 6802 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B8A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
42 B
653 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 09:48:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug026:0:381

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 25 Apr 2022 17:29:26 GMT
Expires
Mon, 25 Apr 2022 17:29:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x58 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 193E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeWpFN0V6YlVBQURyMlZoZkxQZw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADyjE7EzbUAADr2VhfLPg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=306996922530740619
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADyjE7EzbUAADr2VhfLPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D306996922530740619%26bee_sync_partners%3Dsyn%252Cpm%26b...
  • https://match.prod.bidr.io/cookie-sync?userid=306996922530740619&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADyjE7EzbUAADr2VhfLPg&pid=558...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADyjE7EzbUAADr2VhfLPg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D306996922530740619%26bee_sync_partners%3Dpm%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?userid=306996922530740619&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADyjE7EzbUAADr2VhfLPg
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADyjE7EzbUAADr2VhfLPg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug005:0:552

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADyjE7EzbUAADr2VhfLPg
strict-transport-security
max-age=2592000; includeSubDomains
usersync
sync.springserve.com/ Frame 442D 		43 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.springserve.com/usersync?aid=1000010&gdpr=&gdpr_consent=&us_privacy=&uuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.188.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-188-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=131231
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 27 Apr 2022 05:56:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 0A6C
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
  • https://pippio.com/api/sync?pid=5324&it=1&iv=316060d589f8fdd9275bb3f787c8a3d38e00fd1b03e8b86a225b6916d2af5463791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzMTYwNjBkNTg5ZjhmZGQ5Mjc1YmIzZjc4N2M4YTNkMzhlMDBmZDFiMDNlOGI4NmEyMjViNjkxNmQyYWY1NDYzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzMTYwNjBkNTg5ZjhmZGQ5Mjc1YmIzZjc4N2M4YTNkMzhlMDBmZDFiMDNlOGI4NmEyMjViNjkxNmQyYWY1NDYzNzkxNDI2YjU0MTdkY2UyMRAAGgwI9rSbkwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=0859266d-9401-4f88-9783-795890aa92ac
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=0859266d-9401-4f88-9783-795890aa92ac
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=0859266d-9401-4f88-9783-795890aa92ac
date
Mon, 25 Apr 2022 17:29:26 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 0A6C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7e9b6266-da75-4600-97fa-93bd39c882d1
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7e9b6266-da75-4600-97fa-93bd39c882d1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7e9b6266-da75-4600-97fa-93bd39c882d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:25 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0A6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkI4OTY4NUYtM0Y3Ni00OURFLThFRjYtMUI2RUE1RTlDMDhD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:409
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0A6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKMoe_6mPqCSNtjGbThZYC4&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKMoe_6mPqCSNtjGbThZYC4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug014:0:902
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKMoe_6mPqCSNtjGbThZYC4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0A6C
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug011:0:499
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 25 Apr 2022 17:29:26 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 24 Apr 2022 17:29:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0A6C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
1 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 09:48:09 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug026:0:2072
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0A6C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7aabbd52-0742-4133-a07d-fda9f86dc1fd
42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug008:0:466
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7aabbd52-0742-4133-a07d-fda9f86dc1fd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0A6C 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:f817:c851:d4d0:49b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 0A6C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hTk3eopE2uVSufLIdDOgOD1kbdPt5yo-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hTk3eopE2uVSufLIdDOgOD1kbdPt5yo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 14:33:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hTk3eopE2uVSufLIdDOgOD1kbdPt5yo-~A&gdpr=0&gdpr_consent=
date
Mon, 25 Apr 2022 17:29:26 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
si
googleads.g.doubleclick.net/pagead/drt/ Frame C5E0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Mon, 25 Apr 2022 17:29:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:26 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
pagead2.googlesyndication.com/bg/ Frame 1A7F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
7762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:20:04 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 2C39 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
856
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
usersync
rtb.gumgum.com/ Frame A96D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L2EZUVRD-W-HD2J
  • https://rtb.gumgum.com/usersync?b=mag&i=L2EZUVRD-W-HD2J
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=mag&i=L2EZUVRD-W-HD2J
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=mag&i=L2EZUVRD-W-HD2J
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
rtset
bh.contextweb.com/bh/ Frame 3A97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZE9CS0d6QmNNb1lxM0xmTnNMU2ZQUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEI9aABOsoENVhY0OuGQwMIg&google_cver=1
49 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEI9aABOsoENVhY0OuGQwMIg&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-s4tcg
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEI9aABOsoENVhY0OuGQwMIg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 3A97
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4cfe5a4237f208e4&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADKJ7lyYFJ8AMND4CsAAAAAAA&expiration=1650994166&nuid=&is_secure=true
49 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADKJ7lyYFJ8AMND4CsAAAAAAA&expiration=1650994166&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-s4tcg
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADKJ7lyYFJ8AMND4CsAAAAAAA&expiration=1650994166&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 3A97
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr_in_effect=&gdpr_consent=
49 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr_in_effect=&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-s4tcg
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr_in_effect=&gdpr_consent=
date
Mon, 25 Apr 2022 17:29:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ecm3
s.amazon-adsystem.com/ Frame 3A97 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=gbIPVn2xryOu&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TKVYJTC57PV95NBTCM8X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B611 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
18f25152e6157a80c22560120612d9f9c18790e176d7165194cf5ee62a7773d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=23367
content-type
text/html; charset=UTF-8
content-length
9542
expires
Mon, 25 Apr 2022 23:58:53 GMT
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 3010 		39 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-57.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
59
expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8D73 		24 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:25 GMT
cache-control
private
expires
Thu, 5 May 2022 09:38:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
24
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 840F 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=9622508e9f7a7f72bfce4ab6&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T4K4NF7GYD44MJH00W5Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 840F 		45 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=9622508e9f7a7f72bfce4ab6&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:26 GMT
merge
ce.lijit.com/ Frame 840F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=aasy8Dv4M_Ny-DT2b6kp9zv4M_ByqzT0ban7vH18
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=aasy8Dv4M_Ny-DT2b6kp9zv4M_ByqzT0ban7vH18
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=aasy8Dv4M_Ny-DT2b6kp9zv4M_ByqzT0ban7vH18
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 840F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=9622508e9f7a7f72bfce4ab6&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:25 GMT
merge
ce.lijit.com/ Frame 840F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=L2EZUVRD-W-HD2J&gdpr=0
43 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=L2EZUVRD-W-HD2J&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=L2EZUVRD-W-HD2J&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
merge
ce.lijit.com/ Frame 840F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=6802119093282668307&gdpr=0&gdpr_consent=
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=6802119093282668307&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.74 Cramerton, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ef6e5cb8-680c-41f8-9059-a1009a57c5c4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=6802119093282668307&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4B16 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=59e32e91-d4fa-43e2-b46f-81986f95b9e8
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VN0F6Y2GYEWFTHB9QY8J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 4B16
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.195.153.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-153-99.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 4B16
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.195.153.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-153-99.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 4B16
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.195.153.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-153-99.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 4B16
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr={GDPR}&gdpr_...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.195.153.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-153-99.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=
ads.adaptv.advertising.com/a/h/ Frame 3010 		39 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.171.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-171-57.compute-1.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
content-encoding
gzip
server
adaptv/1.0
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
59
expires
0
ecm3
s.amazon-adsystem.com/ Frame D9CB 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g1d07c92a55447ed0d01
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5AQQKTA51JMRY8N1HF5Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame D9CB
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6802119093282668307&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6802119093282668307&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
64e918e3-bc8d-4812-8765-238a3c80856b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:26 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f621eb77-8521-4bb9-827b-8668e95f1cca
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=6802119093282668307&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame D9CB
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=87VZj6HmWIzo5l-J9bdCiKHmWI_otV-L97e34oiB
  • https://ads.yieldmo.com/sync?userid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
43 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.235.190.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-190-65.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&pn_id=bsw&extinit=0&gdpr=0&gdpr_consent=
Date
Mon, 25 Apr 2022 17:29:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame D9CB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.235.190.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-190-65.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame D9CB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.235.190.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-190-65.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Date
Mon, 25 Apr 2022 17:29:26 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame D9CB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=gbIPVn2xryOu&ev=1&pn_id=pp&pid=561118
43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=gbIPVn2xryOu&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.152.116.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-116-38.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=gbIPVn2xryOu&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-588fbd8cf7-s4tcg
expires
-1
csi
csi.gstatic.com/ Frame 2C39 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezux3p&chm=1&ctx=2&gqid=c9pmYoHkG4qSoPMP05KKKA&qqid=CIPisdber_cCFSEEcQodK80E4A&met.4=fb.e~lb.9s~ol.iy~bdt.-25o~bpp.-1tr~idt.-1ia~dtd.-1hs~dt.-1ts&met.3=492.k_1~518.a7~555.a9~556.aa_2~518.fm~518.fm~749.ix_1~113.pn_1~112.pn_2&met.1=1.l2ezuwe3~14.8~15.1~16.8~17.8~18.8~19.8~20.8~21.8&met.7=CBIQBxgBIA8oDzAxOCNoD3AxeIwJgAHgBogB00KqARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIBQoFDArOBdoF3AqeJkJgAHtBogBxAywAQG4AQM~CAkQChgBIBUoFTAtOBhoGHAseO5AgAHCPogBqpoBsAEBuAED~CB4QChgBIBYoFjAvOBloGHAtePsMgAHPCogBsRWwAQG4AQM~CCoQChgBIBYoFjBuOFg~CBwQChgBIBYoFjAwOBpoGXAveLU0gAGJMogBz3WwAQG4AQM~CBsQChgBIBcoFzAwOBo~CCgQBRgBINMCKNMCMJ0EOMkBaIkEcJwEeL0DgAGRAYgBjwGwAQG4AQM~CCgQChgBIOAFKOAFMIAGOCFo6AVw_QV4gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bc2
bc-ssb-cle.springserve.com/ Frame 3010 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-ssb-cle.springserve.com/bc2?r=9af28a51-34dc-408d-97af-7570d0657b00-s.514171-d.528021-dc.132380&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.19.8.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-8-185.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
253ee27891398bcd4a59ed884cb7045811561a4e1569efc6154bf99918a7c401

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		127 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2130312850070464&correlator=1250348190734279&eid=31065401%2C21065724%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=2022042101&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x90%7C970x250&ifi=5&adks=2050935381%2C3947301333%2C2209010219%2C6564752%2C503559555&sfv=1-0-38&ecs=20220425&fsapi=false&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D21eb07%26floors_hour%3D17%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_970x250%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D1698778b1a475ae4%26hb_bidder%3Dmedianet%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3De2b310%26floors_hour%3D17%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_728x90_320x50_InContent_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D1702ca23949eb05%26hb_bidder%3Dmedianet%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D8f3435%26floors_hour%3D17%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_2%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_300x600%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D17111ff8d744aa0f%26hb_bidder%3Dmedianet%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D3292ee%26floors_hour%3D17%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_300x250_300x600_160x600_Right_3%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_300x600%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D173d24e99f8a85f1%26hb_bidder%3Dmedianet%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D19ab16%26floors_hour%3D17%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_BTF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_970x250%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.02%26hb_adid%3D176e6fddd61eb46a%26hb_bidder%3Dmedianet&eri=1&cust_params=user-agent%3DChrome%26section%3Dsecurity&sc=1&cookie=ID%3D033f291fa76b168d-22973de042d2008c%3AT%3D1650907763%3ART%3D1650907763%3AS%3DALNI_MbsYA5fpBltM2Y4DmAIkfWxLniCBQ&abxe=1&dt=1650907766483&lmt=1650444326&dlt=1650907762576&idt=1441&biw=1600&bih=1200&adxs=436%2C268%2C1082%2C1082%2C436&adys=271%2C4627%2C1730%2C2481%2C6148&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&rumc=2130312850070464&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=1170x280%7C834x90%7C306x600%7C306x600%7C1200x250&msz=1170x250%7C834x90%7C306x600%7C306x600%7C1170x250&fws=4%2C4%2C4%2C516%2C4&ohw=1170%2C834%2C306%2C306%2C1170&ga_vid=3926409.1650907763&ga_sid=1650907763&ga_hid=2010554407&ga_fc=true&btvi=0%7C1%7C2%7C3%7C4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
a3d73279ac7db4f6b339004bdb375cdf8683bafa955c4fa0fbff0258e9503c1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38327
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
627448
vid.springserve.com/vast/ Frame 3010 		22 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/627448?w=640&h=480&cb=6795722846031&url=bleepingcomputer.com&ip=149.56.153.185&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.127+Safari%2F537.36&dnt=&gdpr_consent=&gdpr=&us_privacy=&schain=&ip=149.56.153.185&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.127+Safari%2F537.36&lat=45.4995&lon=-73.5848&dnt=&desc=&ic=&dur=&ap=&app_bundle=&app_name=&app_store_url=&inv_partner_domain=&vid=&min_dur=&max_dur=&mute=&placement=&skip=&prodq=&content_id=&content_episode=&content_title=&content_series=&content_season=&content_genre=&content_livestream=&content_producer_name=&rating=&channel_name=&language=&network_name=&did=&pp=%7B%7BPRICE_PAID%7D%7D&device_make=Google&device_model=Chrome&brand_name=Google&country=CA&ifa_type=&gdpr_consent=&gdpr=&us_privacy=&payid=a24eb6%3A1224&schain=&coppa=&lmt=&omidpn=%7B%7BOMID_PN%7D%7D&omidpv=%7B%7BOMID_PV%7D%7D&_bchc=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.135.250.134 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-250-134.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
22
content-type
application/xml;charset=UTF-8
bl-c5c1c29-22b38b82.js
tagan.adlightning.com/freestar/ Frame 2FB6 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:32:51 GMT
content-encoding
gzip
age
42996
x-cache
Hit from cloudfront
content-length
16053
x-amz-meta-git_commit
c5c1c29
last-modified
Mon, 25 Apr 2022 05:14:59 GMT
server
AmazonS3
etag
"3abd766dd9a72c2566f4dfae99481e61"
x-amz-version-id
zgrf5zkrhPVSyNvTcjz_LeKoP3oETO_z
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
i3KxuB3Amnf2K3pGgQm7OREPQlmONoMwW3OXMmce5PzXrnBEl-SCKQ==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 2FB6 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 20:39:44 GMT
content-encoding
gzip
age
161383
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
EB9FNigRu-InmzJlTBm8I5Z2OrD8cWiuM649Sd-45xvAhV4U-q4nRw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2FB6 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:26 GMT
i
vid-io-cle.springserve.com/vd/ Frame 3010 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=9af28a51&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_4dcb004e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.89.91 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-89-91.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Mon, 25 Apr 2022 17:29:26 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
view
securepubads.g.doubleclick.net/pcs/ Frame 2FB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyCaZEJDlpBs8D4GdDlY9yDFbExnreqInSu8n4P-lMvmzmOyiYD6sT2miWMotPbYgpLy9PtIpjtZc2BHK1tn7y-ysT67LRLpFAVgcDt67R-EaECNE011PXunZURFq7SdKEtqiHiQoAuzNIsKFEdmh-WfUTDlcYidr-JTWe0JtzA0ka-0owoOPf-FFh43L2XNp-4x8nRvVw8kGtfIWKp69WU8JtyGWRsLyYlgVQ-OiqAbE-YBTs3cCtjdmovkXy8aPNZWfcJ9909e7xHl4ij38EYUPyOitzFg2gs8TqkgWYsMDgYeBk4zE7bB6AyJsX-dyI-pud-oPlMj_v-zf2I9vkYXObJnPd0w9f8Ty5nxhr64oS&sig=Cg0ArKJSzBhhfwW3xrjcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd027aba8c453088421fd5281858d38cebc0b55ecd56c847bacaf7bde2528c25

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray
7018cd06b9fda24a-YYZ
date
Mon, 25 Apr 2022 17:29:26 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 09:17:39 GMT
server
cloudflare
age
694
etag
W/"d8f-5dd770c3683af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Mon, 25 Apr 2022 18:17:52 GMT
demand-source
d.pub.network/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Apr 2022 17:29:26 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
truncated
/ Frame 2FB6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
389185a12a66d2db58191308927525e099c9d7067833888064ac5e3123d9b52d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2FB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGQe_-Vx8zh_6_-BURz_v5xOSkPass959GCuwa1ucbaXJaWYlwpWlFvBf4Bjs8QPKnp_fEPGYHs-PjX-SBbOZpl9EScHkT2Pm9qOsTUL5OiQxSPTq45UO6GMi-64lj6H2dAxXIl8tgXHkx7GEoHUKN3vYIpysBpro945_BuZkkiEhPfzqVMxDTjQfH0JioVFY-YW8jJMfAalIIzmnR7X4aCOZZaAAX75gtB_SI-UDmaH_JZcOc3XR6HooGsfSCYtuku6rg8TSqy_DJHBgSHOB76LYyx-zSiXgRCI1mNGHsHEMSVX3JlvNG2CLlRPs4QOpmvBLHjQd9GD2xv6rdmUWrOv7cImdt8Cjg58j1stp75LE2MDI&sig=Cg0ArKJSzJbKF9IvHHwOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 25 Apr 2022 17:29:26 GMT
demand-source
d.pub.network/ 		59 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/demand-source
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
0b03c4e89b248daeb0c2ed482fb6c31e6c2863e9dc0eb650b65a38b7367e9513

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Apr 2022 17:29:26 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 2FB6 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
856
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
ice.js
resources.infolinks.com/js/1793.014-3.025.ab.1791.016-3.025/ 		178 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1793.014-3.025.ab.1791.016-3.025/ice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fee4fc61567c6ed576cf11f279836e477884b79ea6756e83f9e6da0707af26

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray
7018cd06fa73a24a-YYZ
date
Mon, 25 Apr 2022 17:29:26 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 20 Apr 2022 11:42:36 GMT
server
cloudflare
age
9384
etag
W/"2c7de-5dd147d617e7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 25 May 2022 14:53:02 GMT
csi
csi.gstatic.com/ Frame 2FB6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezuxk0&chm=1&c=2130312850070464&ctx=2&qqid=COb2z9fer_cCFcPYhgodMAoESg&met.4=fb.60~lb.7i~ol.7o~idt.ov~dt.-f6&met.3=749.7k_3~736.7u~735.80_1~740.81_1~113.8r_1~112.8q_2&met.1=1.l2ezuxba~14.0~15.0~16.0~17.0~18.0~19.0~20.7j~21.7o~22.7z~23.7z&met.7=CBsQCiBaOBU~CBsQCiBaOBo~CCoQChgBIFsoWzCNATgy~CCIQBBgBINsBKNsBMK4COFNo3AFwrQJ4rAKwAQG4AQM~CCgQChgBIJ8CKJ8CMLgCOBlooAJwtAJ4gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
manage
router.infolinks.com/usync/ Frame 99C0 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1793.014-3.025.ab.1791.016-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24ad9c413214d19752572f377203eb059a816c4864a6e7e90a6558fe3933242b

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
7018cd079b70a24a-YYZ
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		263 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2197249e084415d9a1345665d1a663a942c9cb5147eb151e6b5975bce3f4875a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7018cd079b79a24a-YYZ
p3p
CP="NON DSP NID OUR COR"
content-encoding
gzip
cache-control
no-store
content-type
application/javascript;charset=ISO-8859-1
gsd
router.infolinks.com/ 		321 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3248511&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&jsv=1793.014-3.025.ab.1791.016-3.025&_cb=16509077669670
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3a6c709519b5402234baf7a7cac6fd52b3855ac4708993a067ebf17b8fa80b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
7018cd079b75a24a-YYZ
expires
Thu, 01 Jan 1970 00:00:00 GMT
doq.htm
rt3013.infolinks.com/action/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3013.infolinks.com/action/doq.htm?pcode=utf-8&r=16509077670591
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1793.014-3.025.ab.1791.016-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1adf5abdbc3c2fc6b66a65fde3435fb2af0d459b27a5261953f20b70075cf944

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
en-CA
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
7018cd08793da1f6-YYZ
expires
Thu, 01 Jan 1970 00:00:00 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
iqusync-1.15.min.js
resources.infolinks.com/static/usync/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/usync/iqusync-1.15.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12bb078a26fa0aec2669317185ee70af87a94669d16e552cc910e2632b7d729f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray
7018cd084caaa24a-YYZ
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 10 Mar 2022 07:50:02 GMT
server
cloudflare
age
13513
etag
W/"ac8-5d9d876351595"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 25 May 2022 13:44:14 GMT
/
hde.tynt.com/deb/ Frame D966
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
7bfa11a67bb5f7a2c10cfb57c3bf709b476210ff5a8d8aa81c39e1c0a12cf68a

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1333
content-type
text/html
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usermatch
ssum-sec.casalemedia.com/ Frame 06EF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f4d386cd0b02158fb22a97e0b4dcaf1f7355d79fc8ee005139f06504f20d278a

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1706
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:27 GMT
Dropped-Udsids
39|230|241|45|31|152|73|206
Expires
Mon, 25 Apr 2022 17:29:27 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
/
onetag-sys.com/usync/ Frame 552B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usersync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=30f99d81433e08e3&is_secure=true&networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKJ7lyYFKMwN8A8PlAAAAAAA&expiration=1650994167&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OJ17dGrOencjzn1yPp9gc2rOenQjnX1wPJ_NIuXW
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
  • https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
7018cd0a4824a24a-YYZ
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=6802119093282668307
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=6802119093282668307
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd08bd70a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6c7951ae-48b7-4ca8-b818-6c25768f268c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=d64fcb21-a18e-436e-b983-798e1e430120
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=d64fcb21-a18e-436e-b983-798e1e430120
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd08bd6da24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:29:27 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://router.infolinks.com/dyn/ox-usync?uid=d64fcb21-a18e-436e-b983-798e1e430120
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
VR-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://router.infolinks.com/dyn/VR-usync?uid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd089d16a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
date
Mon, 25 Apr 2022 17:29:27 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1650907767103
  • https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
35 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd08bd69a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
https://b1sync.z%20%20%20%20emanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://b1sync.z%20%20%20%20emanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ Frame 99C0 		0
0
tplift
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/tplift?uid=2632727191946335783295
35 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/tplift?uid=2632727191946335783295
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd088d09a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

location
https://router.infolinks.com/dyn/tplift?uid=2632727191946335783295
date
Mon, 25 Apr 2022 17:29:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sonobi-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
  • https://router.infolinks.com/dyn/sonobi-usync?uid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
35 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sonobi-usync?uid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd08dd96a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-28
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://router.infolinks.com/dyn/sonobi-usync?uid=5380bcf5-d295-414f-a01f-ce0e8429ee0f
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 99C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.bleepingcomputer.com%252Fnews%252Fsecurity%252Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%252F&pi...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&pid=12306&adnxs_uid=6802119093282668307
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&pid=12306&adnxs_uid=6802119093282668307
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
HTTP/1.1
Server
52.30.111.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-111-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 25 Apr 2022 17:29:27 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 25 Apr 2022 17:29:27 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a3df26dd-a3e1-4f69-bb56-7d24954a0866
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&pid=12306&adnxs_uid=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
earn-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
  • https://router.infolinks.com/dyn/earn-usync?uid=A7722154196437862207
35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/earn-usync?uid=A7722154196437862207
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd08cd8fa24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/earn-usync?uid=A7722154196437862207
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
imd-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=d51a365d-3699-41f1-b44c-b622530268ee&partner_id=1531
35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=d51a365d-3699-41f1-b44c-b622530268ee&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd089d13a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=d51a365d-3699-41f1-b44c-b622530268ee&partner_id=1531
date
Mon, 25 Apr 2022 17:29:27 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
  • https://router.infolinks.com/dyn/outh-usync?uid=y-d0n6SOZE2uF4j36JO_SVFIvHZ_nkPzKL~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
35 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-d0n6SOZE2uF4j36JO_SVFIvHZ_nkPzKL~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd08cd8ba24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-d0n6SOZE2uF4j36JO_SVFIvHZ_nkPzKL~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
date
Mon, 25 Apr 2022 17:29:27 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99C0
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25
  • https://match.bnmla.com/usersync?dspid=1&uuid=gbIPVn2xryOu&ev=1&us_privacy=${us_privacy}&pid=558752
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=3F695155CBEA40AA8059773D874F9164
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=D990985F6F06492F8EC771FBEE66DEDA
  • https://sync.resetdigital.co/csync?pid=12&redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D162%26uuid%3DBUYER_USER_ID
  • https://match.bnmla.com/usersync?dspid=162&uuid=000000AA229FB4C1
  • https://ce.lijit.com/merge?pid=278625&3pid=&us_privacy=0&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D175%26uuid%3D%5BSOVRNID%5D
  • https://match.bnmla.com/usersync?dspid=175&uuid=9622508e9f7a7f72bfce4ab6
  • https://csync.loopme.me/?redirect=%20https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D181%26uuid%3D%5BUUID%5D
  • https://match.bnmla.com/usersync?dspid=181&uuid=%5BUUID%5D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160379&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D19%26uuid%3D
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160379&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D19%26uuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

Location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160379&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D19%26uuid%3D
Date
Mon, 25 Apr 2022 17:29:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/sovrn-usync?uid=9622508e9f7a7f72bfce4ab6
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=9622508e9f7a7f72bfce4ab6
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd089d18a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:27 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=9622508e9f7a7f72bfce4ab6
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=21e3704c62b08e4&is_secure=true&networkId=17100&version=1&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADKVTL6Rgv1QM6PHKcAAAAAAA&expiration=1650994167&nuid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
  • https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
7018cd0a5844a24a-YYZ
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
date
Mon, 25 Apr 2022 17:29:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
zeta-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=978477405519839003
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=978477405519839003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd096e84a24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=978477405519839003
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
33a-usync
router.infolinks.com/dyn/ Frame 99C0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
  • https://router.infolinks.com/dyn/33a-usync?uid=2051871529581
35 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/33a-usync?uid=2051871529581
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd0af94ba24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://router.infolinks.com/dyn/33a-usync?uid=2051871529581
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 99C0
Redirect Chain
  • https://router.infolinks.com/dyn/iq-usync
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=44...
43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=OPTOUT&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=d64fcb21-a18e-436e-b983-798e1e430120&ckls=true&ci=1rdZ0F89h1&nc=false&trid=-999818362
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3248511&wsid=0&pdom=www.bleepingcomputer.com&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F
Protocol
H2
Server
143.204.146.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-57.ewr52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 c855cfdfac580e3b58f1c68c8d67dcf6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
7R9XvJ-gCUXuIEziQBDblUfh0PCYaNvQcEcBcUfhfO8ZYULOBvQxSg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 c855cfdfac580e3b58f1c68c8d67dcf6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&3rddpi=2023874098&3rdpcid=&3rddpi=1639354730&3rdpcid=&3rddpi=445262707&3rdpcid=&3rddpi=1402230080&3rdpcid=&3rddpi=541745869&3rdpcid=OPTOUT&3rddpi=1177082855&3rdpcid=&3rddpi=1213503647&3rdpcid=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-%7EA&3rddpi=1541423991&3rdpcid=&3rddpi=1239766150&3rdpcid=d64fcb21-a18e-436e-b983-798e1e430120&ckls=true&ci=1rdZ0F89h1&nc=false&trid=-999818362
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-type
image/gif
content-length
43
x-amz-cf-id
xbR6LOW-9aOSHqeojeIvRVWawQxM1MEv9yeM3FKVeOMYuBlctxy-5A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		15 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&iiqidtype=2&iiqpcid=2f8a6a6b-4bc5-4d15-8d5f-f1a571a0f7ba&iiqpciddate=1650907767112&dbsaved=true&fbp=2503514553
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-33.ewr52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
access-control-max-age
3600
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
xbypfdijq5sN6IbvHUEKeHjJ5ZGvCBecpB3-d2OPt3dsyS_qkytGyg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156872/3103/ 		223 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
87a6fc3aa7aa2711852dca36e16602427e08eacb5ad36b5246b7296dd0307daf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 17:52:49 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121326-37a6a-5dd41e519afd9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=73891
accept-ranges
bytes
content-type
text/javascript
content-length
71930
expires
Tue, 26 Apr 2022 14:00:58 GMT
rum
dsum-sec.casalemedia.com/ Frame 06EF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&expiration=1653499767&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&expiration=1653499767&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd&expiration=1653499767&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 06EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 06EF 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JWESBNEQJ2HPP8F8TNPE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 06EF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YmbacxfUheiJLy59JDCIJwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 06EF
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7041941671499242023&uid=Q7041941671499242023&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7041941671499242023
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7041941671499242023
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:27 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7041941671499242023
Cache-Control
max-age=72655
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame 06EF
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=27b6829a-ef84-40d1-9931-2a14adc348f5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=27b6829a-ef84-40d1-9931-2a14adc348f5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:27 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:27 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=27b6829a-ef84-40d1-9931-2a14adc348f5
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 06EF 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YmbacxfUheiJLy59JDCIJwAAAJkAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:f817:c851:d4d0:49b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 06EF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Server
2600:1f18:4e9:5a05:f817:c851:d4d0:49b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
date
Mon, 25 Apr 2022 17:29:27 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ix-usync
router.infolinks.com/dyn/ Frame 06EF 		35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YmbacxfUheiJLy59JDCIJwAA%26153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7018cd092e1aa24a-YYZ
content-length
35
expires
Sun, 25 Apr 2021 17:29:27 GMT
in_search.js
resources.infolinks.com/js/1793.014-3.025.ab.1791.016-3.025/ 		124 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1793.014-3.025.ab.1791.016-3.025/in_search.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01b5f9cbb1a16294ed7231753c183684a2c026eae9cbe2b9075e34e21dedcdd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray
7018cd098eada24a-YYZ
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 20 Apr 2022 11:42:36 GMT
server
cloudflare
age
12975
etag
W/"1ef28-5dd147d6176ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 25 May 2022 13:53:12 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9be0e66a8aad7fc8e5583a98a3823b31a5b7ffa0b3109d551bb95cb8ffb9ec99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128369
x-xss-protection
0
expires
Mon, 25 Apr 2022 17:29:27 GMT
pbice.js
resources.infolinks.com/js/pbice/3.025/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray
7018cd098eb0a24a-YYZ
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 09:40:59 GMT
server
cloudflare
age
9213
etag
W/"45adc-5c5f8851c3ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 25 May 2022 14:55:54 GMT
getads.htm
rt3013.infolinks.com/action/ 		126 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3013.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22free%20logo%22%2C%22scs%22%3A%22zGjhky0cOi%22%7D%5D&rid=3bf5ade2-c182-4f88-845c-2e2cf2fbb066&jsv=1793.014-3.025.ab.1791.016-3.025&sr=1600X1200&rts=1650907767315&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=100.0.4896.127&dv=p&ce=t&purl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&tzo=-0000&c=c&strg=true&rsd=BthPD9FqgUfoure_Xi3JVFm3AW_GMhpvUJ97ycJ0z9SaG2kpui_yBXLjC7sB3nAPwQVNEag-DDCPlLQSLIkcjS3VcrSj9LA9DNER4mvEJW-j25Q2qgfage8bKdaMjft85crtXtLtnZf-jnWDaiYB0OYSnG0VjWca&rsk=98&rcs=ffJ-03uKkO7S1ZwzMUulAA&cuid=a3295248-d5d1-4da2-a50b-dcf7bf3c52c0&pwtu=%7B%22id5id%22%3A%7B%22uid%22%3A%22ID5*X0QzTLThDKIV8IFafcz2cSDahdKnbsXJX5GtGqTUNX0Py7F4wyzcH2rn_qaZnJCqD8zeEV_It6w-x78TKhjGvg_NmPECQW-mXjW-ySHfD1APzqMKwFQqPdIyr47d8-xXD8_UMW9vdc1ncn0Ksa7F-g_QeWGS2WtcOwXPFNFg4TIP0cXx1XqRL6TSmKFeVUBSD9IFkQE9K-6V0Nl2wxQNlw_TlR59Btm-Nt0hIlIcUG4P1Jq0_a01RBt7fGj-Af8ED9ULorpzdHwCJEPQyVUm3g_W3nr7Ui_WYSBY0FhmXxUP14tu0WD_70oYgyHmP8sjD9iJgIYLaQ2vkpkKaRhaZA_ZLo8iTIqRP3Pk7s87uDYP2jc_Il3Qlzh2wBPvU37tD9t6vrGkWSZVG1uQLuikaA_cx9bucnA74mVfJ1f0pJEP3VrJpKIscVrKga8LxMNND946SFqC-slFHwc28hETOw_fhgShOOFotvs2_Vd_fnAP4DSyLrn3TtFkraB_DrvZD-H8pPzuWdHioXFWzxyT_w_io8KJxEoE_wrbhrz9WS0P44OfzCZH8X7kfeQt8A7sD-Tw4TCN_PQ8sOnq6QgXtw_lVQv4VAWysO7QY2LDWb8P5q9VSxOsy9XyIGlHep0tD-fMMJk1_mq20wDY1dSRCQ_ocFV6kcwjuEmjjOv0pv8%22%2C%22ext%22%3A%7B%22linkType%22%3A1%7D%7D%2C%22pubcid%22%3A%222e74d6e9-1bdd-4b15-a29a-869482c39748%22%7D&hbnr=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e57f15b3c0818f917a71d335a192553d300b0920e10838624e4a9511ecc31ff5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
en-CA
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7018cd09cf03a24a-YYZ
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray
7018cd0ae935a24a-YYZ
date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 09:20:02 GMT
server
cloudflare
age
13515
etag
W/"5344d-5d6649709d511"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 25 May 2022 13:44:12 GMT
usync.html
eus.rubiconproject.com/ Frame 927A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:27 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 25 Apr 2022 17:29:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
cms-xch-chicago.33across.com/ Frame D966
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dthe33...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=3158d42f5b874679b55b310eac5de4cb&ssp=the33across&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
date
Mon, 25 Apr 2022 17:29:28 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame D966
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907767566.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 25 Apr 2022 17:29:27 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:26 GMT
match
events-ssc.33across.com/ Frame D966
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-4XVfXFBE2uHikkx354T99Jos.i7kxaj5~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-4XVfXFBE2uHikkx354T99Jos.i7kxaj5%7EA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-4XVfXFBE2uHikkx354T99Jos.i7kxaj5%7EA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:26 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-4XVfXFBE2uHikkx354T99Jos.i7kxaj5%7EA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame D966
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5190f3ee699808e5&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADKJ7lyYFKZAMlOmreAAAAAAA&expiration=1650994167&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKJ7lyYFKZAMlOmreAAAAAAA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKJ7lyYFKZAMlOmreAAAAAAA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADKJ7lyYFKZAMlOmreAAAAAAA&ts=1650907767&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame D966
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1653499767%26external_user_id%3D7aabbd52-0742-4133-a07d-fda9f86dc1fd
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653499767&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653499767&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:29 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653499767&external_user_id=7aabbd52-0742-4133-a07d-fda9f86dc1fd
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame 927A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
18f25152e6157a80c22560120612d9f9c18790e176d7165194cf5ee62a7773d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:27 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=23366
content-type
text/html; charset=UTF-8
content-length
9542
expires
Mon, 25 Apr 2022 23:58:53 GMT
container.html
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C55 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Tue, 25 Apr 2023 17:29:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA41 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Tue, 25 Apr 2023 17:29:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD4C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Tue, 25 Apr 2023 17:29:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 68AC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Tue, 25 Apr 2023 17:29:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 688D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:26 GMT
expires
Tue, 25 Apr 2023 17:29:26 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2FB6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_hf_8TsQrmHGqz_WUqtVB0yU1_nEjjPqBvMyM9-d9cyzc0C6G9UAxae_DW5NP0GZxuW0HMq6YjsNVAhbtbbVjsB6bTQeUNWlQ6-k019BkqpN3MX0s&sig=Cg0ArKJSzN8RiJT-wFiMEAE&id=lidar2&mcvt=1097&p=1110,436,1200,1164&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20220420&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1087171916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650907766566&rpt=272&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 927A
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L2EZUVRD-W-HD2J
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L2EZUVRD-W-HD2J
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L2EZUVRD-W-HD2J&ts=1650907768&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L2EZUVRD-W-HD2J&ts=1650907768&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:27 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L2EZUVRD-W-HD2J&ts=1650907768&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
bl-c5c1c29-22b38b82.js
tagan.adlightning.com/freestar/ Frame 8C55 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:32:51 GMT
content-encoding
gzip
age
42997
x-cache
Hit from cloudfront
content-length
16053
x-amz-meta-git_commit
c5c1c29
last-modified
Mon, 25 Apr 2022 05:14:59 GMT
server
AmazonS3
etag
"3abd766dd9a72c2566f4dfae99481e61"
x-amz-version-id
zgrf5zkrhPVSyNvTcjz_LeKoP3oETO_z
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6TK4hiZxaT9YruJQwe7J_4LTW-edfEm9ZswWAaAzeM9eP7I9vOX_bw==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 8C55 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 20:39:44 GMT
content-encoding
gzip
age
161384
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
misViXy6t9TJfvNq3auy6AGB-Ww9lN_x6Ify4ty3VgCc53xucvtoQw==
bl-c5c1c29-22b38b82.js
tagan.adlightning.com/freestar/ Frame EA41 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:32:51 GMT
content-encoding
gzip
age
42997
x-cache
Hit from cloudfront
content-length
16053
x-amz-meta-git_commit
c5c1c29
last-modified
Mon, 25 Apr 2022 05:14:59 GMT
server
AmazonS3
etag
"3abd766dd9a72c2566f4dfae99481e61"
x-amz-version-id
zgrf5zkrhPVSyNvTcjz_LeKoP3oETO_z
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
l9abUVPnAQEqq6tmbv2fcKWVK4qFp1XOHou5bxVsXJpjic9b6sXeTQ==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame EA41 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 20:39:44 GMT
content-encoding
gzip
age
161384
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
SYXXWn4mH8MYL5uDiBNenF37C253nNx7VlMasq63I727MPSU8QK6Tg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA41 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwIwT0cGJps8AI4tpH_arB7aTkxmisJyOiVRBGGjlqYqM_vavsiOO5Ub2xhnV5NL5qfocsh5EaKstXz2PwzWwEOfboxKy5OaDHpUrt19-tGitUTpk
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame EA41 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=971108&cmp=26826172&plc=322545941&sid=6522286&aufilter1=1024534&prr=1&ppid=103&autt=1&auevent=ABAjH0gvfusGwKHnL507XcCEh4Ll&c1=1024534&auorder=27325299&aucmp=16564276280&aucrtv=396569087&auxch=1&pltfrm=1&ausite=101267032151&turl=https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/&aubndl=&dvregion=0&unit=728x90
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:6ab::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Apr 2022 08:39:57 GMT
Server
Microsoft-IIS/10.0
ETag
"978bff5b4ad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1163
dvtp_src.js
cdn.doubleverify.com/ Frame EA41 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:6ab::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7ee1ac7bc4654745d1d0467174ffbb5730230bccaa8c70e7b72e03b69fde300d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Apr 2022 16:06:37 GMT
Server
Microsoft-IIS/10.0
ETag
"80a4fb70be58d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame EA41 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:20:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA41 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame EA41 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:56 GMT
l
www.google.com/ads/measurement/ Frame EA41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxin3FSvLzkd-fq02usms7lYNCMZBWixrh2_WVEZR63FguX-yA92NxW0rwsgQR5iGj0IDNXVTf9Hschc6c5aDgctVdCA
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers
bl-c5c1c29-22b38b82.js
tagan.adlightning.com/freestar/ Frame FD4C 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:32:51 GMT
content-encoding
gzip
age
42997
x-cache
Hit from cloudfront
content-length
16053
x-amz-meta-git_commit
c5c1c29
last-modified
Mon, 25 Apr 2022 05:14:59 GMT
server
AmazonS3
etag
"3abd766dd9a72c2566f4dfae99481e61"
x-amz-version-id
zgrf5zkrhPVSyNvTcjz_LeKoP3oETO_z
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
sVNKDClfnen2U6V6MoYlzE6GLN5fbuIuVOp0hUbxD_FjSIDx9KNsYQ==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame FD4C 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 20:39:44 GMT
content-encoding
gzip
age
161384
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
pTBqGbKFRfLIR9KrMUS11AGUl-_LECerRD2a2gLpqoyzSVhxSK0Gtg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_8J5QDIPPBMqBJRyt9U41rIyxC5V9AbCKs26n8rvLmWzqbuWGzI0CscQtw8eK9ghJiWgW9SscPNXd6GzqEam71cfWmL_pqqpdfKk7N0cBiahdhw4
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame FD4C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:20:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD4C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame FD4C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:56 GMT
l
www.google.com/ads/measurement/ Frame FD4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvTOjzvfG9ASYXTjMYvYXGCUJ6fMN-djqwZedPr_WwdkVHG1fU5wAk1RUY9-XwwUyYimCuCfCgSNZORU0sLjrEa6PV8A
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers
bl-c5c1c29-22b38b82.js
tagan.adlightning.com/freestar/ Frame 68AC 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:32:51 GMT
content-encoding
gzip
age
42997
x-cache
Hit from cloudfront
content-length
16053
x-amz-meta-git_commit
c5c1c29
last-modified
Mon, 25 Apr 2022 05:14:59 GMT
server
AmazonS3
etag
"3abd766dd9a72c2566f4dfae99481e61"
x-amz-version-id
zgrf5zkrhPVSyNvTcjz_LeKoP3oETO_z
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
RqleBMp3-Zp_BIIiCg9LmDLedhzLgq4YT2eYg6Ib4vxBBzMV1lr4cg==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 68AC 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 20:39:44 GMT
content-encoding
gzip
age
161384
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jr3MaJvYTFBiKV-Vcd76wRLYvak3yLoltWy-mT6VA2CVUTGUs9sx5g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 68AC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DO6NqEfTHEk-OxCbF7Ad7tFPmFPR0H2MZadutisazucf_x_ENtJhL2fnUGaDJM3013o5exY0UbJkSc8zWK-K-6WOv7ByBm5lFYrhARCRfBdPVvxVc
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 68AC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:20:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68AC 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 68AC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:56 GMT
bl-c5c1c29-22b38b82.js
tagan.adlightning.com/freestar/ Frame 688D 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-c5c1c29-22b38b82.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 05:32:51 GMT
content-encoding
gzip
age
42997
x-cache
Hit from cloudfront
content-length
16053
x-amz-meta-git_commit
c5c1c29
last-modified
Mon, 25 Apr 2022 05:14:59 GMT
server
AmazonS3
etag
"3abd766dd9a72c2566f4dfae99481e61"
x-amz-version-id
zgrf5zkrhPVSyNvTcjz_LeKoP3oETO_z
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-pFP5u_0VsvIxrFz1hU2rCt2yM6IjnIbIQ4S4hIInjv8dc77sJk-1w==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 688D 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-54.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 20:39:44 GMT
content-encoding
gzip
age
161384
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
x3k-s_EqVMFWjyXnFsTLHR9cmNbK5vLoJUixqfV8ldSOt_uOeOfOmw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 688D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhtRR8bUKBjLOWaivW_7xEqWpT6IZDT7ZUqjxjo6_Yk-DQuUOieMIveipQOi2k7UQGNEC_sMPTKRus5xtW9FK1T43bLPmKyLiYErzG0P0vFuiiXrQ
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 688D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:20:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 688D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 688D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:56 GMT
l
www.google.com/ads/measurement/ Frame 688D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJE1I5pOBV4_mOWnfSkNyAWRt2kY5WOXssBmAcMZRJC4WK3SGgC1kFzrvOsvY6LHW0-WUqEsA2xD2PLMsrnLKp9aQ1mg
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers
106
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/106
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-102-43.ewr53.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amzn-requestid
859d971f-ea28-4e60-8f55-42506a639c2b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6266da78-66ba86e4641fe82a1be6c7cd
x-amz-apigw-id
RJcSzG0ljoEF5RQ=
content-length
25
x-amz-cf-id
jg35lyDMSYFKPHhQG1zEPGgFQY5t-lLaU84gD5eIpCHS7rgGf-q25w==
pixel
googleads.g.doubleclick.net/xbbe/ Frame B1E1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD65wEQ77nsARiPrtmiATAB&v=APEucNXYbGpwwxGd7YdhsttI0KVLiTFqkxu6pH2GAEyotRk106hORVbwCOXU8GcKFkoFAYa3ZXafSo-Q8Couho2qNa7Ng5MWzQ
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4078 		14 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkpFusnftenbJcjKm5O8m1YfmWU1OnsGyDXiOFEtANl5G13uqKt2Nk5uN2Y966Gxq057Y9aqaBmGcB829U31KoAohud-1oupTPZRgO5Fe-3bxorUFJLtwas7-xsOuhDwckEWdo34UOHFaipmMaxn7jjsr6fw&dbm_d=AKAmf-BPg0YkDbAoOUcWq53JWWCjYnq2E2g0YL-XcBs2G-e4S_VRZKk2ozPi9PkaMtjwjfoLnzpl-euQ5bpd0pyEm1j5qyLegVI6NNT6kLnlcIiUsw-0VPXXPaBVyvEo1F_eczy9glmZ1DQXZsJ-p-ZX2bAT_hTHUXhAuLT7McLEOHY2jtbdg6agzlS7Ecnk9eWh0oI_nBobg9uZxiOR2MxPFeGqM2_oT0FfyGQmBjc49AvhqEvefweUmwtOVGk-L4RItYjNez55-0zJ98k68PO3A2oWBkztLlPJRy9nu4PWc2vXhrg9u0hcibJjiEl_rH0RMreJ4ETc-18l7TgCxF-q6n1vxjgBlrNqCK7fEucfhuswTqkF3It9RGQdxP9hkg7sdbgXF-_KteY92gKCcsR-M2zxCWY-9iZF_Ibi1k7MTb4Ihjlx2FdPBelCrkd7HaD9cLOwSNJPTF6qqjni2jULis9RJlf0biKzpg1bBCXdhYLZW5wiMOeUnYZ80snwB5MtkxMuozVrcZLT8Ay9Ft724flLqsFUaoq-uE1QJYT3XmDk13y7YkSSL1PhzWIRd-C2QKoauEZ0JHAfN7ClmVgG7eNBmN4Xlwigm71JrPj0MGgknulex6mzYdJyeL_8nJ3sT_DIIFyerr_wHj8d57gSwgcovmNMOdKHKSO4bXT_9UuSK3Go6yaOdUFjR2pZzQIt3smj1Oknji6IPGXaIqbR6pqnPTrPghIACDJUe6EZW429AZniDwevXg5iZnohINN-M_lswt_WKeYuZW05l9O4CAG05umbEr8qTmUmxhZbun4h_lGN3FW8BXIXVlJcZfxYdlumdrG2ApdBhEQCIliM5-7zxW3cE0QHYSUOAwnZT1Thk_SJvZGUEoGsoo9S3jS3l7VT1Rfln6AuQ7dIKv2kBphit48Aa5dHn4LlMr0SA6IiC__YCsxjAongdfYB65g4ICcuc2Jnm_NASmoWQzDxAV_axu0Gr_q5qnVdt36Xeu9ActcH1eNO69aB91le93REoNZo3bMXAmyU49Tm3d2j26EHO_N_ObL7AzKO4O8LBC1p_od5T024qG5qvMxuev0X2LFHRZOVS6nf2qEJxxpvhIw2FxrFLJ0Q6auzvTYA1f7z2fJS5EAgtverIGBg1BMnq0bVKKQ-0zMDltcX4SiZBtj-h3hIX5wBE9l9SMeAz4KFH4ZCVIbwvCWijQNSTQ1A5GY9pEsloW1TYdW5eAwiOvNYL0X0HELZJz3y3bvZo_be-X2VWACrpU6vnW7IePoOcV73HLf6pOcnKkhbaRjj8J_XVoMwU_IvpGoC0Qb6syOXw9H5Ea3R8-3L1ktIQzliHybIdx_SqP92ODJ7id_hg2yQ9mXVlZsHCofEE-9tSvha4ynB7txXGTyYgbwwDUE7iPvtTGi36t5Fu0bxZ4MPdXsN8d90p7gJw-SnXqxYcYtd5XjPhm5UO5kjj7L5MM0_L1G28fQfvYfqX1u0exVi0m0JBQORhEyyCrX_ElKlogaAF9umLE56L0P1_5ilB1kidEniGXKrs8E1_fQnjxC0f9XIXtD1qzS8-JKHkqq2cGqisk6uI2jb8BAOloNmYxDPXQXkM_pjF8eUYsVWZEEB41-OYgrmNkWiDEU5MQXysgki9zkqIFR6PqN_t4uWVxUy5VOYNBp12xvyxR0os25Bj25kiWtPvWzAOEPkSEIF45NXLynAuq7nPZ7GZ42uJ3P_6qe8WXf-CY9dVZy8ndBdAgECKdiIEk9fMI6gJ29Jr1oe-dFWIO1fLS2s2Jxr7_BmazkuNjiSF04FOu18Tv8rypwggsvIB35U_U_raJfnJEieZ2eyL-L3DfYqo0kbk9SOiGgu1efyvU8mvnmfFYrckH_ux8yrXb_Od4mrr694jq-vnJv1fPYppQSwLJeXMCJJd5hPP944woK0a-ZHPdbGZF-OVpzsAap-NgFNgz-GHFAWYwS9BB0hmhgSW4DDJtVCQApCocSI0GiQaF8Bf0yqr2JlaAChTcuex-iLcfBIQs2rcRmEiKk19iWVJ5BtvITzLL0oKUpnJNLhTjDBCcEUwhVQk3eQbevv7PIyAb3ZVl8246XCnd_LBABYaho1DMSq5aSGaLKbRkw7rtxrEDiVa6XHBMIVV9u981KKZthfxzFsif0Wheld_TmxWCEbMKTeA-BggwHD42nr5czI2jR4GzEIWhMLo-nO_Vdl2wesYPmwbdc5wDBTwwMKahq-Yon8rnCpt3fH-T2vdcg9YKk97AerpmUcjl-4sQd6TAqB-MZ1p2sw21IrdbE5HaOVvPlKYCaXU_o6tIoEwMzjxm4J5nTNnkFqsBo_9DcDDTCJJlc_yEig2623GeQu8smVjdjL3HRxO0nbLDLIhRTk5ov1mlkT-clNef16zeq0RadwZk8GyzWugcwO7yis6sBYcg3RV-P0XWP0jONsDCoXsEmReO6dqwflx5aHiWJ-PKVXx2a8ycXgWbNx_IsTihpVjm6u3La4BpyfZrtQg4Wa-SpwEtkX8B0CyVWht-MQmzixgFLOd0YdCPwv3XCHKyvBHc_-XTZqPbrjVlvxc0sHrhex37pjpLgVhMhJD0RUUx2LTVEhmjE0NU752_ZLrl8vR8doC7ll5a-4tjqvzbVOAL9x9Z48cSamVvAAlB96epMLBysW_CkyU228uQ_NNeuvV9OOReBlhZu7mBXuYxGh8yNdaKMvaqXLENAgxB_qQ0tDSCKM24Lb-1wTz2RNMi896sR-V6cqmqV0oTO4XyoWDIvP86a1f84qzB5Z42FUvN6WHczVXj_NLypj3ccIJVsElWbDVB2xoiDiTTsLHsnUjKSlIa3zP-LgJMKhpxmlDGhkOOmFdV25X-qX8rpLyVyuYWumOZoWURO6laupBAnUfLLdtyGFXTZK2gap8GiisKgk7e5g-WIIqrh17V9xGBbnFPDEjHyPvOCPwtkZ9OFxi0qVVQa21akqBQ&cid=CAASJORodj2RjjZd0Ol7nnvB-v0Un-xfc64-1_xNCxR_r8b7-c7MFw&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
333d69b35e15ad7da88f3c7064ad829d1553fcf46c64f913b8c47487db84ecba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/691104/54013511/xbbe/creative/ Frame 4078 		238 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/691104/54013511/xbbe/creative/adj?p=APEucNUCTSBOfFfMl-UztwXSLzrKdOEx64Nx88FzdzL4F1pBuVJKfaY&d=CokBAKAmf-AnP4yHRJR37Yot8g3NhCvB7icdaCBzfMr7n4ZvcsXSDqTV3Qb-P0ivXlyMZqYdPuH70HmFg6CyyTwZjl3crmBC6umLN9B9ieimLWaO7fmBwd9yX2RmDSHn5JsvnR6jvgCa-CESaqV98L3MCdSpbB-usdyYlu0hDBCVSCwEpLKvoomFbNgSuRMAoCZ_4LAySosgdjPSJm6Fcq3bPtllAAaDB-QGXGqGpfCPdQG0DU9ogekDx4OcruOTgQFqRwNKdMVS-9a7eZYx2apOQIGHAl28IrWuz3dT2x3YhL-qrbzsPotHvb4HlOxW8nIh1gGUSVXNzwWVRf066uFggDXAbneRVaSihdajvb8450i6aWiGRKveY1GfI0IBIwXEBA-YPlgoTuU1348I_TsJr8TD0a4bqGvibE9qqZ4jKHOX4beddLvm0LlCJ_dMClYFKcG4Va_ZxPYaqSgeef1z0AP6KW5ZSO-QmKbxHqhniNScSSKDF86B9FoykTREc8RKwlsAaPWWNEoua2e7A1ngvAdUQap2i1l5pQzpDWt5aVYhJGI98BGh7VP5hnR41rP1cH1jUYxAzawv_JeQfN4vfJmhAkATKdcfBIZNtmtZUP58xUbhrVpyyHGNiyaoe_SnHk2DB1zkRqR7zp9GS9licxXPHKwnQ8V2gFJNgA3ZLup79Waxh43UAjwsDSQFzxFsgT7nmwVTX2H67wLl91qM8QdOsDVOvnRtmJW-dj1LJoZJQCuno1FMAlQs7zSM0jVN6JbyV9P8IcgPdl4rRakowvbx-Qdf6YQc8Uk79z9o55cf9nI6L6bAIHwDw5NgEDnrdVo3ys33aaOLzPulRlp11OlvpNuotkXFB6VMmFJB1Tk59w3rlOBjpclPzt1X9u0Q3lKdU9suIAcw-KqNSM1grWa5Rd0BiH1autmbzZC8AnH1VXp04xkP7AyPOcK61u3ohyShT705x8EXGcE_u-1tmajEu5OShuRv2Hje36ZeZE_RMoDkCKGA-ruXZm8IPRjBReGINe3Dyy-4U37f5PZyTxC_UeNfJjSpyRFU6P-vlbwEMt1gQy5vOWkrZP_8K-g1ycv6MtlsbWPc9QtL9B33pGwOyCXMeXLI8ds9SMOKgRWSk76GKKs--Q4IWmodCFucmx4jFxOsCmJ4lJmsSNx7qRuvWfMxWptg-lz4ttOsGvrYIb_-UTgvNviCc5P1jF89jkCt2JeuVJ44wjt4JgELo7DSGDkJ6OnIM94k6jYL3Pbd3LQRCCv70zt7eaO9haX307q00leLWU2s4UT_cBb32BRd_VKxyEtc7vMY0WnaSPJzlKcu9thy3s6GOhxhz7H5RTmIKT-vWn8lJwXeVZb_lgbr-PGOJS64rWQIetZYUvL5WUNG3dQGUGjy6Kq04JB1fdNFvBNRqhqY0lPKOFshwMwowDQY2zoPrroYtszYrHWEoaDueA3Y26AqUaPDrtWs-lvxrFvdmPtrp7a_mcoQ66qVaq5aAU_Gue4L32OQTxh-ht6nKvgL7XGKQts4kP62MZqVdo-r_fQzR0zF71OIEkAZM3Hg2I1bONchZ9qcMTVFiz6r5vx5VFEH06MlcNAGw4YY-CiAWSWD_ZVx1jQ6ZLjUhliWtaQUuKjJa-EPOqgZZgKdjbvB5mWuSbQm0OCXJET8AVOn1o3vvlVt_1xtLzbjvC4oxxPZ1ZnNDTkqtgsJoGdmkOCA1_17Y7nUPmUxLxDo8d9iW9mEdAr3Wxbs5bAHlgKC0SAwT2tW090atnLIGGnkUv27XVJ__Lc2cKoVK0nOAHbbOOR85UcmfZthoaOXjAWnFaIDdc0wo79ypFxdpv6OhE-OSKAbFeCzyQ14YehoV9ve7VRmKnzA5HZGNsjlnldC0DuboZeYseJ8RRWkRCBpC2ZSQyWyjpVbLX8tQo2DAknlcKAoG1RTI9fsRcfjTkMD-Azl2RbSylAjAFOQgFDJUget6OkK9RE8EzVLe0hQXkzgQ52UTPZmoZ0TDTj7qytHpB4tUb6j0IaYtstOGYLX3RcCBP_--VLVaYj1vZ7EmhnHqulfUdkZWtxVA3LGRHB-_fZ5WdeaKVJ0IcNvNfFBpjTQY7NXLu48lYfEuIXJV6lQZbSitfXbXUuGB8U1eD0pL2c6cJ_9nylmY08E4JhkRanyjYFgdkiNVwBAXrVpRe2PBUEQun4jRo4yJ10ltwIdWTdhHnLDHwzanbizsv9Q98FN45aVyJ4YrMMOlCGJ-WZ4g9hEnKkPNrHnfeQZQUGKttxhS7IJ811veygPl3CWtvWxfskLq9KaCDLjTJDzUoRnIpejbcKN3YtPv9nJSrFMn-J5OJZJrNhVC9rRxFFJ9QzUJUE1yGU8CFZQrkTjm495bKnoVn_--g0wEkZFn3T7F4F9KD_aHbtORC02OzuxKXj7kcrVloA2Ylb4E3NlMXt0hmDr3EWw0LIhsDLkaSwGCK8JK4MX_Ww_WhlEP_C_ZIgrQ38gep4DgVguhTvTul_dHXj_mM8jge6qpLPPAYAR7Hed7oJ7lJXYqrl_j2r_0CREMFJch5kE0kYddqY0veUUkVRcL71hanaLX3XkTFf3lIswLbW7wWE3prXvViv4KH09xoizfRvGdz0GPWjjLJXLfAMjNFY9jIkV0hsbub1dK9knvWC2Ext0T2d_adBEF4XKQLy0Qr3-d8bFlVKIFVITE7X7fQe1_cNb0m1bwh1yMVEhXHlcVVTwyuHd0-UYbWQbj0fGrqeW8-0_M_opv4gSxfidWN6DI00ypq3PKm4_mjaqjQPQBFe3KJdta6JNLyr7eSxfTCtPbrh_IEb7Clmt3kkgiz0y2pyDK7lmy0xnGdGlZEdybXZZbnf-W02V2lKO68xCrr4t4CsUKMgXqE7J_1Mae9tEd41j5ZWV_NR2gLn3Ky55qWgkWgvKYEKZFGWZ20tbRFI0xm96sHJX1GURu7PXqSKoiIwByNedLP9pyYrYLhylHiK8N4yy05LsNeoRZboYytASQvZEg7mm6l1hSLsBW6h4F9cKD83B40d__zgJhcv9_YEviNbDTACyQ0uTq_rLBPKKuMGx4_no4IwtuZDI4LDoOdaG-Btw2L4al9KhaZbAup4HHpuaw3PAiwj5-en9NUr26ELH4kJE8Xfb_dMQxd4md-5sreY0OII-eTZu2zBCsbsDQ9vFLqF73qHzhwcfvNTyBZRqkTKBRCLc507rsAEQLzSZlhF5nBui3LznYtXxdHKHGUSpqNLptTIcDxVhoNDgLaGB54k4ki76K9rk_2T7B6dgG7kagcFHLRZhOagOO1XtyeIvUluaP4qLdyLdsakby3wnyWMlUfgWme7EOHV7qSPdX0mssxNRmQqyyr6L3kWt1b8Fm17HsmNs0Y-CB7QC8bvOtH-MbVAmUTfG3RyFSDpN4OFgseRp-nUMQZ4sG_F3ht7_QHiNE6eT8QcUeVbLQMAW_TwLsY8PCMTaCmUqvi7XcHohOnR1hDOChMl0VUJ7Oxm1D7SuqhooCAASJORodj2RjjZd0Ol7nnvB-v0Un-xfc64-1_xNCxR_r8b7-c7MF2AB&cry=1
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.124.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-124-134.compute-1.amazonaws.com
Software
/
Resource Hash
a2d4b2ea6539aa8afbca8aa3c0d4fe7cc93cff51438eb1528ccfad408d18c631

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 4078 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:20:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4078 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:29:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame 4078 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:56 GMT
l
www.google.com/ads/measurement/ Frame 4078 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcn5VLt139VVzjkYMYsFrrm1pFywe49-Wqrr1Q-q1Q3G_hGS2-tPXqaFeORSnnPhneA1L6mOyar8NKmruGq7p9fIxLxQ
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4078 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGgw8GdNe9o-kCwaC2D8UfA7gNtwhexr2EoJcmrPbhhoE0aNQYJnhIQtzfh9uCUGxDZcqk5l5GwULCUZS4ovuwyuUescn7S9rcfegoVTNG7platvM
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6EC8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhCb17WdAhj_04y9ATAB&v=APEucNU2klUzrO0oZmRUf2I8HD8F2XtZLnkPTexQZz17CSIOcseR46wfzzyscu_yIxo304D797eWPNv6Nt1Fo_4pVQ6Vfbg0Hw
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EA41 		14 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CGPpM-XXk-O6xVieNIvDV1yVtt07tBHVyqLR53dvokE8mQ316-n-MkQXwZ3BNrBibvlihr-v2U_lFL0kuX1f_TyBf9a1jbNHaodn_wpUz3zeFjsjd_w2svhRCWyZzr6rzB1MosDwHInjB9Uf4vPhONKjNXwQ&dbm_d=AKAmf-DNqkpoVFLJ-0zyjKqSHw-HJLo2yhcPP49L-rVg1okwvpIqi5TNHiCVOE1C2bjrTQWmHPIIP0K3oZAcXKTLoiHMVKnpVHPXUZ4DKL4zv1pDz0oM5pMJRdetUW-mcjwylYAY8o3xF1y275kAO9nLOf9QRkDLUXmxtojW47Ucyoz5JQ7TRbtjX6lZD4NiE9stoIkuIXtshocCNFtITahdQfs7lSRVJ2wXg-dX67O1rJLwcYm8zRI5DHlXlwTZGnyE8MYEQYknba6YwrpeO0JtnszDbYSqFLHqyeSa5VLchI5Gniz2DyPb_hmbWlSX4ZjtmJ95ODKlgnLvWNJcQNO-KN6z1qe2mnJ54QMCDEFEVz4K0q1tsxZpMoSzyT2-hU3FJB1poUfgo3_Dz9qbemhGR5s8IjovzWJDwenS7d0zPATIy8o6XsyQNbfcLOfvFzIx_B-2XSOQ5DW3bI47rt-5N3yyXxl9XhDklpAJN5PSC5cKqDZWZWd6NPh6i0LCz7yc5QkBcCAIQKjatjIThciIac98-SmsL7FEHS98z1wDH0FofHuc7aeFDsyRjUaiM9S0MObFFN1ItPrRGO5B-T6nHPBKxl98wop6aedtjlFlaJ15FXzjhw8XjVmJhhMErqgXO1ZozeqCQTx4b7GtExNQLEkYi2rbybnFEDCO7c1UdL4malLc7j2Pwt-4R4XMbHKuO5tiZ_ZMI_uKbyIxGIWfG-kvSeh35BkuEI-IyoYgi-YY7gKBqqqj3r-DCYcRGTIo9bZCE7fGdMrSRHD5yTGUVmfXuQCiVjFF1dFxrj_KXPKCyLHHvUml0_Pt0569xJzCyq8PDv_6T09JgFYgQdCsfWNuZY3P7I-ec-DiJmF5NIPwF0gZqweS5wZ9MOMuFNZJ8_v2LMF7lgcH-8xinrgOsQZGI6g_CurSRFijD4OBxh_Gm9_P1BgZ0kzSM3inrM5uYi0PI5G0u6FBDTkr4cJnCVvx8Qr1FC9kd2o4BOhh9vzfI3wo5oBMfHqpDfRP0tRHRpisl2aXyYovWRDmvuxGGu-lPhfY4T03RKpIXjM3oe9GLHA07nwQh0JXqxkjX-Z_GO6trSrAhm2Cs_Zz8Pro2VmxTM-H6Bt27FjCUNodab5G-tpUxIqqcO8JrMpMT6TYbIn37UpePaGGHWhL3Xrde9ZhYZ3UDAm_tuIypvh77lC54kl38h67VPQB802FnngnEGnjir5OqgtbT3RAhFPtbooYNyOiT5mLenn3T9knCfZB8YUTwE7NJXdTSKiw_bzqeNKMebso_s0tM2dGOrNN9iQpdie0mGojeOA4pjctnF1qrNu3Z64QCbO1LR1n-V8MN9j4IpRBRfRYlcHWvLneNd132bK9cpJJmne-Yb2LvaUQTmU1nUm9edQZKVVKgbSvuWnDsys_H0ax7lpeyVeUau_nrhNsNHn0HrjyzRIKmgl8eIgdBk4t8IYSRdHRO9dM7LiisVlHtrB7aSJlp6U8_lwYt2cwfiFfSQ5KF3eeGo7h4jGOSibKSMuXnwI_Pq6LDKBP93d97X_Oo7SEf0urpr45bEQDkflAPGKIsuDLNX-DpoeJCbSaXqKa_eSrVbJpI36vpDUzAg_MKzLV7ndlGh135WOU56PEzvDk-JPQK5oVx91Yp_AgDKXi8G_kf0FPmNDjne6zOGUYX51CjO7K_Q7KaR6E0OQ0zaaIZx7NqKYkW2lM16OpctHEqXaR_c3AKPOYqh21hOI4pUxot6EnQm2qtD_JjuAcgalCnNxFACQTv4hEGAJA75udjYwajPmQaq1RYJXxE0IC4PpaiHmc3NQIPqwsaZg_rtcFkjnbkWhyIqEZdbah2AQdegb2Nug5gx09BVOiWZQQbyBcPyl0k5f6w1EcVpex93fKaZGWdh4ZuxZOOd-ompAyHzw2xgNnwKL3Wg_dl-QkTcckFZDyl6hwRSLbErgVlfB4wf3AaNs12vxhrkkVMhpOnL0dpdLqJm4MjeUD2iR0KBkj_guvpwYC_-6t_B1zChCZ-bZmE5X8AVtPThmnDYxBLJJhECS5oAZlubSX5GftVMHpU5-lJ4u-wByWyM0_LExzL5X6lrRpXlAk-8JuYR_LT3kjX7Pzt2SmlnUclJ9jiwJ5xYR_G6_IADM6MD1ynSH5O8wEK6Xin59Z5sWsfMh-j0wyDfHmsI_S5u27IsaDkFvLUaJzEwNdyZQGkmJKDkNGVq3QtpaNYGxMY-3AFztMqv3-6L3qSLtha3ttd1c-wdzmQ4WLV3ewl9g3bJ9IRKcGfY6GRcFFDkRqbAfeaWn9IhoXZ1YhxQ958xw3UM889qV0Z55V9dyu9M2U6b2H-SXLX0jIxTwjUiFGZN1cD0moeTybNqcwdkE9HJCUWE84QPMRTVvGTRaEPIH-E-DvKKCnt51QY2L-7zMwYZZcid7ob0WnIFnmjrhSXhXNjq5y68XHjX56bOEr8divBdF9Q7uCx5H7IaKX3OFRdu-UfFZzgvBS72tDyFlcOcrIXxU4uE1ZlvaVN3WBYnGsT_ah6JvMLSj3nrTcI6AQBoDB-hLFPVTxmUoV-lYwxBm9nmlz1kQyk0XKQGaXKiR5LDISaOPoUaNkqRB3JKxaGmdj6ffd5bc1dNaWRc2SFRXHoEpccPUazOC7jJENnCla8JY2OzfZnpWgn5LHbxVh_1inJXKAfR9nucHxKVPGw5co_bD-zzCqqjev6d5rdGYYvLxiuDUPQ4qAfYyHEriXFQtq8NgOPiLYC9erLWbJ45nrHBRIYGzCjrCYsazfjax9De7V8Fy2XIS8moxHH4DMVb_niy7SBmXQRITXmsMH2xb_CZaOHpJTdtyGOCwvIKWlIM7bt6vE-tU6Pt5VOmOvXnI&cid=CAASJORonCkmiH20cXnNA7oBN_6mq6mQYSc7xNKD6Uw5YTCc81hdNQ&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a0991b50c58dc258fe623489baca181bdf2fc58ee2a0c889ebbc8843ff522ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10768
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 17:29:28 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
tap.php
pixel.rubiconproject.com/ Frame 927A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uB8VUFGtbe-WfsnQ4IosRA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2182880639564062749
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2182880639564062749
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif

Redirect headers

date
Mon, 25 Apr 2022 17:29:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2182880639564062749
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 927A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 927A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=L2EZUVRD-W-HD2J&ex=d-rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L2EZUVRD-W-HD2J&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J8E4YPJRB531GGJE1RYZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L2EZUVRD-W-HD2J&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
usermatch.gif
beacon.krxd.net/ Frame 927A
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=27384
  • https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L2EZUVRD-W-HD2J
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L2EZUVRD-W-HD2J
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
34.239.90.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-90-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:29 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1650907769
x-served-by
beacon-n026-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L2EZUVRD-W-HD2J
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 927A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7e9b6266-da75-4600-97fa-93bd39c882d1&expires=28
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7e9b6266-da75-4600-97fa-93bd39c882d1&expires=28
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif

Redirect headers

Date
Mon, 25 Apr 2022 17:29:28 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7e9b6266-da75-4600-97fa-93bd39c882d1&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:27 GMT
tap.php
pixel.rubiconproject.com/ Frame 927A
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3F695155CBEA40AA8059773D874F9164&expires=365
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3F695155CBEA40AA8059773D874F9164&expires=365
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif

Redirect headers

date
Mon, 25 Apr 2022 17:29:28 GMT
x-content-type-options
nosniff
server
openresty
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=3F695155CBEA40AA8059773D874F9164&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 24 Apr 2022 17:29:28 GMT
tap.php
pixel.rubiconproject.com/ Frame 927A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4146191290397438279&expires=60&gdpr=&gdpr_consent=
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4146191290397438279&expires=60&gdpr=&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4146191290397438279&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 927A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=40f8252e-c4bd-11ec-aad8-9f94043e2d80&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=40f8252e-c4bd-11ec-aad8-9f94043e2d80&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=40f8252e-c4bd-11ec-aad8-9f94043e2d80&expires=30
Date
Mon, 25 Apr 2022 17:29:28 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
42ab0514-c4bd-11ec-a8f5-fff1e2321bab
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3612 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMew9gIQ7P3b8wEYz-yTvAEwAQ&v=APEucNWSEBuN8JX3bYxjgsOmtHlVHOfLj3UKmW6C9TzzNifsdCGnN_ClmfqNcK249Ks4wOLm47oA6dYo0xKiME6AxRjwDOlXQA
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FD4C 		60 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnZa1z0FwRGOIgU4XEQaWadsAdxHG-G4CaQSaYB1CboOdEyU9TAbUz-K_pr-zf2Kc2x2j6NTsEjM21FBIZJANywMLXZg&cry=1&dbm_d=AKAmf-AkuIiHF5g8IEwsTO7J9gEjEQVFhMilnsLJTIkvofZdhhdNLlQneakXCWwyr1M9Dwd9VVzTx3pegFKt17UVMAuLnhyEQIkdNgs568Xj9hz3HxYsWnPkz4uAusQ8rudnKmDhn9jtMHmTwMT-ycMcN7mCbOt44bL-3JxgudsyvCptXvWOFeBP2iS5VvHanDCYVbFSLFfO8dn6qxURX7yeD-wWd8SRetLIOM-fzwDfk35s3tlgXXnTTDj9LyuYxC-kyNEtE9Q1h8sktvSCnWaEOaCA2z10-IkO-ZFkTI_RyTKFHjlqvp--K5BMZiKp4Ar5Pz88tU0cI-3-7vd9eb-B2_j0py-fChEo2JunXUZlIHZxreDw1l5Fn8Y73-oTgFSGDsWxdwMKSE27N4T2gk2lKSojme6Gy-RGMmoQIQ4kaICJY7KLHnQO3WtfyPKUs5H4alqI39dpKESB_SmSKsBgOY156j3R5WwZUTeMco9d0FJREFuuekh7bKC_6bpapfhH25XimzC-Vw4MIb9qYEu15idoNd3btnnHY9b1wLTExu4diwdg8UyRSowQKvhaVyJ0MtA-jQliFRxKU2pHMgEOI5GJfMabPvLvb6g2pIPfCbOVf8hGtr-P7_76-pnI6fItb0Pr_zzQa_sswA5F_jfnbUy4aZ2PsZtkGDojXSIHhopCyr5y4m6pYb1LuErZh7y6J_LVRcEresnVhspJjdrfnEBtMXbbDLHajH115IDBfkw5OKpWJQfuQMI-zsuWUPyaTT47iuxI93QvWVf1QW-EyriJqIbmfdQk5GHz5rxZ8WsI7SpDJwj0g1gHI7Dao1ZHlI_nO3Wb5KPZUwq6PzbOU6OUicRfkMT0jn7uInKfz8PdNdAkRLADDu_KsvXr8LkylSb2cne-tF2WrZjwHANPKU0oOr_jrelQw5WhENh1FOiqcL4JXS1R-4tLR3ZgFkrXCKUS2H9FnOGmcJ9sWVbQiC7gXvYsn38yUchbwncVVkpvtogfzj7Tgbdo2ddqFKIl_gLdZKy8aIY_La-n0AyZN14OsJt73FGctPwoD6hJNiRy3Q6xfIQzhBGWEYX3E5j2xeUtjVE8t4U2KuwxZrKeQX3FFUi8OgilIw6_NPg7j1gtcKgn15XR1k5dZt4cuTEtkF0ykc5M0PdK5Q7Aj3ZB9pHo0wqjRKd2TmU22SeagpiYa-l-8IqTZ71R9xQi21rloc49POhCwnvkvMrr2vTrCxov8I0AFqN0emkckJgdgXsl7oFgutLbYPB8fDAID66V1ZUXUXr3DUIlGQgu6tyVNL14T6keDcGbj_E0tcOQA7sjQwvjd2NiOulz6ujLK5LjDAm1S3y3gcWNjw74alLLgdOgB08b3d5DB9yKnBtPHbTN5t3LLQp7NqjkVGZh7oxeN2Np71Aekj_pi_0NG7x9-K5PY5izoJtloTEelNDxGTdN4rIKY5jbzU2Z5p_b3HFYGNG7Ev9LR2G3El1kfEsoJtXZgBzmRZsR-FZT8uHaSqRmh-ORTE9Flwhl_ohT-WcV5LQ_obuK_Qyh2oZo8aA0Ls2x-d0MClf8GaGks3pbmCGTpeuEoru2AZTO_j5NnN-kLUqEBL2eyJ_Qv6dHS3CFKYtCaXhN5GLtxgM_wxE8tEeyv9_O9FtJmw7QkKy1dqYzqNU4ujmf6QTI2ESqGOtT0YFvJf6gqdSqVijPlBGMnxbMVYNKTXtQhIethlZ_gi9GZK6NROFN2vGvoYrJFlMcqUOgbuoq9_rpjlH1rN1N_EDz0zSpDL0GpXNzQXxQovpOsA7zYkO69C88h-t_7DFY26soEkqMvylZWdUYjTmVs1ncGltDFHk2EMbRU7K2pOZUs9yu3g-44DTu99QKXJ_aQhL4R4rY_P1UcgVVuUvkMRRwKGY7nEeag4ZX13wBzf3ZmtcCjxyE4AAZ2fPQloCn3rygG1B4FCY9ofn_75xarTNwZaeL1l6R7Q4hE_atZBCgUd_4JJFLrkaP9aaEZhEL9WeHZirXDv0MV_1AJqyCixNo918CDdqijTL1mGZ8g_5lHBKYjitVi6N05GxQuCwNBcaF7CPYHkKpB6gXzmcKnGcfF94qJ4Z1C-f13Rqpq9felRAAEf80vDO7gFbb458iqLSm3RoHZnV15YcmBlRThWGRJVEudt8RM60fwR1Q4YogqI-Q-KFzLPm8i_MLziMAUBbNknjAasPxb2pB4UzjUYETq7GiXF9Ptlgw48QCCEwYpygl4dmm62KfBmXQYUH9GJQTs7YRh1qOd0OA-j1eASJ6I1lvlbcithmZemXhjj_kkfdaUmD4ft0vLNv00i1fi1tbLcTIEeByTJeRpJPEtZq9xWMgl6qI-SIlSTMb3zf17ozBd4nL062k7_Dziy2pEEo2eyPQCyPg4-bALHGcZW_evrxAPpei8nkIhEytweUIH5gicKBr1lkCmUrpIYyADhOZmNosKSruedp3x75DuTchg4qrKT7R_F-Gl1qcHoh-KL3Kj-L0NxHv0g8dznXbh22-fgjOwFvFoH6_nWLTShxaV8LG-oS3GpLNDjDLr_ZuqgR6J2NYuPXtxdg8S0Kr_7doLMX20p49Pw3DfuugLf7CAYVvWkBSzbLw1JFlwwN313-WT_Al3KyxkqU7NrikUITpi2FhBsHibT6f5Rctia0ZlF56V0XVQrkgAuPaWhBalGLZW1qktOf8ZzlWv46qopUkWu55qzfA36tBeeRTUvogLkgZ5AICnt3GcMqJuYZt5Aj4vsAK8Gr976RH8FDFz2E1RFZ6h6vlddOGe28oC-5cd58-yaQVUQoQuW_9Nh8yD1il4dHfVTrjL3jsPF8xcfpLn_buHKKfrXLz6x1N1cacfhOrgGuOiu4IWgKbgMdr3zUl52Z6VjmqTRS452jGb5BIFDEsmJEceIKPSRRBopVW1ghUpgM25RQNREawyQf_o7bAX4oOvO0NVZOfpHRoFBZpqbO7uZJ51nxpIhKxLDC_BTlZA5FAg_PKF3NmohgOFUKAmt08wu24SNWhVPLpDhBw1KTu7u91dJsxBxFDsmuPeYhkcOpwaf45-sN2unCFj8i0brTuahrt8HBJmjayGamMItxJsJJhlgpnbVQ4qFAU9s_XPO4F5J1LcE1zlwVYqqg8WH1pqzQz7oDIzknhfv61lmqnnOcozS49lBrgTgIzUDVN02vrFNegK52StxodgFrlkXxF-5yugF9PUz4sa5xbE7vOTQ&cid=CAASJORofKz6oPGbN_cgdRywe-IgUBX0w-4Bhzana4y8vtTnc8z6DA&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb9f90cfe5c302457ac43a5919584df51b9b6bbddfd2a968a4473b7ef6bdd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28764
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9375 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQz9TeAhisjOPHATAB&v=APEucNXj0GUSVTcRbpJuUWgSYZMn5FBhNCAXJSIwahsN6KCjwfUK-G0tv2JfkgynK36EM550tyQ41Nh-GEIADB9GCbYTmSnM2g
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 68AC 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbVQEf1uNVijAd3DyreKTVHVF-u1afjVaFTnBgtKiPudVXuik7L3aX97Y7_VBIsqylPpqXG3VqSKeEyL5IM-7b4eNmGzrWYtcbre6NPPYRA4PVqwjQaimrmegrRBeiYgZbLEYLQsfHjgwpeiGNGJb5nHzymg&dbm_d=AKAmf-Ap_uQxFheQiLrNIdQNfhhkMXdA9gcYS_O98cFU4PnV8aZ7LpKp2MIpNhmLP--75pcNzuCpZ4qyj8C-Qvg5zMLjMGYPP7XfikA2mOidW3QGoJgQqDfZzuPk5FFtF7pEJVWS5po6rbchb7zz8WDWfF0rKhEb9hgZu_UjSMNThblkt2zw8S0IDG2MLBpvCnK98RY0X-bu5uXMNSAgN5aEbYUtnPeqiwl_MGY5QWd46UFql94fpYeCZtSUAw-i2hjaPsF7Q__OksRvZJ3TyrRRIEo5go3D3S1KqLmXVq2jnaV2GPe3i1n5EVfW6CmkQSNs0a8V7zEMh7l8kGPJ5wEsVlqTULgkrnD3N4-iN_8LryIbvCjVuU0QHFTYjHM70vNiD4gyaRZACk24X1vWWzf2_DMQXVy3UzEzUJ8-2AmNVXR5UBX-IeEGaJAXlIoAJd-BIZuJRzbbIjzVZ2GmWfPNC80EDWWWjGrYSfmKxZl-5C8hJRYhSVli-BRykW5RE04GBoAOxRz0VSt_6VtTtNNQF9wAW2EL8GGsn18wHfiuygKrAOswhttey4xhKQ6Y1faZLVrN_cBqmNeAslachEPemJpxFh4l6IaGVzAy8batxI6mvc5Irgbm1HTnL4vHQ_ml0J_R3Q-_k7HzV04RwJA1syI1QcGRzJqp_H8JWHpzzLzITHxJCKAlUE98v8p9wsnMZixZF6W2iL5T7MCV4QOlntHyqw_aN-v2G30DhBy7THAI-M4fXpmw1UmpcIgG_mRraXbrKloaRVfU_MNK7m8zWGCJAD-KCZZva52nJaYMuZlcCyl6au8dLTB3KxTT_QJpncpI0XU84CjUhpSgxYYBj02pfM2Kr_iDAzhYgTAB1sHHVmbax_RaXqrJpsxwxA80SZ-k-WkTws_bPA5oY5yYV0lmW6hKylZ_MOF4QeQqC7tjAojyWnvV1o9PfaN-eofhrxEvDnidCG0X3H74e8r4_6QarJ9g4ZfPS_CnZcbwwvbS3vaSypAJ4Q0hHmIBfeWmKLAir9tOw4SVvL1SX09I4QkJtDtGYCllZgvR1wCf4qDvxrdWZCYo2-QBdFMeqfhPcMj72M7kmg8w4bKVYch5skL878wGGP5DXnz01KvtZ8rYyQP12dLEN11z3eKdkYPif9nDiK3KMM62Jb42eppL95c8i5SBdLuxJoPym1cm_AunVbH8B4Sg_bil3e1pPoXOUme0cjbqVo8-lZTazBMqdNlq3xb80u-3zrYtqxhsGvE59Lk9ET2ORb7VNaK9UHaK0Ak8CtGL5EuybHyixOsbrRqOISBXje6Jc8WpBRF23pl3oOmPTjZyRsA2bL0-NKEA5A1_01dcc2wmwRGZCIPS6sX0DgtMB3TWilt9WekUJy2F74thrXzGLjAOWz6nAkCfP6T6CfR9lVLYIvdy8omADUgIeF32mJkPW2Iiv518MyKpNMUNWF2JdRCP1WTiY2rUobiX0jM-rJb2sS53anWbZBiotNQozcrmDgpA2rsBTPIWlY-gSTzyDJlcwWHdUNi7VCDNMCm5XFkC9g8z2jRdhJkcMTjzacgjgssKtJNrB1EXK4S71A4oYF9v2xpgo_dyLFbqmEgBSxzOfCB13me2sxuDP25to3nNjqnwBZyclhgdHfUoPO6UCwwQYVWbNnr3nb0_8Zl8JmcBEQ1cKQZGEHPL7LWUKpqyelHLBOZyVH2BqAaxaiXlRYBZ87_QfJg92hVfZgcfrXRlwfTxBFC0Nw41ARbAjM4LV0golbASf5k2_vS6PYXRum1ofH5gGgT1dfi5TNFsEn4CMLx8oUogLA8fX0FMEbqHPgfqOny7K7_jhrg85ghXxczUj1TcsgPZjoxjOr-eg8k6KkTSdOXBVev7U9YV8Pkbug8CrToc7v3FSjglDw_HKNtY8AfNkwXZxQh2uZP8M2fKrSy665GCYgR5Uz3dVXPZuGF9D6JKjW1Z74lZ1pXkafTefBJ1u_34MIBeXsHGRpGJrN7-DsQ5basDbmlZb7PKLmY3ZsH7w2qhnPnwJkB-AhD6Iqn_vxIaBLyZDgIAQSUnkYIz48746mM-EnR_T7UtO0kXiD-alAQ8Nndt9hdewZ-e8pXuyGyWzHTPPmFO3WcM8tKDmcau7Qpwll--pmH0uH5whPR-RbtbcxKKXtMHG1HzmlodnrVS1RSiaH2mLQxKsLqFQiZj9EKlWoz1gtlTCl4MyZ_c8zEhAY0nDSWiuliVZTbH70ZESe1iSI9VwhyRakOAyQ8SrFVHdva3sf_LfSS2hWPg9ZP8GyakEGxb0nQApdatsyaVpnAYLk2fCHRqUt6hiuAQhpWK7J9WTVWOyQUjbNOKJ-TYL2Ftl9rQ_8HTOHra6_QMCV3ZE0fXqwN7x4FO8SeUBPIHHKzcjzaFnUFvTYTmE7LzJvX5BoC_wFQfV_5ok3u5bHamLHRdNelAUcfqochUvB1yQFIkxE0upEoraZbEannTtLgzfkufOoSSgUpNXlp8NeBgTFtfNLLzfe9eVqIQpfscnrTQZMKi3LdQ7hD054tvw08eQeG55ASD7ohjhekoaL7TODFSj5dP09Iwm6AuYaiNiYYaeC69qsGClM6_s7o3OrOzabJ3PuAfybBPcpMCI2CgSkosJUEbnyvI_kcsPhaUQaoAuMfqs4GTWCGmsUAR-4o1iDm97DumhNUxlKsWsnvyfmNmDMPaPWt05AXb03T-5-perCdp0cnrykFlwiawqGzYCRMV6MNRieS6zFHjerVVeefFroEta9MkQuAX_gQ-tN6Mr2C00PjTD0LIZkEFWiC1-IcQ_l1Oy0NlUd8FMCg7sEmtHUKV9N3sDalQ4xzw89gRn3kwRbCyunHFUf1xTCXxF35UtCBxtHUHZZb1iozlqYBSH53MJ13jLxqy0uycneRNMxh1FE8C3gQ1VRbBrjlC2bAiAFvMSnnznV2xYBGASFbDh8VYvlZz7oYYYmQ74A9C7c7KNDZJeFgaWlGWZNJ6gkO9UMheBCHfYXIMVsi3r6s4KH269216q0_1tQirTpftR6qN9eEgrJVZrKx9YiQQxmxIf9LakZS2p76lLDrsT80l_kI4s8VVK7Xw82svI5PHpZQMo4JuOpRvE61vOq4RJGg_CdL6iiWmTRAnS5_6UoM5Q73dFiyZ4LpF_Jd_Ue0pTnQEuv31xHtiYo_YKb7qWIx9CWLBLpwA15B8UJ4quN0NReIgTSsmJ_gaJ-cJLfyhFMMyzHZ_IqovPFium1eRZv505KYrsZm-ZaeqDgyKvobImgyF6Nx-oYTqbQKAvfP6RyPravvqKzHTLsD57iUnGo9q9FL3lTbJ54_jFI7rnsD__nRxR-tGfvi9SVFbuvA4yw&cid=CAASJORo6u4HmKlfxWfCvLroZ6IXHLRBgLu6VJZEqAQ3hGCp5FWYTg&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6293bbb6716359caf35821207d352e3b360635ad769789364a00b9a548571892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33420
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8815 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCnlAEQj8-UARjflOi8ATAB&v=APEucNV0l1QXxouiwV2CPdYXTeH2L07ZfhFsVVhCkgfbQXQkgFCRmZ-G1H_QHDaRgMAkurNO1Dzq1Ev9V-_vLQAyFuGfyetj4w
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 688D 		60 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzBj3j4smVq8RtymWlqN_AkSgmWOo5p0vd5YY2TF4F_ATkqhwNmd4uo0lYsk0vIYGoT6A7Rkpz1r40KL_4gYmw0Ui-fA4cg73RjidnalktiJNU4-8QB1Kqhgn2vCCcpUaS0C7o2u1kyQTTnfyGPJfSGKLd0Q&dbm_d=AKAmf-BzBkTRgXOruffo19x0wcVu3JxCje9OJ9JX6KFAVJDL73JvpJ30fZ6alDzzVVvj6bOVc1rgjup1c3j8GNDjCnG_-jmgHbYg3D-YUlgnbYaoq2jSENEd_CTVQp8JeU4uRWzv8htdAR2DMbrxQhVTpgT3tKAq3LK6VYfxGjiWrWe1eJG6MxaBQJKRBXQb9V1EVLZX7G4k9T8WQGtbR-wxOH0Am82FnwfvyXBT9enpvxoF6AC8O-_xfrk5YfpuOJJssU9mw0fUjvCdpeKEC5TmNVh2L_QEeYFX_jkveaErdB6HqQvB7gqMxWCjGTMOcSUKRDL9xqM5kI0EuY6nWFXDvcFVWLkPKJAOLO0nDnbaXgVxouZ374YvanNddwp3KeQqGHkFRIPis5o0n0RhrRHMMHHk7HKOFE4MdXSexJ91Xn_F-x6yvJlg8_Z9vJXMolhwxIvKW0CMNwdUwV56yNdq9ZwniXviIJ91JojSlIBbm94y0yUWgA02ln8le3cFFIVuvyH8fYBtKYElBBPGjG92VbBlkKcPloE95BYUx83m49_fwGbGLmdiAOJi-JqC96wI_HryetOX_t0wGzREax27zMmSBD3TApGQ1oKEEFKqK0vx-sWv2iyfTJXsa3fo4OsNOk5tiHkTH9fHHDGWzhZnpWAvXeRdQ9aJeaC2r_WS0eXXINnf5LKkQ1nnTgEbTVn1ws9cGkiHWoXadJJwOXamHk9qZuXQph6PeG2G7iZEvD1EvywmrCTP7dmjIGKwUa1i-dwYcrMq0kwzhYh5UcBfI6qrzaytifI8GcgH2X6J2XbuWfRGdQgn84Q7rWiremmJV840wEFqfYlPVAm5UzPg86VGiVPm0azOh2V8Zy1QL1Uno3NNJrOc8bDj0HLK378VHJ8dCArwadEWCOQUpw09RLYLjY3vHRESWaCaB8tj8h7B6nrNhQQVksLKVkC3dP0lQMgEAjZm0ol-RXjxOCjQs_eXxNdv03AQh1Stz3PTQSu7MnqLSwAJdJovz4aVxjNQUsyhDXXHlHJSDqIKH9BUiDgWU2q6Bh6j5NDqgYvJpvfqFfG74Wk9iWpjMIvnyL5DhPNoyR1IIis_gKykg3uouWi_IvFjWdbNAsZpWRfmBR-_cmGjEQYxV2uFOfPOtGAwsQJf5zWIFSiZ283j0WhK5FoB-oBr6eXwy-bKaBSAGalsteX_N7JNHdIp_KboNH7HKfrj_8HomB0ejyQaTh4DavyZXcQRGAh59JDU-Xit80IOFWYDapFs27_XDlH1J6GP6OT4tzb3UroBOGT16tZr69zmMk1VFQKMfol-GRw9UdWPYe4VgykIqD7rVpJiRB_2IND9eb35Yjk102ZtTzB5xdoSKkGTYIWLmRnrZTcYQcJZJVpKKbAPy5n3V9hMogpTy-2Pam6GpfmHjskgGaiO12e-4pm0VelXGfL4AS9QGEB2wezf74KqEGbHI8RZ4q1exiBgW-8l5dpLTwX2LMReUCqqYIlmtkYyVJ65Rmu8a_DdgjJzOGsvxSAKhjPGDk88zjqbf9DZJPaHHinLxvP9rY2blrrUVVjfhayULmcVwVejOB8RfYF-6kwpU2sWYUhYNeBrrLWgIsoQgyWa4nakQUETEH4wpsNVgB-TXtcQtGP3Co1ocZ2V098Abiv5Nvt9Cd0PSrl-8AlyLqztOKwPdN6UEMEsIGaGHwLRJuMIJF35gvtTc9lEacCyCKz4UZClAR4pOv8c7A9TEg732PRgjpgWjFzzi0Ki8AQRXf8fiAW-M0g50ubdmPNFiUw-T4roN3-5ZsniJSYR2TAEjqMao8jj7h1mLTIRTH9UtHmqggKDoGoll0Xv4Rp6v7WvZaFPpINo6sl1aa6ZtoSOzVcsPsGbTi9yAFNYPUqEX-9PY7vDK89KBwLQLE8UMJy1n_sRJ2Ve2DajRc9QvTyrFHk1_fvwXYnIXXhOGnSUd1m8lZYm0iGP35o-YEZ30J_QGIBzR72FOZ4ijfH-aOVAlBV0AZaWbZNXZVD8ixNehrgHmaeSWYwSmah9YZnV3agkQWcxZ85ik9qOM3nkgiyw8nCFLzHIq7LvF0yoYjquAGmOLlC-S114jUTiKHIbUBBM-FhBHYme73diSvkNhJB9SFnzEOIEH6hrsWNYZLH2WuP4t6QuOEnnsx7lEdoI0881a_VnHavLRujHIMriNitLpvBKU5gfkZ2mFPfXpZwDB4LnEcUT3OeBl5tUXCbYR7s-Rnst9q6Qezz7Uf6XbAoc8AsEs0rtFWxAl_eHmwwfWmA5EEBvwYPzM96TCpta3ZN29zH1W8zb4wbgvTUmLR5CIl-VzuMryWi71sCuKnnliKAA23aQI8aC6E_gSk5pWzLkP7JgTvDPYYVSoTVsHMwl7XthXv3YQcfwW7MiVvZuizmubmgPwBTcEVHLoBl6VTp5Zb86X1x3RlaQUagTklhQp8ioN1qLW5o1dcfga9dak3zVwVd7INdYZyM9GlmyM5Ow9evKWyf2cmOshsEXHiad31UDUH8Z2Wql37vjLH_FpQ24N29d7SjxS6gJLa_XhqYmdl8tf5pTo61HY5Qqdc44EJV8tjgsLHbKnERXL9ao6b7ita1xowPVX1O_MDakcdoJeJtu3DTMdn3La1yfJIf4zvMZtx_nWjmRwP8K2HwjhPiueDnM2aVw0-9XdcoqVZ7uBxV31ystx43VCrPOGDc7bfB3OZZhAcx4MDuEBIDxHiG6W2DNQZuKouNpaAMI0a2mcR1QI7dRj0FmvjbdgujdFfwlo9hE_rTSKINID9TcVaxwk69XTTLFx_1AUPGlg9eb1UJo3SkQZ4eCFe-IeqEJ3V2G3PCqhTHX-0B2jmXcFdUYiS46XywPzARnjB1NZmv0bFj7_fpJDFGd0TJN9_0A2fwJULd3C4nO868HxUa3UU_kGDegJPnzB2wuTuXgE4z06-Hpt_EUxYMOiKwxfUXFQDzpYHbCzV7KR12dHNMjnQn1SR3CQqFl86apA5rTi5nLWw4c540w7YRpQQYI1JcPEy0P8GxX10mcDI58C1hRvVxnPL4OUIJQP9w3qy46pY1mKChJgvLx5Wb-_1ydHlNRZAx6mgX4HMn0knTgqEmApxwAK320HqBtQ9bKGEIi-hTTHeL63UZFV2OlcdN76h2Ui5S4_WrOSBD6g6CWU3gnlFIVAphBWs5xaO3YruskeXr7D4lU0Tev508qclyQKkmFb4aoWUSP5ej1UkwnqSO8BIDH2uWA_RPxsSg&cid=CAASJORoVr2b03V_QgBmygmiumF6FzNfiFJycbdElj2kA53roUxGyQ&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcc02275a0140d6780d60f3378acc1ec2b76ea528aaa30e271e6785e16a1385b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30406
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l2ezuv37&c=2130312850070464&e=31065742%2C31067068%2C21065724%2C31061691%2C31061692&ctx=1&met.3=779.jn~247.js~164.jt_1~165.jq_4~166.jd_t~164.k7~165.k6_1~326.tm_2~832.tp~868.to~216.tk_6~215.tk_6~843.tj_7~889.u1~639.ug~914.ug~326.vp~832.vp~868.vp~216.vp_2~215.vp_2~889.w6~639.w9~914.w9~629.122_4~112.133_2~429.1mf_1&met.9=1.12v~13.17z~2.1cc&qqid.1=COb2z9fer_cCFcPYhgodMAoESg&qqid.2=CL-98dfer_cCFZaIhgod_M0IMw&qqid.3=CLC_8dfer_cCFZaIhgod_M0IMw&qqid.4=CIDB8dfer_cCFZaIhgod_M0IMw&qqid.5=COfC8dfer_cCFZaIhgod_M0IMw&qqid.6=CN_E8dfer_cCFZaIhgod_M0IMw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/rum_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi-tier-1-us-east-2.connatix.com/tr/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:29 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 17:29:29 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 25 Apr 2022 17:29:29 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1613
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2F&domain=www.bleepingcomputer.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=hygefnx3aGFsMXQwV2xyeExacm5OOU16Y29hSE5iZzc2dnNNMDNzaTdLL0xJbjVXSmpzdG9kdTFaRkVGRisxV0YvMXJ1VlNhOXljQ0RHa2R4Z2p0R2djUnRmNDhHZER3VGYzc1BlbHlObDZkYnVQMVI3K3hRYmlhYWZ6Z3...
379 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hygefnx3aGFsMXQwV2xyeExacm5OOU16Y29hSE5iZzc2dnNNMDNzaTdLL0xJbjVXSmpzdG9kdTFaRkVGRisxV0YvMXJ1VlNhOXljQ0RHa2R4Z2p0R2djUnRmNDhHZER3VGYzc1BlbHlObDZkYnVQMVI3K3hRYmlhYWZ6Z3NtNzhXeUlobTNCaWhReHl6SmZDamNpcFMvcUowR28rOWVsWTI1cXlIOERyYVRwb2V2enlWdGdOamx3Z0Y4MnplbmR0cjZhWjd2cnFyQlV1V2t6ZStpNFJieDhpTU83WFp3RDhBVjhWdThadXg5bzBhZGhMcUpWR2RzVVdBQk01MTd5QWVVOHFNfA&cppv=2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
c82e579199a3cf83a19ed1fa837aa32a96177456557b59f6712d1e94cb3c6a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3808
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
location
https://mug.criteo.com/sid?cpp=hygefnx3aGFsMXQwV2xyeExacm5OOU16Y29hSE5iZzc2dnNNMDNzaTdLL0xJbjVXSmpzdG9kdTFaRkVGRisxV0YvMXJ1VlNhOXljQ0RHa2R4Z2p0R2djUnRmNDhHZER3VGYzc1BlbHlObDZkYnVQMVI3K3hRYmlhYWZ6Z3NtNzhXeUlobTNCaWhReHl6SmZDamNpcFMvcUowR28rOWVsWTI1cXlIOERyYVRwb2V2enlWdGdOamx3Z0Y4MnplbmR0cjZhWjd2cnFyQlV1V2t6ZStpNFJieDhpTU83WFp3RDhBVjhWdThadXg5bzBhZGhMcUpWR2RzVVdBQk01MTd5QWVVOHFNfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2152
content-length
509
expires
0
id
id.crwdcntrl.net/ 		154 B
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.37.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-37-99.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
68662d4522085bfc46db7b3063bdb4ef59b8a9bf4acdbc9d279c4024c3a297f9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
x-server
10.40.40.162
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ 		108 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
39513cc2f28c7740864fea656eff2f10f2e3184fce2341c1e08abfbaf0a6e77e

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 25 May 2022 17:29:29 GMT
envelope
api.rlcdn.com/api/identity/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156872/3103/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Apr 2022 17:29:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rum
dsum-sec.casalemedia.com/ Frame B1E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD65wEQ77nsARiPrtmiATAB&v=APEucNXYbGpwwxGd7YdhsttI0KVLiTFqkxu6pH2GAEyotRk106hORVbwCOXU8GcKFkoFAYa3ZXafSo-Q8Couho2qNa7Ng5MWzQ
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B1E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmbacxfUheiJLy59JDCIJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD65wEQ77nsARiPrtmiATAB&v=APEucNXYbGpwwxGd7YdhsttI0KVLiTFqkxu6pH2GAEyotRk106hORVbwCOXU8GcKFkoFAYa3ZXafSo-Q8Couho2qNa7Ng5MWzQ
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B1E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD65wEQ77nsARiPrtmiATAB&v=APEucNXYbGpwwxGd7YdhsttI0KVLiTFqkxu6pH2GAEyotRk106hORVbwCOXU8GcKFkoFAYa3ZXafSo-Q8Couho2qNa7Ng5MWzQ
Protocol
HTTP/1.1
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0d22a6b7-0d0c-4d87-b03b-d14380c430cc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B1E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD65wEQ77nsARiPrtmiATAB&v=APEucNXYbGpwwxGd7YdhsttI0KVLiTFqkxu6pH2GAEyotRk106hORVbwCOXU8GcKFkoFAYa3ZXafSo-Q8Couho2qNa7Ng5MWzQ
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:29 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ade2ae0d-2705-41e7-884e-fcce39b6095f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4078 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkpFusnftenbJcjKm5O8m1YfmWU1OnsGyDXiOFEtANl5G13uqKt2Nk5uN2Y966Gxq057Y9aqaBmGcB829U31KoAohud-1oupTPZRgO5Fe-3bxorUFJLtwas7-xsOuhDwckEWdo34UOHFaipmMaxn7jjsr6fw&dbm_d=AKAmf-BPg0YkDbAoOUcWq53JWWCjYnq2E2g0YL-XcBs2G-e4S_VRZKk2ozPi9PkaMtjwjfoLnzpl-euQ5bpd0pyEm1j5qyLegVI6NNT6kLnlcIiUsw-0VPXXPaBVyvEo1F_eczy9glmZ1DQXZsJ-p-ZX2bAT_hTHUXhAuLT7McLEOHY2jtbdg6agzlS7Ecnk9eWh0oI_nBobg9uZxiOR2MxPFeGqM2_oT0FfyGQmBjc49AvhqEvefweUmwtOVGk-L4RItYjNez55-0zJ98k68PO3A2oWBkztLlPJRy9nu4PWc2vXhrg9u0hcibJjiEl_rH0RMreJ4ETc-18l7TgCxF-q6n1vxjgBlrNqCK7fEucfhuswTqkF3It9RGQdxP9hkg7sdbgXF-_KteY92gKCcsR-M2zxCWY-9iZF_Ibi1k7MTb4Ihjlx2FdPBelCrkd7HaD9cLOwSNJPTF6qqjni2jULis9RJlf0biKzpg1bBCXdhYLZW5wiMOeUnYZ80snwB5MtkxMuozVrcZLT8Ay9Ft724flLqsFUaoq-uE1QJYT3XmDk13y7YkSSL1PhzWIRd-C2QKoauEZ0JHAfN7ClmVgG7eNBmN4Xlwigm71JrPj0MGgknulex6mzYdJyeL_8nJ3sT_DIIFyerr_wHj8d57gSwgcovmNMOdKHKSO4bXT_9UuSK3Go6yaOdUFjR2pZzQIt3smj1Oknji6IPGXaIqbR6pqnPTrPghIACDJUe6EZW429AZniDwevXg5iZnohINN-M_lswt_WKeYuZW05l9O4CAG05umbEr8qTmUmxhZbun4h_lGN3FW8BXIXVlJcZfxYdlumdrG2ApdBhEQCIliM5-7zxW3cE0QHYSUOAwnZT1Thk_SJvZGUEoGsoo9S3jS3l7VT1Rfln6AuQ7dIKv2kBphit48Aa5dHn4LlMr0SA6IiC__YCsxjAongdfYB65g4ICcuc2Jnm_NASmoWQzDxAV_axu0Gr_q5qnVdt36Xeu9ActcH1eNO69aB91le93REoNZo3bMXAmyU49Tm3d2j26EHO_N_ObL7AzKO4O8LBC1p_od5T024qG5qvMxuev0X2LFHRZOVS6nf2qEJxxpvhIw2FxrFLJ0Q6auzvTYA1f7z2fJS5EAgtverIGBg1BMnq0bVKKQ-0zMDltcX4SiZBtj-h3hIX5wBE9l9SMeAz4KFH4ZCVIbwvCWijQNSTQ1A5GY9pEsloW1TYdW5eAwiOvNYL0X0HELZJz3y3bvZo_be-X2VWACrpU6vnW7IePoOcV73HLf6pOcnKkhbaRjj8J_XVoMwU_IvpGoC0Qb6syOXw9H5Ea3R8-3L1ktIQzliHybIdx_SqP92ODJ7id_hg2yQ9mXVlZsHCofEE-9tSvha4ynB7txXGTyYgbwwDUE7iPvtTGi36t5Fu0bxZ4MPdXsN8d90p7gJw-SnXqxYcYtd5XjPhm5UO5kjj7L5MM0_L1G28fQfvYfqX1u0exVi0m0JBQORhEyyCrX_ElKlogaAF9umLE56L0P1_5ilB1kidEniGXKrs8E1_fQnjxC0f9XIXtD1qzS8-JKHkqq2cGqisk6uI2jb8BAOloNmYxDPXQXkM_pjF8eUYsVWZEEB41-OYgrmNkWiDEU5MQXysgki9zkqIFR6PqN_t4uWVxUy5VOYNBp12xvyxR0os25Bj25kiWtPvWzAOEPkSEIF45NXLynAuq7nPZ7GZ42uJ3P_6qe8WXf-CY9dVZy8ndBdAgECKdiIEk9fMI6gJ29Jr1oe-dFWIO1fLS2s2Jxr7_BmazkuNjiSF04FOu18Tv8rypwggsvIB35U_U_raJfnJEieZ2eyL-L3DfYqo0kbk9SOiGgu1efyvU8mvnmfFYrckH_ux8yrXb_Od4mrr694jq-vnJv1fPYppQSwLJeXMCJJd5hPP944woK0a-ZHPdbGZF-OVpzsAap-NgFNgz-GHFAWYwS9BB0hmhgSW4DDJtVCQApCocSI0GiQaF8Bf0yqr2JlaAChTcuex-iLcfBIQs2rcRmEiKk19iWVJ5BtvITzLL0oKUpnJNLhTjDBCcEUwhVQk3eQbevv7PIyAb3ZVl8246XCnd_LBABYaho1DMSq5aSGaLKbRkw7rtxrEDiVa6XHBMIVV9u981KKZthfxzFsif0Wheld_TmxWCEbMKTeA-BggwHD42nr5czI2jR4GzEIWhMLo-nO_Vdl2wesYPmwbdc5wDBTwwMKahq-Yon8rnCpt3fH-T2vdcg9YKk97AerpmUcjl-4sQd6TAqB-MZ1p2sw21IrdbE5HaOVvPlKYCaXU_o6tIoEwMzjxm4J5nTNnkFqsBo_9DcDDTCJJlc_yEig2623GeQu8smVjdjL3HRxO0nbLDLIhRTk5ov1mlkT-clNef16zeq0RadwZk8GyzWugcwO7yis6sBYcg3RV-P0XWP0jONsDCoXsEmReO6dqwflx5aHiWJ-PKVXx2a8ycXgWbNx_IsTihpVjm6u3La4BpyfZrtQg4Wa-SpwEtkX8B0CyVWht-MQmzixgFLOd0YdCPwv3XCHKyvBHc_-XTZqPbrjVlvxc0sHrhex37pjpLgVhMhJD0RUUx2LTVEhmjE0NU752_ZLrl8vR8doC7ll5a-4tjqvzbVOAL9x9Z48cSamVvAAlB96epMLBysW_CkyU228uQ_NNeuvV9OOReBlhZu7mBXuYxGh8yNdaKMvaqXLENAgxB_qQ0tDSCKM24Lb-1wTz2RNMi896sR-V6cqmqV0oTO4XyoWDIvP86a1f84qzB5Z42FUvN6WHczVXj_NLypj3ccIJVsElWbDVB2xoiDiTTsLHsnUjKSlIa3zP-LgJMKhpxmlDGhkOOmFdV25X-qX8rpLyVyuYWumOZoWURO6laupBAnUfLLdtyGFXTZK2gap8GiisKgk7e5g-WIIqrh17V9xGBbnFPDEjHyPvOCPwtkZ9OFxi0qVVQa21akqBQ&cid=CAASJORodj2RjjZd0Ol7nnvB-v0Un-xfc64-1_xNCxR_r8b7-c7MFw&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 04:58:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:58:18 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l2ezuvul&c=2130312850070464&e=21065724%2C31061691%2C31061692&ctx=1&met.3=112.1ug_1~210.21y_1~326.221~832.222~868.222~164.221_2~165.220_3~466.21z_3~522.21z_4~525.225_7~639.22d~914.22d~168.24v~168.24v~168.24w~168.24w~168.24w_1~168.24w_1~168.24w~168.24w~168.24x~168.24x~168.24x~168.2o6~168.2o6~168.2o6~168.2o6~168.2o6~168.2o6~168.2o6~168.2o6~168.2o6~168.2o6~168.2o6~168.2oa~168.2oa~168.2oa~168.2oa~168.2oa~168.2oa~168.2oa~168.2oa~168.2ob&met.10=1_6.IKUUEAAIlO0RGICYdSgA~1_3.IKUUEAAItMoEGICYdSgA~1_1.IKUUEIDlCAiA5QgYgJh1KAE~1_5.IKUUEAAIsJoLGICYdSgA~1_4.IKUUEAAIsJoLGICYdSgA~1_2.IKUUEJTtEQiU7REYgJh1KAE~1_1.IJEdEAAIABgAKAA~1_1.IMMdEIDlCAiA5QgYgJh1KAE~1_2.IMwgEAAIABgAKAA~1_3.IMwgEAAIABgAKAA~1_4.IMwgEAAIABgAKAA~1_5.IMwgEAAIABgAKAA~1_6.IMwgEAAIABgAKAA~1_12.IIUhEAAIlO0RGICYdSgA~1_9.IIUhEAAItMoEGICYdSgA~1_11.IIUhEAAIsJoLGICYdSgA~1_10.IIUhEAAIsJoLGICYdSgA~1_8.IIUhEJTtEQiU7REYgJh1KAE&met.9=9.0~3_1.2w5~7_1.0~9.0~3_8.395~7_8.0~7_9.0~7_10.0~7_11.0~7_12.0~4_1.3aw~5_1.3b3~6_1.3iu~4_8.45x~5_8.461~5_9.48d~5_10.49u~5_11.4as~5_12.4bn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6EC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhCb17WdAhj_04y9ATAB&v=APEucNU2klUzrO0oZmRUf2I8HD8F2XtZLnkPTexQZz17CSIOcseR46wfzzyscu_yIxo304D797eWPNv6Nt1Fo_4pVQ6Vfbg0Hw
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6EC8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmbacxfUheiJLy59JDCIJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhCb17WdAhj_04y9ATAB&v=APEucNU2klUzrO0oZmRUf2I8HD8F2XtZLnkPTexQZz17CSIOcseR46wfzzyscu_yIxo304D797eWPNv6Nt1Fo_4pVQ6Vfbg0Hw
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_b4v5Tw4ycDixG_7W-G4U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6EC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhCb17WdAhj_04y9ATAB&v=APEucNU2klUzrO0oZmRUf2I8HD8F2XtZLnkPTexQZz17CSIOcseR46wfzzyscu_yIxo304D797eWPNv6Nt1Fo_4pVQ6Vfbg0Hw
Protocol
HTTP/1.1
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
356f79cf-9f3d-48c0-9582-3e4f88e3e8a3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJa5JEPZxctzVrQ5jWbmQIg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6EC8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJbEPhCb17WdAhj_04y9ATAB&v=APEucNU2klUzrO0oZmRUf2I8HD8F2XtZLnkPTexQZz17CSIOcseR46wfzzyscu_yIxo304D797eWPNv6Nt1Fo_4pVQ6Vfbg0Hw
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:29 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d60e93b-7572-4c7b-8681-4947e56fec80
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMjExOTA5MzI4MjY2ODMwNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3612
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMew9gIQ7P3b8wEYz-yTvAEwAQ&v=APEucNWSEBuN8JX3bYxjgsOmtHlVHOfLj3UKmW6C9TzzNifsdCGnN_ClmfqNcK249Ks4wOLm47oA6dYo0xKiME6AxRjwDOlXQA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3612
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFiNzNhN2EtN2IyZC0yYTQ2LWVkYWMtMTRjNTJjMDY2YWQ1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFiNzNhN2EtN2IyZC0yYTQ2LWVkYWMtMTRjNTJjMDY2YWQ1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMew9gIQ7P3b8wEYz-yTvAEwAQ&v=APEucNWSEBuN8JX3bYxjgsOmtHlVHOfLj3UKmW6C9TzzNifsdCGnN_ClmfqNcK249Ks4wOLm47oA6dYo0xKiME6AxRjwDOlXQA
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:29:30 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFiNzNhN2EtN2IyZC0yYTQ2LWVkYWMtMTRjNTJjMDY2YWQ1
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 3612
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIykEnjm3-l2wAWYN9ksojs&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIykEnjm3-l2wAWYN9ksojs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMew9gIQ7P3b8wEYz-yTvAEwAQ&v=APEucNWSEBuN8JX3bYxjgsOmtHlVHOfLj3UKmW6C9TzzNifsdCGnN_ClmfqNcK249Ks4wOLm47oA6dYo0xKiME6AxRjwDOlXQA
Protocol
H2
Server
23.10.82.211 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-10-82-211.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 25 Apr 2022 17:29:30 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEIykEnjm3-l2wAWYN9ksojs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3612
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDJhMTNkYmMtZmY2Yi00NzQ0LTlhMTMtNjBmNWMzMjJlZjNj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDJhMTNkYmMtZmY2Yi00NzQ0LTlhMTMtNjBmNWMzMjJlZjNj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMew9gIQ7P3b8wEYz-yTvAEwAQ&v=APEucNWSEBuN8JX3bYxjgsOmtHlVHOfLj3UKmW6C9TzzNifsdCGnN_ClmfqNcK249Ks4wOLm47oA6dYo0xKiME6AxRjwDOlXQA
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NDJhMTNkYmMtZmY2Yi00NzQ0LTlhMTMtNjBmNWMzMjJlZjNj
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 25 Apr 2022 17:29:29 GMT
sync
partners.tremorhub.com/ Frame 9375
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQz9TeAhisjOPHATAB&v=APEucNXj0GUSVTcRbpJuUWgSYZMn5FBhNCAXJSIwahsN6KCjwfUK-G0tv2JfkgynK36EM550tyQ41Nh-GEIADB9GCbYTmSnM2g
Protocol
H2
Server
2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 9375
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQz9TeAhisjOPHATAB&v=APEucNXj0GUSVTcRbpJuUWgSYZMn5FBhNCAXJSIwahsN6KCjwfUK-G0tv2JfkgynK36EM550tyQ41Nh-GEIADB9GCbYTmSnM2g
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
75
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9375
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQz9TeAhisjOPHATAB&v=APEucNXj0GUSVTcRbpJuUWgSYZMn5FBhNCAXJSIwahsN6KCjwfUK-G0tv2JfkgynK36EM550tyQ41Nh-GEIADB9GCbYTmSnM2g
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:29 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
250
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 8815
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCnlAEQj8-UARjflOi8ATAB&v=APEucNV0l1QXxouiwV2CPdYXTeH2L07ZfhFsVVhCkgfbQXQkgFCRmZ-G1H_QHDaRgMAkurNO1Dzq1Ev9V-_vLQAyFuGfyetj4w
Protocol
H2
Server
2600:1f18:612b:4232:40ff:2de3:a398:119a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEKlj1ku1FprjEOazad-bCnk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 8815
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCnlAEQj8-UARjflOi8ATAB&v=APEucNV0l1QXxouiwV2CPdYXTeH2L07ZfhFsVVhCkgfbQXQkgFCRmZ-G1H_QHDaRgMAkurNO1Dzq1Ev9V-_vLQAyFuGfyetj4w
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
85
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGL63tqDF3qkm0zFgTVZ_ao&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8815
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCnlAEQj8-UARjflOi8ATAB&v=APEucNV0l1QXxouiwV2CPdYXTeH2L07ZfhFsVVhCkgfbQXQkgFCRmZ-G1H_QHDaRgMAkurNO1Dzq1Ev9V-_vLQAyFuGfyetj4w
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:29 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NDBmODI3YWYtYzRiZC0xMWVjLTgwYzEtMTQzZTFlYTgwMjAz
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
114
Connection
keep-alive
Content-Length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA41 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 04:58:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:58:18 GMT
passback_728x90.js
static.adsafeprotected.com/ Frame 4078
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/691104/54013511/xbbe/creative/adj?p=APEucNUCTSBOfFfMl-UztwXSLzrKdOEx64Nx88FzdzL4F1pBuVJKfaY&d=CokBAKAmf-AnP4yHRJR37Yot8g3NhCvB7icdaCBzfMr7n4ZvcsXSDqTV3Qb-P0iv...
  • https://static.adsafeprotected.com/passback_728x90.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_728x90.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2105:ec00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding
gzip
etag
W/"696b4c19d35efd706805137a8a4b3831"
age
496566
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:52 GMT
server
AmazonS3
date
Tue, 19 Apr 2022 23:33:25 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 076b9b2d65e3c54d9f7c44a7bccddebe.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
BOS50-C3
x-amz-cf-id
B1EpMEbdB5dUJbcU_eluvSsDVihgdEy3ksacyI-c_6qnKm3BpmYs-A==

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
x-server-name
app20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_728x90.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 934F 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2105:ec00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
12924800
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 076b9b2d65e3c54d9f7c44a7bccddebe.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
BOS50-C3
content-type
application/javascript
x-amz-cf-id
K1SgwkI-eNerZ8uiUWa5eQ1a34tPFM6_ScPHSSWecujUNcCKENOyzA==
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 688D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame 688D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:26:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 688D 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLjtrndZG1hZMDgsfTiSTke5HzJL1dI2kpSNeNgIup88eyVnMGJP06klg6sbSWwO7bY6BE02cV-iW56ZNTd143R6mzUWhGN7q8rpOSaS-CFXm1KqbDZ-TZ1UgBcfzQ4xYl8StatUdnnIbmvK-Sh73GRADngAA0DUkiOw452jbftJy4YQKjAX806hXzW7rRfgdLYlD3VP2Rwn33_wybn9j5JKDyscyTNpDa4cLgySCTs00n_TPbPkVnNzHGPYsJqtsR9qCBnFNMvD2k4D8JU_QOYW6YVAOIhJSeuITOHpNhDwGScknM7GEuTQ7oP_3u5Zf2e7RvjT0Mv8sjh54hS8U9wwUq0TL3nnYehtyDl2es0QNNkTr23Bt6y52U28A-JxJdAyx72YhqfQZdqqw2WWuNIQb8O0Gt_3OHiIad9bSMZJwSSo4JwA9Yf1roUFf1E_iPMXyTDf3fLnF28CWJzEijCpBMk6sO8ovPvvMXj4D5BpEaSW6NTh_sOXt0dDB1dyOeIyzl6EHzp-o_BkzROfU-uxhnAj1JUAKSGbiPnM-DGciH0ygxGpygXJ6hqT0DrRlvcosmMxjRpyEhVYjO9JY78oVUWIOnH7IYSwk7Q6Y40vVGw_c-daP3F8SvdueaPXI1h3W5m6tAsD7CrkdTOL_q0vYzL2LGpiJt8UE5n96rjDhaVtr0BgRNsk6bzYxdoAgCBvuK7BEqwprksiKQrewxhU212_YLvCxZYNcepezMqQVNk0IMBFoUIaVeSuJCBjmdzk_L_7fUVjuH8TVo16MNKyXh2wzE74cW_IcpiEDioe59k7lTbVETHSQz9fAfD9M1WTws2pQqlW7WJLRZK4eIBjsVf2oOUlwQhE_Da7UXectsgYMpxFIY8L0ARXp-v2L5Jt8wi3GU_Nn7w78R1ryccqs9qjcLNKZhwXJWQVbZrnuYK7FHkmH0ulAmD0gFY8wILkFD4XGLPilYp4g7i7v_NwHP_v5bte-GtJTR3PbAoxtFb-YoOkhMA4OGjeI9yPGvKQn4Q3F1aix5og6bu9uFL7Ac_rYvYpYIqc7zMnnM48fIykG-LRiaxwSrAGuhWFARBeXnZOyI6UJKw9UxRA-6z85jnCIRwe5aOBOli6UuOawNNSFF03fGVrL3SwnYdOlCJavghu6KjoyelwaxbYZFme3pEAij1S0maxh-Kzytf9Hi1n_8iV5WSwbqQpK9rXbHqMtqz_OhUBFf-ikN8rvrTKnbgXjIxAYxYewp_G5Nk7sz214AH7QF0JaVwUxNuLPkxAIdzHNprulNIXkaHg4WM_LgN9u-LvHq54XwaA&sai=AMfl-YTXi_akDFqjDGvvmwjIE1gbLwApDOVSA6wuh2xYLaxEcZRb8UBGkhpFN0GuFaNaZ1WJF0MpOKksDpZEaNkLrXLsyFOOQJunSXJX_cEgapoegyOlv6loXsBuGBn64sZzJlkLE9TTmJqvcGATfpdPcKAQVJXjua9tuCcQD1eVMJJzpt5NdVQSpZr5z_2JZjPjfPMXAfmGeH82QRD-v9mDR1Mu3GvwrCjx2SyDiilEkPZLqg&sig=Cg0ArKJSzCKXNbgBfGEsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220420.48945&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzBj3j4smVq8RtymWlqN_AkSgmWOo5p0vd5YY2TF4F_ATkqhwNmd4uo0lYsk0vIYGoT6A7Rkpz1r40KL_4gYmw0Ui-fA4cg73RjidnalktiJNU4-8QB1Kqhgn2vCCcpUaS0C7o2u1kyQTTnfyGPJfSGKLd0Q&dbm_d=AKAmf-BzBkTRgXOruffo19x0wcVu3JxCje9OJ9JX6KFAVJDL73JvpJ30fZ6alDzzVVvj6bOVc1rgjup1c3j8GNDjCnG_-jmgHbYg3D-YUlgnbYaoq2jSENEd_CTVQp8JeU4uRWzv8htdAR2DMbrxQhVTpgT3tKAq3LK6VYfxGjiWrWe1eJG6MxaBQJKRBXQb9V1EVLZX7G4k9T8WQGtbR-wxOH0Am82FnwfvyXBT9enpvxoF6AC8O-_xfrk5YfpuOJJssU9mw0fUjvCdpeKEC5TmNVh2L_QEeYFX_jkveaErdB6HqQvB7gqMxWCjGTMOcSUKRDL9xqM5kI0EuY6nWFXDvcFVWLkPKJAOLO0nDnbaXgVxouZ374YvanNddwp3KeQqGHkFRIPis5o0n0RhrRHMMHHk7HKOFE4MdXSexJ91Xn_F-x6yvJlg8_Z9vJXMolhwxIvKW0CMNwdUwV56yNdq9ZwniXviIJ91JojSlIBbm94y0yUWgA02ln8le3cFFIVuvyH8fYBtKYElBBPGjG92VbBlkKcPloE95BYUx83m49_fwGbGLmdiAOJi-JqC96wI_HryetOX_t0wGzREax27zMmSBD3TApGQ1oKEEFKqK0vx-sWv2iyfTJXsa3fo4OsNOk5tiHkTH9fHHDGWzhZnpWAvXeRdQ9aJeaC2r_WS0eXXINnf5LKkQ1nnTgEbTVn1ws9cGkiHWoXadJJwOXamHk9qZuXQph6PeG2G7iZEvD1EvywmrCTP7dmjIGKwUa1i-dwYcrMq0kwzhYh5UcBfI6qrzaytifI8GcgH2X6J2XbuWfRGdQgn84Q7rWiremmJV840wEFqfYlPVAm5UzPg86VGiVPm0azOh2V8Zy1QL1Uno3NNJrOc8bDj0HLK378VHJ8dCArwadEWCOQUpw09RLYLjY3vHRESWaCaB8tj8h7B6nrNhQQVksLKVkC3dP0lQMgEAjZm0ol-RXjxOCjQs_eXxNdv03AQh1Stz3PTQSu7MnqLSwAJdJovz4aVxjNQUsyhDXXHlHJSDqIKH9BUiDgWU2q6Bh6j5NDqgYvJpvfqFfG74Wk9iWpjMIvnyL5DhPNoyR1IIis_gKykg3uouWi_IvFjWdbNAsZpWRfmBR-_cmGjEQYxV2uFOfPOtGAwsQJf5zWIFSiZ283j0WhK5FoB-oBr6eXwy-bKaBSAGalsteX_N7JNHdIp_KboNH7HKfrj_8HomB0ejyQaTh4DavyZXcQRGAh59JDU-Xit80IOFWYDapFs27_XDlH1J6GP6OT4tzb3UroBOGT16tZr69zmMk1VFQKMfol-GRw9UdWPYe4VgykIqD7rVpJiRB_2IND9eb35Yjk102ZtTzB5xdoSKkGTYIWLmRnrZTcYQcJZJVpKKbAPy5n3V9hMogpTy-2Pam6GpfmHjskgGaiO12e-4pm0VelXGfL4AS9QGEB2wezf74KqEGbHI8RZ4q1exiBgW-8l5dpLTwX2LMReUCqqYIlmtkYyVJ65Rmu8a_DdgjJzOGsvxSAKhjPGDk88zjqbf9DZJPaHHinLxvP9rY2blrrUVVjfhayULmcVwVejOB8RfYF-6kwpU2sWYUhYNeBrrLWgIsoQgyWa4nakQUETEH4wpsNVgB-TXtcQtGP3Co1ocZ2V098Abiv5Nvt9Cd0PSrl-8AlyLqztOKwPdN6UEMEsIGaGHwLRJuMIJF35gvtTc9lEacCyCKz4UZClAR4pOv8c7A9TEg732PRgjpgWjFzzi0Ki8AQRXf8fiAW-M0g50ubdmPNFiUw-T4roN3-5ZsniJSYR2TAEjqMao8jj7h1mLTIRTH9UtHmqggKDoGoll0Xv4Rp6v7WvZaFPpINo6sl1aa6ZtoSOzVcsPsGbTi9yAFNYPUqEX-9PY7vDK89KBwLQLE8UMJy1n_sRJ2Ve2DajRc9QvTyrFHk1_fvwXYnIXXhOGnSUd1m8lZYm0iGP35o-YEZ30J_QGIBzR72FOZ4ijfH-aOVAlBV0AZaWbZNXZVD8ixNehrgHmaeSWYwSmah9YZnV3agkQWcxZ85ik9qOM3nkgiyw8nCFLzHIq7LvF0yoYjquAGmOLlC-S114jUTiKHIbUBBM-FhBHYme73diSvkNhJB9SFnzEOIEH6hrsWNYZLH2WuP4t6QuOEnnsx7lEdoI0881a_VnHavLRujHIMriNitLpvBKU5gfkZ2mFPfXpZwDB4LnEcUT3OeBl5tUXCbYR7s-Rnst9q6Qezz7Uf6XbAoc8AsEs0rtFWxAl_eHmwwfWmA5EEBvwYPzM96TCpta3ZN29zH1W8zb4wbgvTUmLR5CIl-VzuMryWi71sCuKnnliKAA23aQI8aC6E_gSk5pWzLkP7JgTvDPYYVSoTVsHMwl7XthXv3YQcfwW7MiVvZuizmubmgPwBTcEVHLoBl6VTp5Zb86X1x3RlaQUagTklhQp8ioN1qLW5o1dcfga9dak3zVwVd7INdYZyM9GlmyM5Ow9evKWyf2cmOshsEXHiad31UDUH8Z2Wql37vjLH_FpQ24N29d7SjxS6gJLa_XhqYmdl8tf5pTo61HY5Qqdc44EJV8tjgsLHbKnERXL9ao6b7ita1xowPVX1O_MDakcdoJeJtu3DTMdn3La1yfJIf4zvMZtx_nWjmRwP8K2HwjhPiueDnM2aVw0-9XdcoqVZ7uBxV31ystx43VCrPOGDc7bfB3OZZhAcx4MDuEBIDxHiG6W2DNQZuKouNpaAMI0a2mcR1QI7dRj0FmvjbdgujdFfwlo9hE_rTSKINID9TcVaxwk69XTTLFx_1AUPGlg9eb1UJo3SkQZ4eCFe-IeqEJ3V2G3PCqhTHX-0B2jmXcFdUYiS46XywPzARnjB1NZmv0bFj7_fpJDFGd0TJN9_0A2fwJULd3C4nO868HxUa3UU_kGDegJPnzB2wuTuXgE4z06-Hpt_EUxYMOiKwxfUXFQDzpYHbCzV7KR12dHNMjnQn1SR3CQqFl86apA5rTi5nLWw4c540w7YRpQQYI1JcPEy0P8GxX10mcDI58C1hRvVxnPL4OUIJQP9w3qy46pY1mKChJgvLx5Wb-_1ydHlNRZAx6mgX4HMn0knTgqEmApxwAK320HqBtQ9bKGEIi-hTTHeL63UZFV2OlcdN76h2Ui5S4_WrOSBD6g6CWU3gnlFIVAphBWs5xaO3YruskeXr7D4lU0Tev508qclyQKkmFb4aoWUSP5ej1UkwnqSO8BIDH2uWA_RPxsSg&cid=CAASJORoVr2b03V_QgBmygmiumF6FzNfiFJycbdElj2kA53roUxGyQ&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 25 Apr 2022 17:29:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 688D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 04:58:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:58:18 GMT
6187285325877433451
s0.2mdn.net/simgad/ Frame 688D 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6187285325877433451
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af9c110d8d552290d05dc661a11ec4e470777a5477ee87461487bd6fd3c0b5d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 15:52:04 GMT
x-content-type-options
nosniff
age
524245
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48744
x-xss-protection
0
last-modified
Wed, 05 Jan 2022 23:06:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Apr 2023 15:52:04 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame FD4C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:28 GMT
9347641936084381326
s0.2mdn.net/simgad/ Frame FD4C 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9347641936084381326
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4412423df08d9e421663ad6d00e47fc3192e7184d9c27fd544214981d0db7df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 05:59:13 GMT
x-content-type-options
nosniff
age
559816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92416
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 01:01:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Apr 2023 05:59:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame FD4C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:26:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FD4C 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEDQG1Ve7_EM1INIukXELk5u2ukW0lZWNeBImcMOjlC1D5N1fDUdbjfHz_j-oHwsvTemrOL6cP2KX26E-uboQGGmA-YXDFHT_BqzvScKLsaxyTyC43Gjc71TVF_04mGGkxJf9yN-DqYgXEkRwjTJS2TIPHUoq6Z_2_TA1R6F55T59gw5WWmCfpIfOyd9VayS461CtiDm5y8Q3SnytUqj1mCjIhGFzT8BTrMaUWSO6LNadLeD3B5EDqp84f6YZreEzHFvVmdx7f30vmzHfCs1zclgKm3EDIBmfpc-8tb0QRQJBnfHba5B-z6UIFRWgv8FUWf9PepxUmfb3HL6i2pus--_6pEFfj7tDyOwT62gCgjBs-TEi6T6Mm_OxxNkkQihwcmN6Einy5Ti1sdTXyQ6SmwHx9qwewGZaAC7ACYW8fAgPySFYa--PRMvQN6bCpxcHUxDL3FUzzEZgPqLQFquA6X9hDKoXUJBMx4SXFJyMLx-T1bdiA2ESRnyRKYLJun0U8qfuTPInyfksonmS1MWNJyE9dIxllMRxVaeU_RyugOLLJT6YCfXGYm_J5aPPY9caAkGyZsO-eBeYpH5-XXbixrXOX1qXP864jxLQq0WuAgqMej6eot4O7oZ7izHIKae6SA0JVricMNGWQK0S-l6umsDIu371_wP6Ck7diTd8SG5zmPDruH3JzHgWj9XAaerqH0QIVWUmSfOWbwZbjKyH1uYJUiSxkRuyCDRC2P4jlpsRWrog3GpE4GYiMrOUkHTMNYgeQOh_5yiW2VPbueWJRcJia-91PwsNVl7RWN6loE4jcvUzQmnEJFh-aFpF4rSkJh6_RB9Rzt2GovndzbC6kN_LKrGMsgugvf6SUI2okSHs5AzNzvQnA158FKnStPMTfs6wZiWNot39ypMNOfi0gySg801VL-bRbqUE5cZCDDwb1Np3z4t1q3dq34DWApGJENW0G9RzaIJUzGD7UefS8Z8Tagf4WVCc--LKJaXJrqOPJcCXBMG5YCKAR7ZSiDgM52wWEwPz8xYE_cIV81iIFIH_5n_56_Z_XHDdYxpFaSYokaxfZJwBmWa9K-iLJSF0D7SEdHREej36HvDfZOX7RhF8iDaxVOYdzCUsELLM7TqvEsAisL6qA2buYJ9Eutl1z2jzfoExUgUvM8KgSnIVDUclshXJEUSkS6MesICHLEcEz79CdN7qPtRyEFna_R5TGfypBmnZsvY3NYX6jR6veVeRtvXQ&sai=AMfl-YQ-2SOzO__pQWZF61XVS3XBRroXbe_RFuBGL5ONV9pKP1uBo-o8BoARnD-FLk3_jWTNIErOsrIJdYHNrRsZSFEeyZgdWbfKfbOwNOaOgALrqmw894GSo-qX6Ffgi5sbe4uSihMUzBg2borjVUVt9Ai3pCapmQsewO0kwlQJNfnhqiyHsF2ZwDr_ES0x59VVP1avKt9yZ7N24fatIaE7UQ&sig=Cg0ArKJSzJ1uB24x3STvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20220420.29746&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnZa1z0FwRGOIgU4XEQaWadsAdxHG-G4CaQSaYB1CboOdEyU9TAbUz-K_pr-zf2Kc2x2j6NTsEjM21FBIZJANywMLXZg&cry=1&dbm_d=AKAmf-AkuIiHF5g8IEwsTO7J9gEjEQVFhMilnsLJTIkvofZdhhdNLlQneakXCWwyr1M9Dwd9VVzTx3pegFKt17UVMAuLnhyEQIkdNgs568Xj9hz3HxYsWnPkz4uAusQ8rudnKmDhn9jtMHmTwMT-ycMcN7mCbOt44bL-3JxgudsyvCptXvWOFeBP2iS5VvHanDCYVbFSLFfO8dn6qxURX7yeD-wWd8SRetLIOM-fzwDfk35s3tlgXXnTTDj9LyuYxC-kyNEtE9Q1h8sktvSCnWaEOaCA2z10-IkO-ZFkTI_RyTKFHjlqvp--K5BMZiKp4Ar5Pz88tU0cI-3-7vd9eb-B2_j0py-fChEo2JunXUZlIHZxreDw1l5Fn8Y73-oTgFSGDsWxdwMKSE27N4T2gk2lKSojme6Gy-RGMmoQIQ4kaICJY7KLHnQO3WtfyPKUs5H4alqI39dpKESB_SmSKsBgOY156j3R5WwZUTeMco9d0FJREFuuekh7bKC_6bpapfhH25XimzC-Vw4MIb9qYEu15idoNd3btnnHY9b1wLTExu4diwdg8UyRSowQKvhaVyJ0MtA-jQliFRxKU2pHMgEOI5GJfMabPvLvb6g2pIPfCbOVf8hGtr-P7_76-pnI6fItb0Pr_zzQa_sswA5F_jfnbUy4aZ2PsZtkGDojXSIHhopCyr5y4m6pYb1LuErZh7y6J_LVRcEresnVhspJjdrfnEBtMXbbDLHajH115IDBfkw5OKpWJQfuQMI-zsuWUPyaTT47iuxI93QvWVf1QW-EyriJqIbmfdQk5GHz5rxZ8WsI7SpDJwj0g1gHI7Dao1ZHlI_nO3Wb5KPZUwq6PzbOU6OUicRfkMT0jn7uInKfz8PdNdAkRLADDu_KsvXr8LkylSb2cne-tF2WrZjwHANPKU0oOr_jrelQw5WhENh1FOiqcL4JXS1R-4tLR3ZgFkrXCKUS2H9FnOGmcJ9sWVbQiC7gXvYsn38yUchbwncVVkpvtogfzj7Tgbdo2ddqFKIl_gLdZKy8aIY_La-n0AyZN14OsJt73FGctPwoD6hJNiRy3Q6xfIQzhBGWEYX3E5j2xeUtjVE8t4U2KuwxZrKeQX3FFUi8OgilIw6_NPg7j1gtcKgn15XR1k5dZt4cuTEtkF0ykc5M0PdK5Q7Aj3ZB9pHo0wqjRKd2TmU22SeagpiYa-l-8IqTZ71R9xQi21rloc49POhCwnvkvMrr2vTrCxov8I0AFqN0emkckJgdgXsl7oFgutLbYPB8fDAID66V1ZUXUXr3DUIlGQgu6tyVNL14T6keDcGbj_E0tcOQA7sjQwvjd2NiOulz6ujLK5LjDAm1S3y3gcWNjw74alLLgdOgB08b3d5DB9yKnBtPHbTN5t3LLQp7NqjkVGZh7oxeN2Np71Aekj_pi_0NG7x9-K5PY5izoJtloTEelNDxGTdN4rIKY5jbzU2Z5p_b3HFYGNG7Ev9LR2G3El1kfEsoJtXZgBzmRZsR-FZT8uHaSqRmh-ORTE9Flwhl_ohT-WcV5LQ_obuK_Qyh2oZo8aA0Ls2x-d0MClf8GaGks3pbmCGTpeuEoru2AZTO_j5NnN-kLUqEBL2eyJ_Qv6dHS3CFKYtCaXhN5GLtxgM_wxE8tEeyv9_O9FtJmw7QkKy1dqYzqNU4ujmf6QTI2ESqGOtT0YFvJf6gqdSqVijPlBGMnxbMVYNKTXtQhIethlZ_gi9GZK6NROFN2vGvoYrJFlMcqUOgbuoq9_rpjlH1rN1N_EDz0zSpDL0GpXNzQXxQovpOsA7zYkO69C88h-t_7DFY26soEkqMvylZWdUYjTmVs1ncGltDFHk2EMbRU7K2pOZUs9yu3g-44DTu99QKXJ_aQhL4R4rY_P1UcgVVuUvkMRRwKGY7nEeag4ZX13wBzf3ZmtcCjxyE4AAZ2fPQloCn3rygG1B4FCY9ofn_75xarTNwZaeL1l6R7Q4hE_atZBCgUd_4JJFLrkaP9aaEZhEL9WeHZirXDv0MV_1AJqyCixNo918CDdqijTL1mGZ8g_5lHBKYjitVi6N05GxQuCwNBcaF7CPYHkKpB6gXzmcKnGcfF94qJ4Z1C-f13Rqpq9felRAAEf80vDO7gFbb458iqLSm3RoHZnV15YcmBlRThWGRJVEudt8RM60fwR1Q4YogqI-Q-KFzLPm8i_MLziMAUBbNknjAasPxb2pB4UzjUYETq7GiXF9Ptlgw48QCCEwYpygl4dmm62KfBmXQYUH9GJQTs7YRh1qOd0OA-j1eASJ6I1lvlbcithmZemXhjj_kkfdaUmD4ft0vLNv00i1fi1tbLcTIEeByTJeRpJPEtZq9xWMgl6qI-SIlSTMb3zf17ozBd4nL062k7_Dziy2pEEo2eyPQCyPg4-bALHGcZW_evrxAPpei8nkIhEytweUIH5gicKBr1lkCmUrpIYyADhOZmNosKSruedp3x75DuTchg4qrKT7R_F-Gl1qcHoh-KL3Kj-L0NxHv0g8dznXbh22-fgjOwFvFoH6_nWLTShxaV8LG-oS3GpLNDjDLr_ZuqgR6J2NYuPXtxdg8S0Kr_7doLMX20p49Pw3DfuugLf7CAYVvWkBSzbLw1JFlwwN313-WT_Al3KyxkqU7NrikUITpi2FhBsHibT6f5Rctia0ZlF56V0XVQrkgAuPaWhBalGLZW1qktOf8ZzlWv46qopUkWu55qzfA36tBeeRTUvogLkgZ5AICnt3GcMqJuYZt5Aj4vsAK8Gr976RH8FDFz2E1RFZ6h6vlddOGe28oC-5cd58-yaQVUQoQuW_9Nh8yD1il4dHfVTrjL3jsPF8xcfpLn_buHKKfrXLz6x1N1cacfhOrgGuOiu4IWgKbgMdr3zUl52Z6VjmqTRS452jGb5BIFDEsmJEceIKPSRRBopVW1ghUpgM25RQNREawyQf_o7bAX4oOvO0NVZOfpHRoFBZpqbO7uZJ51nxpIhKxLDC_BTlZA5FAg_PKF3NmohgOFUKAmt08wu24SNWhVPLpDhBw1KTu7u91dJsxBxFDsmuPeYhkcOpwaf45-sN2unCFj8i0brTuahrt8HBJmjayGamMItxJsJJhlgpnbVQ4qFAU9s_XPO4F5J1LcE1zlwVYqqg8WH1pqzQz7oDIzknhfv61lmqnnOcozS49lBrgTgIzUDVN02vrFNegK52StxodgFrlkXxF-5yugF9PUz4sa5xbE7vOTQ&cid=CAASJORofKz6oPGbN_cgdRywe-IgUBX0w-4Bhzana4y8vtTnc8z6DA&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 25 Apr 2022 17:29:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FD4C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 04:58:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:58:18 GMT
i
cdn.bizibly.com/ Frame FD4C 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/i?v=10214551&a=514055320&c=162061142&s=6140839&p=321449682&m=0&n=4126859855
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2A) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
last-modified
Fri, 22 Apr 2022 09:11:19 GMT
server
ECS (nyb/1D2A)
age
289091
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 68AC 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Origin
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 07:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Apr 2022 07:06:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame 68AC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:26:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 68AC 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:27:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:27:28 GMT
dvbs_src_internal102.js
cdn.doubleverify.com/ Frame EA41 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal102.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:6ab::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Mar 2022 09:23:34 GMT
Server
Microsoft-IIS/10.0
ETag
"06fa3a94e43d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18094
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ8iz,pingTime:-3,time:278,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:278,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B271~0%5D,as:%5B271~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
X-Server-Name
dt45.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ8iA,pingTime:-6,time:280,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:280,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B273~0%5D,as:%5B273~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.bleepingcomputer.com*%2C3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com*&br=c
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
X-Server-Name
dt47.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hygefnx3aGFsMXQwV2xyeExacm5OOU16Y29hSE5iZzc2dnNNMDNzaTdLL0xJbjVXSmpzdG9kdTFaRkVGRisxV0YvMXJ1VlNhOXljQ0RHa2R4Z2p0R2djUnRmNDhHZER3VGYzc1BlbHlObDZkYnVQMVI3K3hRYmlhYWZ6Z3NtNzhXeUlobTNCaWhReHl6SmZDamNpcFMvcUowR28rOWVsWTI1cXlIOERyYVRwb2V2enlWdGdOamx3Z0Y4MnplbmR0cjZhWjd2cnFyQlV1V2t6ZStpNFJieDhpTU83WFp3RDhBVjhWdThadXg5bzBhZGhMcUpWR2RzVVdBQk01MTd5QWVVOHFNfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 25 Apr 2022 17:29:29 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
3130
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ8j3,pingTime:-2,time:308,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1409,beZ:1410,mfA:1412,cmA:1414,inA:1414,inZ:1418,prA:1418,prZ:1430,si:1438,poA:1439,poZ:1462,cmZ:1462,mfZ:1462,loA:1688,loZ:1691,ltA:1716,ltZ:1716%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:308,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B301~0%5D,as:%5B301~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:277,readyFired:false%7D&br=c
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame 688D 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLjtrndZG1hZMDgsfTiSTke5HzJL1dI2kpSNeNgIup88eyVnMGJP06klg6sbSWwO7bY6BE02cV-iW56ZNTd143R6mzUWhGN7q8rpOSaS-CFXm1KqbDZ-TZ1UgBcfzQ4xYl8StatUdnnIbmvK-Sh73GRADngAA0DUkiOw452jbftJy4YQKjAX806hXzW7rRfgdLYlD3VP2Rwn33_wybn9j5JKDyscyTNpDa4cLgySCTs00n_TPbPkVnNzHGPYsJqtsR9qCBnFNMvD2k4D8JU_QOYW6YVAOIhJSeuITOHpNhDwGScknM7GEuTQ7oP_3u5Zf2e7RvjT0Mv8sjh54hS8U9wwUq0TL3nnYehtyDl2es0QNNkTr23Bt6y52U28A-JxJdAyx72YhqfQZdqqw2WWuNIQb8O0Gt_3OHiIad9bSMZJwSSo4JwA9Yf1roUFf1E_iPMXyTDf3fLnF28CWJzEijCpBMk6sO8ovPvvMXj4D5BpEaSW6NTh_sOXt0dDB1dyOeIyzl6EHzp-o_BkzROfU-uxhnAj1JUAKSGbiPnM-DGciH0ygxGpygXJ6hqT0DrRlvcosmMxjRpyEhVYjO9JY78oVUWIOnH7IYSwk7Q6Y40vVGw_c-daP3F8SvdueaPXI1h3W5m6tAsD7CrkdTOL_q0vYzL2LGpiJt8UE5n96rjDhaVtr0BgRNsk6bzYxdoAgCBvuK7BEqwprksiKQrewxhU212_YLvCxZYNcepezMqQVNk0IMBFoUIaVeSuJCBjmdzk_L_7fUVjuH8TVo16MNKyXh2wzE74cW_IcpiEDioe59k7lTbVETHSQz9fAfD9M1WTws2pQqlW7WJLRZK4eIBjsVf2oOUlwQhE_Da7UXectsgYMpxFIY8L0ARXp-v2L5Jt8wi3GU_Nn7w78R1ryccqs9qjcLNKZhwXJWQVbZrnuYK7FHkmH0ulAmD0gFY8wILkFD4XGLPilYp4g7i7v_NwHP_v5bte-GtJTR3PbAoxtFb-YoOkhMA4OGjeI9yPGvKQn4Q3F1aix5og6bu9uFL7Ac_rYvYpYIqc7zMnnM48fIykG-LRiaxwSrAGuhWFARBeXnZOyI6UJKw9UxRA-6z85jnCIRwe5aOBOli6UuOawNNSFF03fGVrL3SwnYdOlCJavghu6KjoyelwaxbYZFme3pEAij1S0maxh-Kzytf9Hi1n_8iV5WSwbqQpK9rXbHqMtqz_OhUBFf-ikN8rvrTKnbgXjIxAYxYewp_G5Nk7sz214AH7QF0JaVwUxNuLPkxAIdzHNprulNIXkaHg4WM_LgN9u-LvHq54XwaA&sai=AMfl-YTXi_akDFqjDGvvmwjIE1gbLwApDOVSA6wuh2xYLaxEcZRb8UBGkhpFN0GuFaNaZ1WJF0MpOKksDpZEaNkLrXLsyFOOQJunSXJX_cEgapoegyOlv6loXsBuGBn64sZzJlkLE9TTmJqvcGATfpdPcKAQVJXjua9tuCcQD1eVMJJzpt5NdVQSpZr5z_2JZjPjfPMXAfmGeH82QRD-v9mDR1Mu3GvwrCjx2SyDiilEkPZLqg&sig=Cg0ArKJSzCKXNbgBfGEsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=218&vt=11&dtpt=217&dett=2&cstd=0&cisv=r20220420.48945&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzBj3j4smVq8RtymWlqN_AkSgmWOo5p0vd5YY2TF4F_ATkqhwNmd4uo0lYsk0vIYGoT6A7Rkpz1r40KL_4gYmw0Ui-fA4cg73RjidnalktiJNU4-8QB1Kqhgn2vCCcpUaS0C7o2u1kyQTTnfyGPJfSGKLd0Q&dbm_d=AKAmf-BzBkTRgXOruffo19x0wcVu3JxCje9OJ9JX6KFAVJDL73JvpJ30fZ6alDzzVVvj6bOVc1rgjup1c3j8GNDjCnG_-jmgHbYg3D-YUlgnbYaoq2jSENEd_CTVQp8JeU4uRWzv8htdAR2DMbrxQhVTpgT3tKAq3LK6VYfxGjiWrWe1eJG6MxaBQJKRBXQb9V1EVLZX7G4k9T8WQGtbR-wxOH0Am82FnwfvyXBT9enpvxoF6AC8O-_xfrk5YfpuOJJssU9mw0fUjvCdpeKEC5TmNVh2L_QEeYFX_jkveaErdB6HqQvB7gqMxWCjGTMOcSUKRDL9xqM5kI0EuY6nWFXDvcFVWLkPKJAOLO0nDnbaXgVxouZ374YvanNddwp3KeQqGHkFRIPis5o0n0RhrRHMMHHk7HKOFE4MdXSexJ91Xn_F-x6yvJlg8_Z9vJXMolhwxIvKW0CMNwdUwV56yNdq9ZwniXviIJ91JojSlIBbm94y0yUWgA02ln8le3cFFIVuvyH8fYBtKYElBBPGjG92VbBlkKcPloE95BYUx83m49_fwGbGLmdiAOJi-JqC96wI_HryetOX_t0wGzREax27zMmSBD3TApGQ1oKEEFKqK0vx-sWv2iyfTJXsa3fo4OsNOk5tiHkTH9fHHDGWzhZnpWAvXeRdQ9aJeaC2r_WS0eXXINnf5LKkQ1nnTgEbTVn1ws9cGkiHWoXadJJwOXamHk9qZuXQph6PeG2G7iZEvD1EvywmrCTP7dmjIGKwUa1i-dwYcrMq0kwzhYh5UcBfI6qrzaytifI8GcgH2X6J2XbuWfRGdQgn84Q7rWiremmJV840wEFqfYlPVAm5UzPg86VGiVPm0azOh2V8Zy1QL1Uno3NNJrOc8bDj0HLK378VHJ8dCArwadEWCOQUpw09RLYLjY3vHRESWaCaB8tj8h7B6nrNhQQVksLKVkC3dP0lQMgEAjZm0ol-RXjxOCjQs_eXxNdv03AQh1Stz3PTQSu7MnqLSwAJdJovz4aVxjNQUsyhDXXHlHJSDqIKH9BUiDgWU2q6Bh6j5NDqgYvJpvfqFfG74Wk9iWpjMIvnyL5DhPNoyR1IIis_gKykg3uouWi_IvFjWdbNAsZpWRfmBR-_cmGjEQYxV2uFOfPOtGAwsQJf5zWIFSiZ283j0WhK5FoB-oBr6eXwy-bKaBSAGalsteX_N7JNHdIp_KboNH7HKfrj_8HomB0ejyQaTh4DavyZXcQRGAh59JDU-Xit80IOFWYDapFs27_XDlH1J6GP6OT4tzb3UroBOGT16tZr69zmMk1VFQKMfol-GRw9UdWPYe4VgykIqD7rVpJiRB_2IND9eb35Yjk102ZtTzB5xdoSKkGTYIWLmRnrZTcYQcJZJVpKKbAPy5n3V9hMogpTy-2Pam6GpfmHjskgGaiO12e-4pm0VelXGfL4AS9QGEB2wezf74KqEGbHI8RZ4q1exiBgW-8l5dpLTwX2LMReUCqqYIlmtkYyVJ65Rmu8a_DdgjJzOGsvxSAKhjPGDk88zjqbf9DZJPaHHinLxvP9rY2blrrUVVjfhayULmcVwVejOB8RfYF-6kwpU2sWYUhYNeBrrLWgIsoQgyWa4nakQUETEH4wpsNVgB-TXtcQtGP3Co1ocZ2V098Abiv5Nvt9Cd0PSrl-8AlyLqztOKwPdN6UEMEsIGaGHwLRJuMIJF35gvtTc9lEacCyCKz4UZClAR4pOv8c7A9TEg732PRgjpgWjFzzi0Ki8AQRXf8fiAW-M0g50ubdmPNFiUw-T4roN3-5ZsniJSYR2TAEjqMao8jj7h1mLTIRTH9UtHmqggKDoGoll0Xv4Rp6v7WvZaFPpINo6sl1aa6ZtoSOzVcsPsGbTi9yAFNYPUqEX-9PY7vDK89KBwLQLE8UMJy1n_sRJ2Ve2DajRc9QvTyrFHk1_fvwXYnIXXhOGnSUd1m8lZYm0iGP35o-YEZ30J_QGIBzR72FOZ4ijfH-aOVAlBV0AZaWbZNXZVD8ixNehrgHmaeSWYwSmah9YZnV3agkQWcxZ85ik9qOM3nkgiyw8nCFLzHIq7LvF0yoYjquAGmOLlC-S114jUTiKHIbUBBM-FhBHYme73diSvkNhJB9SFnzEOIEH6hrsWNYZLH2WuP4t6QuOEnnsx7lEdoI0881a_VnHavLRujHIMriNitLpvBKU5gfkZ2mFPfXpZwDB4LnEcUT3OeBl5tUXCbYR7s-Rnst9q6Qezz7Uf6XbAoc8AsEs0rtFWxAl_eHmwwfWmA5EEBvwYPzM96TCpta3ZN29zH1W8zb4wbgvTUmLR5CIl-VzuMryWi71sCuKnnliKAA23aQI8aC6E_gSk5pWzLkP7JgTvDPYYVSoTVsHMwl7XthXv3YQcfwW7MiVvZuizmubmgPwBTcEVHLoBl6VTp5Zb86X1x3RlaQUagTklhQp8ioN1qLW5o1dcfga9dak3zVwVd7INdYZyM9GlmyM5Ow9evKWyf2cmOshsEXHiad31UDUH8Z2Wql37vjLH_FpQ24N29d7SjxS6gJLa_XhqYmdl8tf5pTo61HY5Qqdc44EJV8tjgsLHbKnERXL9ao6b7ita1xowPVX1O_MDakcdoJeJtu3DTMdn3La1yfJIf4zvMZtx_nWjmRwP8K2HwjhPiueDnM2aVw0-9XdcoqVZ7uBxV31ystx43VCrPOGDc7bfB3OZZhAcx4MDuEBIDxHiG6W2DNQZuKouNpaAMI0a2mcR1QI7dRj0FmvjbdgujdFfwlo9hE_rTSKINID9TcVaxwk69XTTLFx_1AUPGlg9eb1UJo3SkQZ4eCFe-IeqEJ3V2G3PCqhTHX-0B2jmXcFdUYiS46XywPzARnjB1NZmv0bFj7_fpJDFGd0TJN9_0A2fwJULd3C4nO868HxUa3UU_kGDegJPnzB2wuTuXgE4z06-Hpt_EUxYMOiKwxfUXFQDzpYHbCzV7KR12dHNMjnQn1SR3CQqFl86apA5rTi5nLWw4c540w7YRpQQYI1JcPEy0P8GxX10mcDI58C1hRvVxnPL4OUIJQP9w3qy46pY1mKChJgvLx5Wb-_1ydHlNRZAx6mgX4HMn0knTgqEmApxwAK320HqBtQ9bKGEIi-hTTHeL63UZFV2OlcdN76h2Ui5S4_WrOSBD6g6CWU3gnlFIVAphBWs5xaO3YruskeXr7D4lU0Tev508qclyQKkmFb4aoWUSP5ej1UkwnqSO8BIDH2uWA_RPxsSg&cid=CAASJORoVr2b03V_QgBmygmiumF6FzNfiFJycbdElj2kA53roUxGyQ&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame FD4C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEDQG1Ve7_EM1INIukXELk5u2ukW0lZWNeBImcMOjlC1D5N1fDUdbjfHz_j-oHwsvTemrOL6cP2KX26E-uboQGGmA-YXDFHT_BqzvScKLsaxyTyC43Gjc71TVF_04mGGkxJf9yN-DqYgXEkRwjTJS2TIPHUoq6Z_2_TA1R6F55T59gw5WWmCfpIfOyd9VayS461CtiDm5y8Q3SnytUqj1mCjIhGFzT8BTrMaUWSO6LNadLeD3B5EDqp84f6YZreEzHFvVmdx7f30vmzHfCs1zclgKm3EDIBmfpc-8tb0QRQJBnfHba5B-z6UIFRWgv8FUWf9PepxUmfb3HL6i2pus--_6pEFfj7tDyOwT62gCgjBs-TEi6T6Mm_OxxNkkQihwcmN6Einy5Ti1sdTXyQ6SmwHx9qwewGZaAC7ACYW8fAgPySFYa--PRMvQN6bCpxcHUxDL3FUzzEZgPqLQFquA6X9hDKoXUJBMx4SXFJyMLx-T1bdiA2ESRnyRKYLJun0U8qfuTPInyfksonmS1MWNJyE9dIxllMRxVaeU_RyugOLLJT6YCfXGYm_J5aPPY9caAkGyZsO-eBeYpH5-XXbixrXOX1qXP864jxLQq0WuAgqMej6eot4O7oZ7izHIKae6SA0JVricMNGWQK0S-l6umsDIu371_wP6Ck7diTd8SG5zmPDruH3JzHgWj9XAaerqH0QIVWUmSfOWbwZbjKyH1uYJUiSxkRuyCDRC2P4jlpsRWrog3GpE4GYiMrOUkHTMNYgeQOh_5yiW2VPbueWJRcJia-91PwsNVl7RWN6loE4jcvUzQmnEJFh-aFpF4rSkJh6_RB9Rzt2GovndzbC6kN_LKrGMsgugvf6SUI2okSHs5AzNzvQnA158FKnStPMTfs6wZiWNot39ypMNOfi0gySg801VL-bRbqUE5cZCDDwb1Np3z4t1q3dq34DWApGJENW0G9RzaIJUzGD7UefS8Z8Tagf4WVCc--LKJaXJrqOPJcCXBMG5YCKAR7ZSiDgM52wWEwPz8xYE_cIV81iIFIH_5n_56_Z_XHDdYxpFaSYokaxfZJwBmWa9K-iLJSF0D7SEdHREej36HvDfZOX7RhF8iDaxVOYdzCUsELLM7TqvEsAisL6qA2buYJ9Eutl1z2jzfoExUgUvM8KgSnIVDUclshXJEUSkS6MesICHLEcEz79CdN7qPtRyEFna_R5TGfypBmnZsvY3NYX6jR6veVeRtvXQ&sai=AMfl-YQ-2SOzO__pQWZF61XVS3XBRroXbe_RFuBGL5ONV9pKP1uBo-o8BoARnD-FLk3_jWTNIErOsrIJdYHNrRsZSFEeyZgdWbfKfbOwNOaOgALrqmw894GSo-qX6Ffgi5sbe4uSihMUzBg2borjVUVt9Ai3pCapmQsewO0kwlQJNfnhqiyHsF2ZwDr_ES0x59VVP1avKt9yZ7N24fatIaE7UQ&sig=Cg0ArKJSzJ1uB24x3STvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&vt=11&dtpt=178&dett=2&cstd=1&cisv=r20220420.29746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnZa1z0FwRGOIgU4XEQaWadsAdxHG-G4CaQSaYB1CboOdEyU9TAbUz-K_pr-zf2Kc2x2j6NTsEjM21FBIZJANywMLXZg&cry=1&dbm_d=AKAmf-AkuIiHF5g8IEwsTO7J9gEjEQVFhMilnsLJTIkvofZdhhdNLlQneakXCWwyr1M9Dwd9VVzTx3pegFKt17UVMAuLnhyEQIkdNgs568Xj9hz3HxYsWnPkz4uAusQ8rudnKmDhn9jtMHmTwMT-ycMcN7mCbOt44bL-3JxgudsyvCptXvWOFeBP2iS5VvHanDCYVbFSLFfO8dn6qxURX7yeD-wWd8SRetLIOM-fzwDfk35s3tlgXXnTTDj9LyuYxC-kyNEtE9Q1h8sktvSCnWaEOaCA2z10-IkO-ZFkTI_RyTKFHjlqvp--K5BMZiKp4Ar5Pz88tU0cI-3-7vd9eb-B2_j0py-fChEo2JunXUZlIHZxreDw1l5Fn8Y73-oTgFSGDsWxdwMKSE27N4T2gk2lKSojme6Gy-RGMmoQIQ4kaICJY7KLHnQO3WtfyPKUs5H4alqI39dpKESB_SmSKsBgOY156j3R5WwZUTeMco9d0FJREFuuekh7bKC_6bpapfhH25XimzC-Vw4MIb9qYEu15idoNd3btnnHY9b1wLTExu4diwdg8UyRSowQKvhaVyJ0MtA-jQliFRxKU2pHMgEOI5GJfMabPvLvb6g2pIPfCbOVf8hGtr-P7_76-pnI6fItb0Pr_zzQa_sswA5F_jfnbUy4aZ2PsZtkGDojXSIHhopCyr5y4m6pYb1LuErZh7y6J_LVRcEresnVhspJjdrfnEBtMXbbDLHajH115IDBfkw5OKpWJQfuQMI-zsuWUPyaTT47iuxI93QvWVf1QW-EyriJqIbmfdQk5GHz5rxZ8WsI7SpDJwj0g1gHI7Dao1ZHlI_nO3Wb5KPZUwq6PzbOU6OUicRfkMT0jn7uInKfz8PdNdAkRLADDu_KsvXr8LkylSb2cne-tF2WrZjwHANPKU0oOr_jrelQw5WhENh1FOiqcL4JXS1R-4tLR3ZgFkrXCKUS2H9FnOGmcJ9sWVbQiC7gXvYsn38yUchbwncVVkpvtogfzj7Tgbdo2ddqFKIl_gLdZKy8aIY_La-n0AyZN14OsJt73FGctPwoD6hJNiRy3Q6xfIQzhBGWEYX3E5j2xeUtjVE8t4U2KuwxZrKeQX3FFUi8OgilIw6_NPg7j1gtcKgn15XR1k5dZt4cuTEtkF0ykc5M0PdK5Q7Aj3ZB9pHo0wqjRKd2TmU22SeagpiYa-l-8IqTZ71R9xQi21rloc49POhCwnvkvMrr2vTrCxov8I0AFqN0emkckJgdgXsl7oFgutLbYPB8fDAID66V1ZUXUXr3DUIlGQgu6tyVNL14T6keDcGbj_E0tcOQA7sjQwvjd2NiOulz6ujLK5LjDAm1S3y3gcWNjw74alLLgdOgB08b3d5DB9yKnBtPHbTN5t3LLQp7NqjkVGZh7oxeN2Np71Aekj_pi_0NG7x9-K5PY5izoJtloTEelNDxGTdN4rIKY5jbzU2Z5p_b3HFYGNG7Ev9LR2G3El1kfEsoJtXZgBzmRZsR-FZT8uHaSqRmh-ORTE9Flwhl_ohT-WcV5LQ_obuK_Qyh2oZo8aA0Ls2x-d0MClf8GaGks3pbmCGTpeuEoru2AZTO_j5NnN-kLUqEBL2eyJ_Qv6dHS3CFKYtCaXhN5GLtxgM_wxE8tEeyv9_O9FtJmw7QkKy1dqYzqNU4ujmf6QTI2ESqGOtT0YFvJf6gqdSqVijPlBGMnxbMVYNKTXtQhIethlZ_gi9GZK6NROFN2vGvoYrJFlMcqUOgbuoq9_rpjlH1rN1N_EDz0zSpDL0GpXNzQXxQovpOsA7zYkO69C88h-t_7DFY26soEkqMvylZWdUYjTmVs1ncGltDFHk2EMbRU7K2pOZUs9yu3g-44DTu99QKXJ_aQhL4R4rY_P1UcgVVuUvkMRRwKGY7nEeag4ZX13wBzf3ZmtcCjxyE4AAZ2fPQloCn3rygG1B4FCY9ofn_75xarTNwZaeL1l6R7Q4hE_atZBCgUd_4JJFLrkaP9aaEZhEL9WeHZirXDv0MV_1AJqyCixNo918CDdqijTL1mGZ8g_5lHBKYjitVi6N05GxQuCwNBcaF7CPYHkKpB6gXzmcKnGcfF94qJ4Z1C-f13Rqpq9felRAAEf80vDO7gFbb458iqLSm3RoHZnV15YcmBlRThWGRJVEudt8RM60fwR1Q4YogqI-Q-KFzLPm8i_MLziMAUBbNknjAasPxb2pB4UzjUYETq7GiXF9Ptlgw48QCCEwYpygl4dmm62KfBmXQYUH9GJQTs7YRh1qOd0OA-j1eASJ6I1lvlbcithmZemXhjj_kkfdaUmD4ft0vLNv00i1fi1tbLcTIEeByTJeRpJPEtZq9xWMgl6qI-SIlSTMb3zf17ozBd4nL062k7_Dziy2pEEo2eyPQCyPg4-bALHGcZW_evrxAPpei8nkIhEytweUIH5gicKBr1lkCmUrpIYyADhOZmNosKSruedp3x75DuTchg4qrKT7R_F-Gl1qcHoh-KL3Kj-L0NxHv0g8dznXbh22-fgjOwFvFoH6_nWLTShxaV8LG-oS3GpLNDjDLr_ZuqgR6J2NYuPXtxdg8S0Kr_7doLMX20p49Pw3DfuugLf7CAYVvWkBSzbLw1JFlwwN313-WT_Al3KyxkqU7NrikUITpi2FhBsHibT6f5Rctia0ZlF56V0XVQrkgAuPaWhBalGLZW1qktOf8ZzlWv46qopUkWu55qzfA36tBeeRTUvogLkgZ5AICnt3GcMqJuYZt5Aj4vsAK8Gr976RH8FDFz2E1RFZ6h6vlddOGe28oC-5cd58-yaQVUQoQuW_9Nh8yD1il4dHfVTrjL3jsPF8xcfpLn_buHKKfrXLz6x1N1cacfhOrgGuOiu4IWgKbgMdr3zUl52Z6VjmqTRS452jGb5BIFDEsmJEceIKPSRRBopVW1ghUpgM25RQNREawyQf_o7bAX4oOvO0NVZOfpHRoFBZpqbO7uZJ51nxpIhKxLDC_BTlZA5FAg_PKF3NmohgOFUKAmt08wu24SNWhVPLpDhBw1KTu7u91dJsxBxFDsmuPeYhkcOpwaf45-sN2unCFj8i0brTuahrt8HBJmjayGamMItxJsJJhlgpnbVQ4qFAU9s_XPO4F5J1LcE1zlwVYqqg8WH1pqzQz7oDIzknhfv61lmqnnOcozS49lBrgTgIzUDVN02vrFNegK52StxodgFrlkXxF-5yugF9PUz4sa5xbE7vOTQ&cid=CAASJORofKz6oPGbN_cgdRywe-IgUBX0w-4Bhzana4y8vtTnc8z6DA&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5012 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
45071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 04:58:19 GMT
expires
Tue, 25 Apr 2023 04:58:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DE21 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
45071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 04:58:19 GMT
expires
Tue, 25 Apr 2023 04:58:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F5DA 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Tue, 26 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame EA41 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_103803941214&jsTagObjCallback=__tagObject_callback_103803941214&num=6&ctx=971108&cmp=26826172&plc=322545941&sid=6522286&advid=&adsrv=&unit=728x90&isdvvid=&uid=103803941214&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=100&bridua=3&dup=null&ppid=103&auevent=ABAjH0gvfusGwKHnL507XcCEh4Ll&aucmp=16564276280&aucrtv=396569087&auorder=27325299&ausite=101267032151&auxch=1&pltfrm=1&aufilter1=1024534&autt=1&c1=1024534&turl=https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=23&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=150&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTaub%60e___d3g2%60346b626e%60h6db_3g2ac5%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTau2%3E2K%40%3F%5CH63%5CD6CG%3A46D%5C7%3AI6D%5C4%40%3FE2%3A%3F6C%5C6D42A6%5C%3A%3F%5C%3D%408cD96%3D%3D%5C9%40E7%3AITau&dvp_exetime=6.10&aubndl=&callbackName=__verify_callback_103803941214
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.76 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb106.doubleverify.com
Software
/
Resource Hash
7d406befe770b52900f737754c24218637a738e98970d10f28faa4a2fcf4b7bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Expires
04/24/2022 17:29:30
truncated
/ Frame 688D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1be9525d54584ad7d18e97fe4837c469458410c1d9c1595292f1ec295ac42100

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6B15 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Tue, 26 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 4078 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2105:ec00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id
4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
via
1.1 076b9b2d65e3c54d9f7c44a7bccddebe.cloudfront.net (CloudFront)
etag
"b1464a7201f691a1e4cf6fc057919d7f"
age
22447
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10216
last-modified
Fri, 18 Feb 2022 23:29:13 GMT
server
AmazonS3
date
Mon, 25 Apr 2022 11:15:24 GMT
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
BOS50-C3
accept-ranges
bytes
x-amz-cf-id
AOb8b-uziqcA34SXVI54K5VrrX-mgkZ1rz7E3XG8SHXjjapTU4UIcQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F98C 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Tue, 26 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4078 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd0e97247dd5ea660af2dd36179d36d63bf90f37ce572eb9853ca7d38a31df1e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FD4C 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8780fff8a66122d3e377033787e9a4e4fba9c25c18ad466a4f8bc6672196d8aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 32F5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
45071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 04:58:19 GMT
expires
Tue, 25 Apr 2023 04:58:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1812 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
45071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 04:58:19 GMT
expires
Tue, 25 Apr 2023 04:58:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 68AC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 04:58:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:58:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F633 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Tue, 26 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvtp_src.js
cdn.doubleverify.com/ Frame 68AC 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:6ab::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
88ecb1865e99ee036b2333c744e0ee18f182b3fc70df2dc80ea85789e15f0bf2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Apr 2022 12:23:44 GMT
Server
Microsoft-IIS/10.0
ETag
"08a423d657d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
index.html
s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/ Frame 25A3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d965d9a4916b618f2c896f8cde9184b351a39abc94e32284fa1c259b49bee47b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
353382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2337
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 15:19:48 GMT
expires
Fri, 21 Apr 2023 15:19:48 GMT
last-modified
Thu, 07 Apr 2022 17:06:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 68AC 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHqb_xtXcyRmn655qhB2KMDPr_XhqrujtatwIAkpGgI3ixg5sATR6z5Pg-10LWpbmTdczQLD-m8Zejc1z7Xzph5Bdal8ARa9I36FVt90QtcJ91OiWN6dcww-JCI1sX8AMTlu3j8L9P8jgwzZY7cukSbceNuGHtY0e4ZOmPwU_bnzyLBsGsTullCeaooFnduuhHOlBeWWXZRgIqKv1g4jr9IZXhqvaIiwXlmbG6pzoDHZppxeZrMgi961vldT2IpBEQr2XmXY_sqFCB3yQH3KXECqKYWfbks5YvYG6LCQU1WWCYUeYE26EbIrgH66_l0mEjXkHBWInBfG-cR2x1zVAR4PwQic0uTh3rQCaWZSxw3c9vPaiF73E19lsR7KmvUZOlpLI-iBUS420QQix7rkqLZDy8Rol60jEyQzajo9inrk8jsCF_L0CTwMTl8YogFmOeH0EiGhP0gSYTIoyMKdGbFXIm0jWlvmen3q_XdROoHNU75cLfBIhixJFjJRhpM0B0G4kjTpo9VWLE70T51TwnPMn2yjtGwB7LHpdrmj5cmz0ug3TPenjQzCJBpiFSNYYGrc6U5N2umAaVGoyuXa2aHYa1QOvUAoWeAnKp3yelZ6iMakjbDRFImF5xZqmL3Mjo5B3RW9sn3_logelz4LKNrEHGa3u79qzwl_sBCMY-UNh2Cjfik0Ipekhn8fONSqZf6cVuAJdh4CmTTBGhsZatMcY0SsO9lz-SqnX6Pbj-OOaDh0iqNrKeYDXg7A-PPYheWXbxG6xs7nAmv9DznV46dZF_lJC0CFdWXbFE_6ka-POm9t_3lVeFWEM0hmtXY4yxLKLV1CCJVpCJHus_Qa5oGBHVcT1Sos5p-kmJtrvKwDNVBnLTVtNhkAh7UqOvcCt5oO94T2io6tOo1EbzyMS5XTAf7ilnkHLfEA0c10TkJxkJ_Sf3ZXqo9RR11Md9DRAyxC3GOO-T0ep163y32SSLmPb2VIANGG719EjZI6UzRA6E_0I78lI8PpuX7QmmnkB1yMYuWlqSaZA_3aNr62z-hLUsj9T3vBfhJ6QOQOxuFmRdDAea59IKWNWFlLPPFdCDkrdrdWl1uvvch0AiynkejLK37gHzrFVsQcMvA67i7vgKvbdwfwle_rpL386uwg4dkMwwhC5hNNgPZhhRaxfmeriGRYl59a6KlVYx7kRaWNQiiJ33-wDBoSMNd5XSKhx6YqzAcVRT_AHP52G_6ZHI7LP5GOoo_MvniMK7dFovLEjy&sai=AMfl-YT-fg7ae0OiG1FsC3mq8k7Xqy7OfsbHO2FZL3pgE9shHeHOCyw3TaOmocJQQgm-ey_lpPAy_sJJdcZDDciSIHmhJTB8Ow6FV9t_1aTzULnZzyv1MCZLzjgV9K_x1mfZML6MLyJMeMYrjmaslBjgFN2ZnEE3vtOy68Uv4clufNQ7Ew0N7p3NnhFLZTk4-e-w6pV5fOfk9pw4KhzmrNWPJg&sig=Cg0ArKJSzLwiSyqaqGX4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=339&cbvp=1&cstd=332&cisv=r20220420.84088&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 25 Apr 2022 17:29:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 68AC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
029dd963e7a50049720a3145f756c61fd860648447101977c9145d7ebe5fd9d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame F5DA
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPKUpAM9LOHfYouGF7zCN_qxxoj5jPdesu2sEiVmM0VFSmISVU5swQ...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKUpAM9LOHfYouGF7zCN_qxxoj5jPdesu2sEiVmM0VFSmISVU5swQLkn6_dw-tfrWc7tQhczG6JPl8lLhKojpSS33pcaFFk&google_hm=T1BBI1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKUpAM9LOHfYouGF7zCN_qxxoj5jPdesu2sEiVmM0VFSmISVU5swQLkn6_dw-tfrWc7tQhczG6JPl8lLhKojpSS33pcaFFk&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKUpAM9LOHfYouGF7zCN_qxxoj5jPdesu2sEiVmM0VFSmISVU5swQLkn6_dw-tfrWc7tQhczG6JPl8lLhKojpSS33pcaFFk&google_hm=T1BBI1N2LJmuFC6kyWxlEw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5DA
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEOk3Wv9ioh8o3VaAMpqh0lY&google_cver=1&google_push=AYg5qPKo31RtT_LgVLYjtL49ctQ2EL6LWTCWTlVnrto-bcEut1CcPkMr68vbvpLiSbe1JwTRApdKS5Wbn...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKo31RtT_LgVLYjtL49ctQ2EL6LWTCWTlVnrto-bcEut1CcPkMr68vbvpLiSbe1JwTRApdKS5Wbnhb8_BA7IM2XUOhsitZA&google_hm=MTA1OTc2MDMyND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKo31RtT_LgVLYjtL49ctQ2EL6LWTCWTlVnrto-bcEut1CcPkMr68vbvpLiSbe1JwTRApdKS5Wbnhb8_BA7IM2XUOhsitZA&google_hm=MTA1OTc2MDMyNDQ3NjIxNjQ5NzU
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKo31RtT_LgVLYjtL49ctQ2EL6LWTCWTlVnrto-bcEut1CcPkMr68vbvpLiSbe1JwTRApdKS5Wbnhb8_BA7IM2XUOhsitZA&google_hm=MTA1OTc2MDMyNDQ3NjIxNjQ5NzU
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5DA
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPIfqVzoXsyK3ipwHJKRq7IJXQXmmR2MqskrMCjs0N0d5h5hvevzWBtFAGqBveX_SDD41Y1xFsbD0v68_Jx_hONhSVmeGh2D
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfqVzoXsyK3ipwHJKRq7IJXQXmmR2MqskrMCjs0N0d5h5hvevzWBtFAGqBveX_SDD41Y1xFsbD0v68_Jx_hONhSVmeGh2D&google_hm=Io5jjBvczcweOALLNf2eDw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfqVzoXsyK3ipwHJKRq7IJXQXmmR2MqskrMCjs0N0d5h5hvevzWBtFAGqBveX_SDD41Y1xFsbD0v68_Jx_hONhSVmeGh2D&google_hm=Io5jjBvczcweOALLNf2eDw==
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfqVzoXsyK3ipwHJKRq7IJXQXmmR2MqskrMCjs0N0d5h5hvevzWBtFAGqBveX_SDD41Y1xFsbD0v68_Jx_hONhSVmeGh2D&google_hm=Io5jjBvczcweOALLNf2eDw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
ku0rqpud8gk2juq5hhu7f4p4p3fvceja
pixel
cm.g.doubleclick.net/ Frame F5DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEB2ywMX0khGdT_hz_B2uH_Y&google_cver=1&google_push=AYg5qPKMDn2_SVQavN233-_xlWsEISjQCHGL2yPjaTMCZslb4bzr6QP9sskm1k-52stiWd1Ah2iZMJ-...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F5DA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqo...
0
0
pixel
cm.g.doubleclick.net/ Frame F5DA
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOkyWvzkZhngW9ZpDwWZWlU&google_cver=1&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca6...
0
0
googleredir
googlecm.hit.gemius.pl/ Frame F5DA 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame F5DA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IM9I1imL31PsAgiS7CUVf8kAuu2j_iQvNj6cXBblammR-O1-TTw5quLw31eflmijLIBiPV7g
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6B15
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPK40YeWzSlPjaKRzmTMsIqJA4BUAaCuzKFp-XcmG4vXw80w9yDkvL...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPK40YeWzSlPjaKRzmTMsIqJA4BUAaCuzKFp-XcmG4vXw80w9yDkvLxOLLvv0RF4itEQI-PpfUY58hScPvIwD7vAtswnMRU1&google_hm=T1BBI1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPK40YeWzSlPjaKRzmTMsIqJA4BUAaCuzKFp-XcmG4vXw80w9yDkvLxOLLvv0RF4itEQI-PpfUY58hScPvIwD7vAtswnMRU1&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPK40YeWzSlPjaKRzmTMsIqJA4BUAaCuzKFp-XcmG4vXw80w9yDkvLxOLLvv0RF4itEQI-PpfUY58hScPvIwD7vAtswnMRU1&google_hm=T1BBI1N2LJmuFC6kyWxlEw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B15
Redirect Chain
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESED_8OFqnjAr13ZiCvgzbIBM&google_cver=1&google_push=AYg5qPL5ZkTPwzF-5USDm7qCOLkOVTMvN_rBMoOG1QApYLwvja8KGxoAthO8DxOwkKyRkVIYkCAfYpEY7X9Ld2d...
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aGdDc2E-zjlMOdKUX_itJ4&tap=gAds&google_gid=CAESED_8OFqnjAr13ZiCvgzbIBM&google_cver=1&google_push=AYg5qPL5ZkTPwzF-5USDm7qCOLkOVTMvN_rB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aGdDc2E-zjlMOdKUX_itJ4&tap=gAds&google_gid=CAESED_8OFqnjAr13ZiCvgzbIBM&google_cver=1&google_push=AYg5qPL5ZkTPwzF-5USDm7qCOLkOVTMvN_rBMoOG1QApYLwvja8KGxoAthO8DxOwkKyRkVIYkCAfYpEY7X9Ld2dRBrpLH6Yg7eTl
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=7884000; includeSubDomains
via
HTTP/2.0 odnd
last-modified
Thu, 14 Apr 2022 22:06:05 GMT
date
Mon, 25 Apr 2022 17:29:30 GMT
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=aGdDc2E-zjlMOdKUX_itJ4&tap=gAds&google_gid=CAESED_8OFqnjAr13ZiCvgzbIBM&google_cver=1&google_push=AYg5qPL5ZkTPwzF-5USDm7qCOLkOVTMvN_rBMoOG1QApYLwvja8KGxoAthO8DxOwkKyRkVIYkCAfYpEY7X9Ld2dRBrpLH6Yg7eTl
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-tb
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B15
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECzWvMMOWQBBubCmOkc0kOw&google_push=AYg5qPKA534n7A4dMlcsDXq4S_skxsc5nL7b90LHfAv4h8pa2csCjlSW91TR5KYWN66c7l6Y8VKEqQoYZ1vECieDfANOdwy...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPKA534n7A4dMlcsDXq4S_skxsc5nL7b90LHfAv4h8pa2csCjlSW91TR5KYWN66c7l6Y8VKEqQoYZ1vECieDfANOdwyr1UkF&google_hm=MTA2MDMwMjE2MzY3Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPKA534n7A4dMlcsDXq4S_skxsc5nL7b90LHfAv4h8pa2csCjlSW91TR5KYWN66c7l6Y8VKEqQoYZ1vECieDfANOdwyr1UkF&google_hm=MTA2MDMwMjE2MzY3NjY4MTY0NTY
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPKA534n7A4dMlcsDXq4S_skxsc5nL7b90LHfAv4h8pa2csCjlSW91TR5KYWN66c7l6Y8VKEqQoYZ1vECieDfANOdwyr1UkF&google_hm=MTA2MDMwMjE2MzY3NjY4MTY0NTY
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B15
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEOk3Wv9ioh8o3VaAMpqh0lY&google_cver=1&google_push=AYg5qPKrek7Y5YamHwFWnylJTgTEB0Pbn-Yht0EIcI4MRjA8m1mQgGUl1R76yVvaCVOyAdr1RQIzL15n2...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKrek7Y5YamHwFWnylJTgTEB0Pbn-Yht0EIcI4MRjA8m1mQgGUl1R76yVvaCVOyAdr1RQIzL15n2adv0s3oZDIWy24FpauU&google_hm=MTA2MDM2NTQ5NT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKrek7Y5YamHwFWnylJTgTEB0Pbn-Yht0EIcI4MRjA8m1mQgGUl1R76yVvaCVOyAdr1RQIzL15n2adv0s3oZDIWy24FpauU&google_hm=MTA2MDM2NTQ5NTUzNzYwNTQ2NTM
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPKrek7Y5YamHwFWnylJTgTEB0Pbn-Yht0EIcI4MRjA8m1mQgGUl1R76yVvaCVOyAdr1RQIzL15n2adv0s3oZDIWy24FpauU&google_hm=MTA2MDM2NTQ5NTUzNzYwNTQ2NTM
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B15
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPL7CsKh5TxwdDY7UX4joLA0yUWgKOAkcvh9wR2L2Y3S5PdWfHco9cHmLdKFSuIuiAr8VUwSRXk93QMv03zWr5UNwfFRdb2k
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL7CsKh5TxwdDY7UX4joLA0yUWgKOAkcvh9wR2L2Y3S5PdWfHco9cHmLdKFSuIuiAr8VUwSRXk93QMv03zWr5UNwfFRdb2k&google_hm=Io5jjBvczcweOALLNf2eDw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL7CsKh5TxwdDY7UX4joLA0yUWgKOAkcvh9wR2L2Y3S5PdWfHco9cHmLdKFSuIuiAr8VUwSRXk93QMv03zWr5UNwfFRdb2k&google_hm=Io5jjBvczcweOALLNf2eDw==
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL7CsKh5TxwdDY7UX4joLA0yUWgKOAkcvh9wR2L2Y3S5PdWfHco9cHmLdKFSuIuiAr8VUwSRXk93QMv03zWr5UNwfFRdb2k&google_hm=Io5jjBvczcweOALLNf2eDw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
r4822v3g8pju2tike88cb7rraculg8aa
pixel
cm.g.doubleclick.net/ Frame 6B15
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdsGV2EEReX-JdyRxYpH5KdfC3unh3UPE9_7dFaDJZ0UV35JzAHqXBH9tj5n30p7zOpyGsVhM0msbQ-xniTJ_5rfBRiy-K
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdsGV2EEReX-JdyRxYpH5KdfC3unh3UPE9_7dFaDJZ0UV35JzAHqXBH9tj5n30p7zOpyGsVhM0msbQ-xniTJ_5rfBRiy-K
date
Mon, 25 Apr 2022 17:29:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6B15
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6B15 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYtqQfjq-pXX7g2xJeh0ExHmq2eHReB46B6LMzMRDvUnvW5wSC7oWSx7i2oEDnN1IvoqGh
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dcmads.js
www.googletagservices.com/dcm/ Frame EA41 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
49d1c8e6a88421c8f0838de8662543baffe0b859e80bfc8035ae5471e14f91bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9364
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 19:59:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 25 Apr 2022 18:16:47 GMT
pixel
cm.g.doubleclick.net/ Frame F98C
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLMLZwK3RGGnBmeFmLacf_a1EKAHvm5KdJrcfo...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1iYWVnQUFBT3I0dHlSSQ&google_push=AYg5qPLMLZwK3RGGnBmeFmLacf_a1EKAHvm5KdJrcfoPOhViLGEclFAmAzH2sEo-EGaUTgnF66hHdcVAuo_MfKyLSWL8Uqt4gl8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1iYWVnQUFBT3I0dHlSSQ&google_push=AYg5qPLMLZwK3RGGnBmeFmLacf_a1EKAHvm5KdJrcfoPOhViLGEclFAmAzH2sEo-EGaUTgnF66hHdcVAuo_MfKyLSWL8Uqt4gl8
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1iYWVnQUFBT3I0dHlSSQ&google_push=AYg5qPLMLZwK3RGGnBmeFmLacf_a1EKAHvm5KdJrcfoPOhViLGEclFAmAzH2sEo-EGaUTgnF66hHdcVAuo_MfKyLSWL8Uqt4gl8
Date
Mon, 25 Apr 2022 17:29:30 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame F98C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHIxtuwuSFLoL7lcPy5Fj58&google_push=AYg5qPJEGfoxl4SUlI6KZ5VE6I6zHBiyIqZ2VsQ_duHOL02up7UhEnR0dc...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHIxtuwuSFLoL7lcPy5Fj58&google_push=AYg5qPJEGfoxl4SUlI6KZ5VE6I6zHBiyIqZ2VsQ_duHOL02up7UhEnR0dcYFUKMfCSmGDgUofW9inkVVZwb8cX08ceD8s44cnOaL
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1650907770.479763,VS0,VE7598
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHIxtuwuSFLoL7lcPy5Fj58&google_push=AYg5qPJEGfoxl4SUlI6KZ5VE6I6zHBiyIqZ2VsQ_duHOL02up7UhEnR0dcYFUKMfCSmGDgUofW9inkVVZwb8cX08ceD8s44cnOaL
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame F98C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIY-q9kX4S38Ap6TQ5vVeYI&google_cver=1&google_push=AYg5qPL3GX0t6UK72d_0VL6cP7ByPOYBydy_S8e2CWRpMjT-mDSutlhurEXWIgBy4tixuPWwD71VSSC...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tu5kQtpPT2W6E6utJRW_w2Jm2nY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tu5kQtpPT2W6E6utJRW_w2Jm2nY
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tu5kQtpPT2W6E6utJRW_w2Jm2nY
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame F98C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZh...
0
0
pixel
cm.g.doubleclick.net/ Frame F98C
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECsIJ_xGJ0aObg-W6NjcJFY&google_cver=1&google_push=AYg5qPK6ArBhJuoH4e-Yr6DIGiaLz5-MffEFcEOQhqThgsRIJ3P84_uzThsYGpNXu4PgTnBgpb2KGPcZsKwXWAa6...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6ArBhJuoH4e-Yr6DIGiaLz5-MffEFcEOQhqThgsRIJ3P84_uzThsYGpNXu4PgTnBgpb2KGPcZsKwXWAa6IenzKQRofXo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6ArBhJuoH4e-Yr6DIGiaLz5-MffEFcEOQhqThgsRIJ3P84_uzThsYGpNXu4PgTnBgpb2KGPcZsKwXWAa6IenzKQRofXo
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK6ArBhJuoH4e-Yr6DIGiaLz5-MffEFcEOQhqThgsRIJ3P84_uzThsYGpNXu4PgTnBgpb2KGPcZsKwXWAa6IenzKQRofXo
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
gGHa2C_HWU6mXQFA4IZYjFq8nCxReYbjN02hwmyF_jdDQPg7z9YckQ==
pixel
cm.g.doubleclick.net/ Frame F98C
Redirect Chain
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEK-ougINWnh8zeWD00SPJeI&google_cver=1&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrU...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESEK-ougINWnh8zeWD00SPJeI%26google_cver%3D1%26google_push%3DAYg5qPKr_4lLRngDXiuWDosG...
  • https://rtb2-useast.torchad.com/sync?adkuid=A7722154196437862207&exchange=309&google_gid=CAESEK-ougINWnh8zeWD00SPJeI&google_cver=1&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2Ix...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6...
0
0
dot.gif
s0.2mdn.net/ Frame F98C 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEIEWE3bxa44CrDo27u4F5HM&google_cver=1&google_push=AYg5qPLhfCtfqO36RPfTNoW-xSyQiQH7cgmzDaXWCEBMaLr6asaNJrhvMv4MRc8pSzdY4bZf4cFmSAqqfDNwZkZC94bHR5QWdEghYg
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Apr 2022 17:29:30 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F98C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdqknoEAtDUUgX2tAWbTr-9TG_sVvgUqA-U0Tz5S20-O-prlqP_Vb5HNJTdbsAr1LjubvhkQ
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
pagead2.googlesyndication.com/bg/ Frame 5012 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
7766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:20:04 GMT
JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
pagead2.googlesyndication.com/bg/ Frame DE21 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
7766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:20:04 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 25A3 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:9000::684a:4118 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 25 Apr 2022 17:44:30 GMT
index.js
s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/ Frame 25A3 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.js?1620702327149
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81ff26da747e8c6b833f7ae3549dd378044fbbd05a72b4def3d5115f92a0c79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 15:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353382
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13122
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 17:06:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Apr 2023 15:19:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1979 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
45071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 04:58:19 GMT
expires
Tue, 25 Apr 2023 04:58:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ8pq,pingTime:-10,time:703,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1650907770504%7C%7C58425d47be91b11fdb4ba2b8d3fdc6bc%7C%7C09af53e829b1687c5db16483617c3ced%7C%7Cc9a7d808dced4c4e737bba79615b9943%7C%7Ca5da4a5343e7cb8322c0bd19f6c32ad9%7C%7C44ff51b079ebafba51edb8a805180183%7C%7C066389b45f2389fa5cd5c6525399e9d4%7C%7C9eaccc67a3db4f80eae2b17fa4f5e9f7%7C%7C1629390669,im:%7Bpci:%7Btdr:583%7D%7D%7D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:30 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 4078 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
860
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
pixel
cm.g.doubleclick.net/ Frame F633
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPKU-sPAFFh8NImUh0UJYxXEI0ZsB8v6OYtqhyqBRgElFtP9aksJyp...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKU-sPAFFh8NImUh0UJYxXEI0ZsB8v6OYtqhyqBRgElFtP9aksJypl7qoCsYOYw4S27Qifvpaa_8B8QQUWeBq5RpaxFitlE&google_hm=T1BBI1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKU-sPAFFh8NImUh0UJYxXEI0ZsB8v6OYtqhyqBRgElFtP9aksJypl7qoCsYOYw4S27Qifvpaa_8B8QQUWeBq5RpaxFitlE&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPKU-sPAFFh8NImUh0UJYxXEI0ZsB8v6OYtqhyqBRgElFtP9aksJypl7qoCsYOYw4S27Qifvpaa_8B8QQUWeBq5RpaxFitlE&google_hm=T1BBI1N2LJmuFC6kyWxlEw
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F633
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLUFFpa_WQH4clmy9Zf1LmYCG2u9EKclswjJx0FWsfXPm6Ws8QLfTxKXTDcO3Qi1N6Z6M8tizIvaLgC5jjqXhRr9RsTWgtr&google_gid=CAESEFGhn27Xw8wiqWV92VMTrEs&goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2lOMHR4VlduN0tfcHY4azdhLUNDbTBSVWx5Nk5LYm10c1c2NUVaN0tlcw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2lOMHR4VlduN0tfcHY4azdhLUNDbTBSVWx5Nk5LYm10c1c2NUVaN0tlcw==&google_push
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU2lOMHR4VlduN0tfcHY4azdhLUNDbTBSVWx5Nk5LYm10c1c2NUVaN0tlcw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F633
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPJBNzB8vy5EJXHge0kBF68pkiGOS0TG6clDDr_2LedLGtDGVsTF_YvI-2oZVDONCY-uNsTCVr4ed3yhRSDUjI2jUSQm-sqt
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJBNzB8vy5EJXHge0kBF68pkiGOS0TG6clDDr_2LedLGtDGVsTF_YvI-2oZVDONCY-uNsTCVr4ed3yhRSDUjI2jUSQm-sqt&google_hm=Io5jjBvczcweOALLNf2eDw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJBNzB8vy5EJXHge0kBF68pkiGOS0TG6clDDr_2LedLGtDGVsTF_YvI-2oZVDONCY-uNsTCVr4ed3yhRSDUjI2jUSQm-sqt&google_hm=Io5jjBvczcweOALLNf2eDw==
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:29 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJBNzB8vy5EJXHge0kBF68pkiGOS0TG6clDDr_2LedLGtDGVsTF_YvI-2oZVDONCY-uNsTCVr4ed3yhRSDUjI2jUSQm-sqt&google_hm=Io5jjBvczcweOALLNf2eDw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
eij9o2orkdj1vk51tvbnjlipkl0p458u
pixel
cm.g.doubleclick.net/ Frame F633
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLnnscUYdnHpmjnUB1JbLWeNEeSGDbiH8H4QYh94r8RyXfQAdGG4FEiT5gU4TynN98HRLvpJ0xOPJJfDdxZ-11RJ4tMrFE-
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLnnscUYdnHpmjnUB1JbLWeNEeSGDbiH8H4QYh94r8RyXfQAdGG4FEiT5gU4TynN98HRLvpJ0xOPJJfDdxZ-11RJ4tMrFE-
date
Mon, 25 Apr 2022 17:29:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F633
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEB2ywMX0khGdT_hz_B2uH_Y&google_cver=1&google_push=AYg5qPLqvtuVakuF05X6cjAYV1tETLVPp9P7rRsWnfTgUrVGGfFjVE15Sv4870CmEoxQdE_LPaTa7uv...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F633
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7...
0
0
pixel
cm.g.doubleclick.net/ Frame F633
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOkyWvzkZhngW9ZpDwWZWlU&google_cver=1&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca6...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame F633 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvFJj8p8WTdJPTFeEJ9MPpYslvjDkKXFAHfzyjqh3kdkCMNulfeFPvrtY73pYlSQhTNmQ6
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
pagead2.googlesyndication.com/bg/ Frame 32F5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
7766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:20:04 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 688D 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
860
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
pagead2.googlesyndication.com/bg/ Frame 1812 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
7766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:20:04 GMT
dv-measurements2647.js
cdn.doubleverify.com/ Frame 2B67 		528 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2647.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:6ab::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c8fb613e744b0671bcbc5e2e90ef912e8d16156a8c3a7238d0aca385ee974815

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Apr 2022 10:32:51 GMT
Server
Microsoft-IIS/10.0
ETag
"80cb24a6c657d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99800
impl_v87.js
www.googletagservices.com/dcm/ Frame EA41 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v87.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
sffe /
Resource Hash
3973ab8afde6b69e3fa7e9e264f517ded9707a4ad1f22056ca1a3f02af81dae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 11:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21434
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:19:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 11:16:46 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame FD4C 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
860
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
B9689862.280630144;dc_ver=87.255;sz=728x90;u_sd=1;dc_adk=496764943;ord=xbn66q;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame EA41 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=87.255;sz=728x90;u_sd=1;dc_adk=496764943;ord=xbn66q;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.bleepingcomputer.com%2F$0;xdt=1;crlt=u_HhCy0bg);stc=1;chaa=1;sttr=141;prcl=s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f6.1e100.net
Software
cafe /
Resource Hash
8994b3523abac2d9ac6725557d280d8cd613fa384f5a679d2ea45e97b41c69f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26173
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
pagead2.googlesyndication.com/bg/ Frame 1979 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 15:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
7766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 15:20:04 GMT
csi
csi.gstatic.com/ Frame 4078 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezv0i2&chm=1&c=2130312850070464&ctx=2&qqid=CL-98dfer_cCFZaIhgod_M0IMw&met.4=fb.a~lb.1fz~cmrload.1lt~ol.1lu~idt.-d1~dt.-1h2&met.3=374.1g2~749.1jt_2~740.1lp~735.1lz_1~113.1s3_3~112.1s2_4&met.1=1.l2ezuyq1~14.6~15.0~16.6~17.6~18.6~19.7~20.7~21.7~22.1h5~23.1h5&met.7=CCgQBRgBIAsoCzA1OCtoDHA1eMAEgAGUAogB8ASwAQG4AQM~CCgQChgBIAwoDDBDODdoDXBCeM1VgAGhU4gB_G-wAQG4AQM~CBsQCiANOJEB~CB4QChgBIA4oDjAjOBVoD3AiePsMgAHPCogBsRWwAQG4AQM~CCoQChgBIA4oDjBeOFA~CBwQChgBIA4oDjAkOBZoEHAjeLU0gAGJMogBz3WwAQG4AQM~CBsQBhgBIA4oDjA2OCg~CBwQBhgBIA8oDzBfOFFoEHBfeNYCgAEqiAEqsAEBuAED~CCcQChgBINUKKNUKMPMKOB5o1Qpw6Qp4k3mAAed2iAGKxQKwAQG4AQM~CBsQCiCfCziVAg~CBsQBiCYDThw~CBsQBiCbDTht~CBsQBiC1DThU~CCcQBRgBIMUNKMUNMNoNOBZoxg1w2g1490OAActBiAHqsgGwAQG4AQM~CBsQBiC_DjgY~CBwQBRgBIMEOKMEOMNYOOBVowg5w1Q54gAiAAdQFiAGWCbABAbgBAw~CBsQBiDFEDgd~CCgQChgBIMoQKMoQMOgQOB1oyxBw5RB4gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Mainimage.jpg
s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/ Frame 25A3 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/Mainimage.jpg?1620702327097
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d318e49d152df9586ed6c78b8c6fbc6b49b438bd9c34fb1b8a15b95d4a608e74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 15:19:48 GMT
x-content-type-options
nosniff
age
353382
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20013
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 17:06:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Apr 2023 15:19:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 68AC 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHqb_xtXcyRmn655qhB2KMDPr_XhqrujtatwIAkpGgI3ixg5sATR6z5Pg-10LWpbmTdczQLD-m8Zejc1z7Xzph5Bdal8ARa9I36FVt90QtcJ91OiWN6dcww-JCI1sX8AMTlu3j8L9P8jgwzZY7cukSbceNuGHtY0e4ZOmPwU_bnzyLBsGsTullCeaooFnduuhHOlBeWWXZRgIqKv1g4jr9IZXhqvaIiwXlmbG6pzoDHZppxeZrMgi961vldT2IpBEQr2XmXY_sqFCB3yQH3KXECqKYWfbks5YvYG6LCQU1WWCYUeYE26EbIrgH66_l0mEjXkHBWInBfG-cR2x1zVAR4PwQic0uTh3rQCaWZSxw3c9vPaiF73E19lsR7KmvUZOlpLI-iBUS420QQix7rkqLZDy8Rol60jEyQzajo9inrk8jsCF_L0CTwMTl8YogFmOeH0EiGhP0gSYTIoyMKdGbFXIm0jWlvmen3q_XdROoHNU75cLfBIhixJFjJRhpM0B0G4kjTpo9VWLE70T51TwnPMn2yjtGwB7LHpdrmj5cmz0ug3TPenjQzCJBpiFSNYYGrc6U5N2umAaVGoyuXa2aHYa1QOvUAoWeAnKp3yelZ6iMakjbDRFImF5xZqmL3Mjo5B3RW9sn3_logelz4LKNrEHGa3u79qzwl_sBCMY-UNh2Cjfik0Ipekhn8fONSqZf6cVuAJdh4CmTTBGhsZatMcY0SsO9lz-SqnX6Pbj-OOaDh0iqNrKeYDXg7A-PPYheWXbxG6xs7nAmv9DznV46dZF_lJC0CFdWXbFE_6ka-POm9t_3lVeFWEM0hmtXY4yxLKLV1CCJVpCJHus_Qa5oGBHVcT1Sos5p-kmJtrvKwDNVBnLTVtNhkAh7UqOvcCt5oO94T2io6tOo1EbzyMS5XTAf7ilnkHLfEA0c10TkJxkJ_Sf3ZXqo9RR11Md9DRAyxC3GOO-T0ep163y32SSLmPb2VIANGG719EjZI6UzRA6E_0I78lI8PpuX7QmmnkB1yMYuWlqSaZA_3aNr62z-hLUsj9T3vBfhJ6QOQOxuFmRdDAea59IKWNWFlLPPFdCDkrdrdWl1uvvch0AiynkejLK37gHzrFVsQcMvA67i7vgKvbdwfwle_rpL386uwg4dkMwwhC5hNNgPZhhRaxfmeriGRYl59a6KlVYx7kRaWNQiiJ33-wDBoSMNd5XSKhx6YqzAcVRT_AHP52G_6ZHI7LP5GOoo_MvniMK7dFovLEjy&sai=AMfl-YT-fg7ae0OiG1FsC3mq8k7Xqy7OfsbHO2FZL3pgE9shHeHOCyw3TaOmocJQQgm-ey_lpPAy_sJJdcZDDciSIHmhJTB8Ow6FV9t_1aTzULnZzyv1MCZLzjgV9K_x1mfZML6MLyJMeMYrjmaslBjgFN2ZnEE3vtOy68Uv4clufNQ7Ew0N7p3NnhFLZTk4-e-w6pV5fOfk9pw4KhzmrNWPJg&sig=Cg0ArKJSzLwiSyqaqGX4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=734&vt=11&dtpt=395&dett=3&cstd=332&cisv=r20220420.84088&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
visit.js
tps.doubleverify.com/ Frame 2B67 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=254&ttfrms=42&brid=3&brver=100.0.4896.127&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTaub%60e___d3g2%60346b626e%60h6db_3g2ac5%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2510&ddur=21&uid=1650907770848382&jsCallback=dvCallback_1650907770848151&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.127%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2647&tgjsver=2647&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=23&brh=2&sdf=2&dvp_epl=257&noc=4&ctx=24733349&cmp=27602787&sid=5679057&plc=333737434&crt=169455557&btreg=525528609&btadsrv=doubleclick&adsrv=1&advid=9598779&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=1829033768.897143&dvp_tukv=85938511665.14772&dvp_uuid=2797975246.8292994&dvp_strhd=1.2000007629394531&dvpx_strhd=1.2000007629394531&dvp_tuid=251951314663
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
ea3dca34d8ca8cf75a445df4b7baeced097c0f3fcded922a70d7802d92de02b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:31 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
04/24/2022 17:29:31
csi
csi.gstatic.com/ Frame 688D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezv0ju&chm=1&c=2130312850070464&ctx=2&qqid=CN_E8dfer_cCFZaIhgod_M0IMw&met.4=fb.1ce~lb.1qx~cmrload.1yc~ol.20n~idt.g~dt.-13l&met.3=735.1ud_1~740.1v9_1~374.1xc~113.27b_1~112.27a_2&met.1=1.l2ezuyck~6.0~7.0~8.0~9.0~10.0~12.1~13.k~14.l~15.19~16.1u3~17.1u3~18.1u3~19.20l~20.20l~21.20n&met.7=CBsQCBgBMBU4txRoAXAUeNAagAGkGIgBzi-wAQG4AQM~CBsQCiBBOCw~CBsQCiBBODA~CBwQBhgBIEEoQTCCBTjBBGiyBHCABXjWAoABKogBKrABAbgBAw~CB4QChgBIEEoQTDjDTiiDWjPDXDjDXj7DIABzwqIAbEVsAEBuAED~CCoQChgBIEEoQTDhATifAQ~CBwQChgBIEIoQjBXOBVoQ3BWeLU0gAGJMogBz3WwAQG4AQM~CBsQBhgBIEIoQjD3DTi1DQ~CCgQBRgBINANKNANMPkNOClo0Q1w-A14qQSAAf0BiAHiA7ABAbgBAw~CCgQChgBIPcNKPcNMMUOOE5o-A1wvg548u8BgAHG7QGIAaHeA7ABAbgBAw~CAkQChgBIMAPKMAPMNQPOBVowA9w0w943U6AAbFMiAGQyAGwAQG4AQM~CBwQChgBIMEPKMEPMNUPOBRowg9w1Q94gxuAAdcYiAGeP7ABAbgBAw~CCIQARgBIMQPKMQPMLcQOHRAxQ9IxQ9QxQ9Y-A9g2g9o-A9wtxB4rAKwAQG4AQM~CCcQChgBIMUPKMUPMNsPOBZoxQ9w2Q94k3mAAed2iAGKxQKwAQG4AQM~CCkQBhgBIMUPKMUPMJkQOFRAxQ9Ixg9Qxg9Y8A9gxg9o8A9wgxB4lP8CgAHo_AKIAej8ArABAbgBAw~CCIQARgBIJ0RKJ0RMJoSOH1QnhFYxhFgnhFoxhFwmRJ4rAKwAQG4AQM~CBwQBRgBIMcRKMcRMNwROBVoyBFw3BF4gAiAAdQFiAGWCbABAbgBAw~CCcQBRgBIOoSKOoSMIATOBZo6xJw_xJ490OAActBiAHqsgGwAQG4AQM~CCgQChgBINwUKNwUMPkUOB1o3RRw9RR4gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame FD4C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezv0l5&chm=1&c=2130312850070464&ctx=2&qqid=CIDB8dfer_cCFZaIhgod_M0IMw&met.4=fb.xh~lb.1uk~cmrload.204~ol.238~idt.25~dt.-11w&met.3=735.1x5_1~740.1x6~374.1z6~113.2aa_1~112.2a9_3&met.1=1.l2ezuyav~6.0~7.0~8.0~9.0~10.0~12.1~13.k~14.l~15.2d~16.1wa~17.1wa~18.1wb~19.235~20.235~21.238&met.7=CBsQCBgBMBU4lBVoAXAUeNAagAGkGIgBzi-wAQG4AQM~CBsQCiB5OCI~CBsQCiB6OCc~CBwQBhgBIHooejDABTjGBGjvBHDABXjWAoABKogBKrABAbgBAw~CCoQChgBIHooejCLAjiRAQ~CB4QChgBIHooejDKCTjQCGi2CXDJCXj7DIABzwqIAbEVsAEBuAED~CBwQChgBIHooejCQATgVaHxwjwF4tTSAAYkyiAHPdbABAbgBAw~CBsQBhgBIHsoezDcCTjhCA~CCgQBRgBILYJKLYJMN8JOClouAlw3gl40wSAAacCiAGABbABAbgBAw~CCgQChgBIN4JKN4JMKIKOERo4AlwnQp4iOMBgAHc4AGIAYngA7ABAbgBAw~CAkQChgBIKMQKKMQMLkQOBZopBBwuBB43U6AAbFMiAGQyAGwAQG4AQM~CCkQBhgBIKQQKKQQMPsQOFdorRBw1xB4rNQFgAGA0gWIAYDSBbABAbgBAw~CBwQChgBIKYQKKYQMLsQOBVophBwuhB4gxuAAdcYiAGeP7ABAbgBAw~CCIQARgBIKgQKKgQMPgQOFBotRBw9BB4rAKwAQG4AQM~CCcQChgBIKkQKKkQML8QOBZoqhBwvRB4k3mAAed2iAGKxQKwAQG4AQM~CBsQBiCqEDhq~CCIQARgBINsRKNsRMNsSOIEBaIMScNkSeKwCsAEBuAED~CBwQBRgBIMISKMISMNsSOBloxxJw2xJ4gAiAAdQFiAGWCbABAbgBAw~CCcQBRgBILUTKLUTMMsTOBVotxNwyhN490OAActBiAHqsgGwAQG4AQM~CCgQChgBIMUVKMUVMNsVOBZoxRVw2hV4gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
phone1.png
s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/ Frame 25A3 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/phone1.png?1620702327097
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e04f2f9ba5dddde3c0b488168ace17767e7029dabb391989db718c65380a71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7682372068712644608/SOC_Use%20Case_Ad3_Direction2_300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 15:19:48 GMT
x-content-type-options
nosniff
age
353382
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55708
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 17:06:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Apr 2023 15:19:48 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame EA41 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Origin
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 07:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 26 Apr 2022 07:06:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220421/r20110914/elements/html/ Frame EA41 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220421/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 May 2022 17:19:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D882 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
45072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 04:58:19 GMT
expires
Tue, 25 Apr 2023 04:58:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dv-measurements2650.js
cdn.doubleverify.com/ Frame 85F2 		528 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2650.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:7000:6ab::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
167a9f1f53485f47bf94204ef9e24a585ae47b9237b5a8a943ef9c2cbb0a27e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:31 GMT
Content-Encoding
gzip
Last-Modified
Sun, 24 Apr 2022 15:20:52 GMT
Server
Microsoft-IIS/10.0
ETag
"0226ce2ee57d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99799
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7C33 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 16:21:02 GMT
etag
48472445140208031
expires
Tue, 26 Apr 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EA41 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2eed4ed555f8199c696b4001a8427804d89b6c47e699d02df9c40c0e9937b525

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/ Frame 8796 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f38b53e5a0e4e3db80ae5bc1afa619d1b74a95a60f45cc291d8e4993cb979952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
270042
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1803
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 14:28:49 GMT
expires
Sat, 22 Apr 2023 14:28:49 GMT
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EA41 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSJb1oHYCKlF7Ci_YU7EOokJk_sP52C65UxygaMplU89HMputTIB2iS4r5w4z69WWnFkW6xQDfBWcrnCxbIJdquWnMRDGHgiKl-AenDV00QSYc4C4eChLdiOT_RO_bK-NFnQhWtNDpHGyzB0OHE_i_ZodMRLI2Zw&sig=Cg0ArKJSzJK57PlZjEQ2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=268&cbvp=1&cstd=260&cisv=r20220421.51062&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
visit.js
tps.doubleverify.com/ Frame 85F2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=256&ttfrms=34&brid=3&brver=100.0.4896.127&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTaub%60e___d3g2%60346b626e%60h6db_3g2ac5%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTau2%3E2K%40%3F%5CH63%5CD6CG%3A46D%5C7%3AI6D%5C4%40%3FE2%3A%3F6C%5C6D42A6%5C%3A%3F%5C%3D%408cD96%3D%3D%5C9%40E7%3AITau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1650907771406937&jsCallback=dvCallback_1650907771406698&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.127%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2650&tgjsver=2650&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=23&brh=2&sdf=2&dvp_epl=463&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/&c1=1024534&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0gvfusGwKHnL507XcCEh4Ll&aucmp=16564276280&aucrtv=396569087&auorder=27325299&ausite=101267032151&auxch=1&pltfrm=1&aufilter1=1024534&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=62577989992.89868&dvp_tukv=18527211697.209957&dvp_uuid=20160060452.711052&dvp_strhd=0.3999977111816406&dvpx_strhd=0.3999977111816406&dvp_tuid=830886876892
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
0b1e8715cc524b1b8ae7e90fcc4fa9e68c257a9e6d60fb501d7125408a3d8064

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:31 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
04/24/2022 17:29:31
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ8FJ,pingTime:1,time:1714,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D,%7Bpiv:100,vs:i,r:,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1089,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B618~0%5D,as:%5B618~728.90%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1089~100%5D,as:%5B1089~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:145,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:31 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ8FK,pingTime:1,time:1715,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D,%7Bpiv:100,vs:i,r:,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1090,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B618~0%5D,as:%5B618~728.90%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1090~100%5D,as:%5B1090~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:145,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:31 GMT
X-Server-Name
dt45.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 68AC 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
861
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
pixel
cm.g.doubleclick.net/ Frame 7C33
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELvrPsqs2llYOtlRhH45P4&google_cver=1&google_push=AYg5qPIisArPl4-Zc6eo00lCNbmng5sAlzP4l2JSEdcg39CCyMF19rKlL3...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPIisArPl4-Zc6eo00lCNbmng5sAlzP4l2JSEdcg39CCyMF19rKlL3r8HK7IGn8cU8_XZSUj9oMePWTeUOWDe3eAY61IHgzWRw&google_hm=T1BB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPIisArPl4-Zc6eo00lCNbmng5sAlzP4l2JSEdcg39CCyMF19rKlL3r8HK7IGn8cU8_XZSUj9oMePWTeUOWDe3eAY61IHgzWRw&google_hm=T1BBI1N2LJmuFC6kyWxlEw
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AYg5qPIisArPl4-Zc6eo00lCNbmng5sAlzP4l2JSEdcg39CCyMF19rKlL3r8HK7IGn8cU8_XZSUj9oMePWTeUOWDe3eAY61IHgzWRw&google_hm=T1BBI1N2LJmuFC6kyWxlEw
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C33
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJ5hSS57UMjSImNjYlQBLXY&google_cver=1&google_push=AYg5qPI2QCGonZ2voU7kckH4y3vBeaNYBUSlWM5QvtXbsTzGA66f3Y2KAssYMAS4edy4oO4EgOCAHQJSApU7p3xaVdYlfsF-bhID
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI2QCGonZ2voU7kckH4y3vBeaNYBUSlWM5QvtXbsTzGA66f3Y2KAssYMAS4edy4oO4EgOCAHQJSApU7p3xaVdYlfsF-bhID&google_hm=Q0FFU0VKNWhTUzU3VU1qU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI2QCGonZ2voU7kckH4y3vBeaNYBUSlWM5QvtXbsTzGA66f3Y2KAssYMAS4edy4oO4EgOCAHQJSApU7p3xaVdYlfsF-bhID&google_hm=Q0FFU0VKNWhTUzU3VU1qU0ltTmpZbFFCTFhZ
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:30 GMT
via
1.1 b7a66b6616123855c5af2d7cdf2b099e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI2QCGonZ2voU7kckH4y3vBeaNYBUSlWM5QvtXbsTzGA66f3Y2KAssYMAS4edy4oO4EgOCAHQJSApU7p3xaVdYlfsF-bhID&google_hm=Q0FFU0VKNWhTUzU3VU1qU0ltTmpZbFFCTFhZ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
zy3UxpfPKDrqFSnInHyzkSYFQSj8goj7Nd-yINVOc0hcWQpbKSecsA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C33
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJ-5MSe97UIb_oyxDFI37FQ&google_cver=1&google_push=AYg5qPKUF19C2cOS4N6iuOa4jWLe1wgAgAHKIsEdG0gsDgqgImqW_jGSMG5GjwnReNdTrnD2Oe3ZHChkKNh_UKgR0SFOQxVscgbdyw
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKUF19C2cOS4N6iuOa4jWLe1wgAgAHKIsEdG0gsDgqgImqW_jGSMG5GjwnReNdTrnD2Oe3ZHChkKNh_UKgR0SFOQxVscgbdyw&google_hm=Io5jjBvczcweOALLNf2eDw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKUF19C2cOS4N6iuOa4jWLe1wgAgAHKIsEdG0gsDgqgImqW_jGSMG5GjwnReNdTrnD2Oe3ZHChkKNh_UKgR0SFOQxVscgbdyw&google_hm=Io5jjBvczcweOALLNf2eDw==
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKUF19C2cOS4N6iuOa4jWLe1wgAgAHKIsEdG0gsDgqgImqW_jGSMG5GjwnReNdTrnD2Oe3ZHChkKNh_UKgR0SFOQxVscgbdyw&google_hm=Io5jjBvczcweOALLNf2eDw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
7rvuaq302kld1mhsi4r0flo6cjkbjuq1
pixel
cm.g.doubleclick.net/ Frame 7C33
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJWcodrxXPi33dD4TsyQ0_eNzukrjsTV6Qq_V47EVZplhchqQNkUjm1Sycug5xp8SmanX2AkW1WoS7TPQo4Hf-KPoFs_4uaCw
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K4loXz92Sd6O9htupenAjA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJWcodrxXPi33dD4TsyQ0_eNzukrjsTV6Qq_V47EVZplhchqQNkUjm1Sycug5xp8SmanX2AkW1WoS7TPQo4Hf-KPoFs_4uaCw
date
Mon, 25 Apr 2022 17:29:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7C33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEB2ywMX0khGdT_hz_B2uH_Y&google_cver=1&google_push=AYg5qPL606SBAYKiOaotv1LDjrbLCZVWWYO7XHp924w5gxoulO7VL9CJKeR8Q6ksQC6IHFSitweZ_mw...
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRmMzM1M2FhYzZhYjljMWJmM2YyY2ZjZWVhYWY2NjhkMTM1ODVhZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7C33
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWU...
0
0
pixel
cm.g.doubleclick.net/ Frame 7C33
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOkyWvzkZhngW9ZpDwWZWlU&google_cver=1&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca6...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 7C33 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxYE4nljq1qT3hfOMNXK0Lp9DRO57oEOMh75j2Yk_CDYrxPGUVbfxYuisL-wVfF44PUbxd
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 4078 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkXhI6AzFvJ_EKJ409AcxrDWyf-gZgOOe3GmzaChws9-qYUlO-CltGjcnr2Lkx_JtimdLUWyi3LrAaPVrSU2MztHKTWPiFK5q0VILx20P_fasvY-8&sai=AMfl-YS7RbVVBA2ztSFqgjR-IoRmt8uAun35poAP-HfFkUNTL0oQlltHT4b-lGy1BQxBISPn8fdX0MogUaFmjsBX6tm_ytQ9fEfkZnykeLN6rlBh2zmwyJS7MIKp7lY&sig=Cg0ArKJSzAqhRRH-7WpdEAE&cid=CAASJORodj2RjjZd0Ol7nnvB-v0Un-xfc64-1_xNCxR_r8b7-c7MFw&id=lidar2&mcvt=1093&p=226,315,320,1043&mtos=0,1093,1093,1093,1093&tos=0,1093,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2050935381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650907768393&rpt=2009&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/ Frame 8796 		2 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bde5628d99b71a5372bdfc10c247bd4271e8a90bec43ea1c198b590ed2d889a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 14:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270042
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
705
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 14:28:49 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 8796 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46435
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:47:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Apr 2022 17:41:29 GMT
OahgkAIwXXEnVYtSx7hLRSdqNDK1Dt0IuJMW5_z-SnY.js
pagead2.googlesyndication.com/bg/ Frame D882 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OahgkAIwXXEnVYtSx7hLRSdqNDK1Dt0IuJMW5_z-SnY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39a8609002305d7127558b52c7b84b45276a3432b50edd08b89316e7fcfe4a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 00:43:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
233134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13787
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Apr 2023 00:43:57 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 17:29:31 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5012 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br1F0eNpmYr6KGtiuNZnkk_gOAAAAADgB4AQC&bg=!fn2lfTnNAAYXWUUuN1k7ACkAdvg8WnTaKODKFkIRUQga6eHjmp9fEnkJwSznrwOI5NmiqY7PZ8QEKAIAAAN_UgAAAAJoAQeZA0DHRsIeUyTiyknAh9JDVMN277f5K0HxDx8fjwT3uowNbWlN-BNBpxUhtyd6yXGxQIXud1tcld341JrHeewr8tGAHmUIKu5OiXrPaHCksQ_wLk5s2rWc23rhmpLDNZrIN117GfxCYhhN6ynj_2EVjLr7dj5LXCm9GHWP9TVj83OEvKi-RyjO9RIKSLfF8nmw18kVJ2cdDQ3u1NXQUf8D19UnRM_H0d5xqqt10nToTFWnpBjy8voeNmET8OISAXSgl8WE8KfzQinGeMe8MGrkX-UkDluq8VaKWcBXjKCphT0GZVXgiSlDQ_u4Nd-l7QIcANCYroXxlNj6ks6-HFVbzP9Y3bXw-p-jZZbczCXw4AAIAFITWkcQqFi7EAuUz53uzY6Oingo5gadqi_9pguv3FEwaYGna9asOwAJgmjjn_UmFUaALRbrjLPOf57fjH--vubQrsSbOIIw-Rx_8FLVXuaDQzSzaeRuW5Dj35zlZo43cDnpQl9AsLsoGgm7gn97TLsxzuMbLlz1VTgDf_5SlwGK4qKaizyzZ8QIxQ3W82eNd04t44s5bTTqS7s8i9DZiIICyG3erkp25GkcEuB6C_gpD2uhw4ZIrr_nE_I4HGytMDsLhZj2TZh-XRtNMpXKMLCIrWRPeV77CKJ7sgQEAN3i5NOYViryT_M_qFLjticG2MJyxw5_G61UAYcrJGR9KO3aYWacyxkm9ulebzQJZLEe6vX_Vy8FCFhWaZSeMAAkiY4xv_KznHx0yOPF7FOd2I93zhOiDFVibjyU8axMXVd4qRZ_pERMrrpozPzTga9Pyb9ZMp7WiGdv67OPlB7k68CVblXUh64-Hq4CE5gw6VTQkFYTL7UA1Gm245Ex8sL3IYTk5kU_kRo3DZbw127222Z0g6Ed8NkEiIr_RCWM3PwsjteI4nY82xndQ1jbR6_7tT1DhE4VYFLzPhnS2-JEt15R-xzNYLCie6T30SqbJkk-qH1ff7EgNdWuvvd-CxfZRG94Aq2ytxX2q1HzvDOekuYpPy9BHDoCpfkA0cFePGPuFimHmSOyZih4kajlTUk9gbWso5nWpM0NK894Xh3X2lg-ReIy3KG5ok9dQw3mPGLe
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE21 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQDZJeNpmYpzhMIqQoPwPwqWZ0A8AAAAAOAHgBAI&bg=!5Oel56PNAAYXWUUuN1k7ACkAdvg8WnKDO7Kmikae36bjyoFpdof2AYu5MoxEsSmwopsw8jnDc6gmZQIAAAOSUgAAAAJoAQcKAFxxBkZ-vxImE3xWCyxcxcg4ETAxzImRXyLRGVhd3bsmqrxbK8ImfKFcER1dHaCLzQN4AtJmRHKNUVEb2UFpZeAsSK_RQ3_jHLGHS7NRxqcHhfoKxXLoRyvmzMAZ0ZkDAe7-EOE7MGuzXbeNFbY1vt3Jh7_yJGvfL3veNmS4thP--7U5GSWs0Uapvgl7HggeK4Md_flNeDjpOFFD4_1DH6ECXUyN0HBkMnUGNJHYuEOJLk-k8YCAlmd2L_erA4slav8eKWr508jeIC6D6rUa56p8gIGxYcf7cjUUZKGvJLEZu5h0nFUEFQVHWH0kkX60S2UvxukG-AL1r1BzztdlcsB62334kLAnEbqrEeEZMsdeGhtMPtsz3S7JlFXtTqUKA8utBXiVXfMD3-mpFulRskoe5aHmbqDNRZfdfIdMC-l-DBLD-Y4FPUpqHlVcWgXXRHnAGinF0vdZuEEBKdFFsxM2OTrWx26tR0atpx7pC1Xo3gd8-qq8n2W2t6_uZBUvmGVF5s51Cvn-d8sRr81TDYkLYiNdvnsHpR2e3E_ROAVP9EZYDwIeDhfxP3f_v34Di1Q7Wx8DsQsOZBozi6CDoqRNx-THZtfievzQ6GqOjFfrhmH21LVZBRPHSISb4WAAlxtAMYnmxAAY1DRS_iVueJr9iqbu8T1AFbeAcX2nsq4av1-PgRqst5EXXjU8orTlaU7JLWDDBR1zx7oS6IvozDacpRXxM_FRrrcxwEkiweoTevyunCHV2npfg8OcYd3ZxaaQvxAEa-YIWRmaRg9agb10-_5QuT2vozYkPqEg20G9PoEZ1OgCjjh942WbIEXMvRUOUoX3hIeHkzBPACJfSHkem6eOmouKX-xFJAc-RUZ-XnEEW4lx4EVB-u-joVWqJmO0hyRxn_1eM6O1OoAggztKccEitRbcUMVeWAJls2PeTIjsuncsJWYh1z3bKpgkCFm-5wLho8ksYoumimTpL-IznT8PSm2fXU9pEpTT7I0fbXHIL3SKJXpR99vhM0bcEgTWNH2Wkztl_YuExVsdb8IlsODY0DoNjPKMD4YHKQ0iEQq5ADi7HfZdIU-BqvEs5HBcA-9bxyrbjcxKvMl-Re4XLjGzCuKmzUSL89VPRKGjhs2d0l95b-R4IWc7YQZbh04
Requested by
Host: 3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
URL: https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1812 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzI6tedpmYpibB8GmMIC7mbAPAAAAADgB4AQC&bg=!eHulez_NAAYXWUUuN1k7ACkAdvg8WlOvuQhyFUArZHAKEETdV-QYlbeMF_Ir6orlIkK8evBVCy8L4QIAAAM0UgAAAAJoAQcKAJE960fON6WzsJTvyqAbebT7sYPhftBSXc9n4r-ViVpbE580XiAVqYVuwACQASo8YPr2RjMkSpXpxsElhpOOmyvc40W4VR-MslZNHEA_LIpI7lof61scL3eq3ynWZF_A8MCvsbikHO2RPhY8XIsfXjhq8O8UxugfHhn9G6GFY0wcQa57OP42VyED4NvWJdJ00kCtmQLttxZ_R3DIJ4NvsW1AAiesMMbmxr80UkHVeiTU60YnEWX19-29FEjVUteq749Ajijcpd0bbzDIN2ld-j-3PtEhp8Es8V8938afXG1e4VrIK49kDRN7V1P5lK5Iq4YykTg6VT27GkJzjweTWVqKLcwTyvaW-6kF0kcvNUI8a0A8UVNtZWLz_yi8SzyuPLgkHTxq32ddTZqOiHbpdmcgL_XXvMgMiXMhaGwxtXdSYU4QdbdnAJrQEoNdWyYwD9chx6lI9re3NDb_UextVrOYtvJqHTLFtdwx5qVHrwSYf7YWVNrY8oKVkjHOk0dyKpjqEEzkre1GgDus0LF9uXWGPuPL9KzeK0j3dZHibDCUgWLPRKBHQ2B-Oe3UuHQrKAC7fuHRMWDizzpFAscZsC9T1dr5OhqSg5vb4voW3ZVwcprknHmmarfCq5h9aDzYA_Wy7cfbU_bKg3CvgDOTAdvJgEOXGKQDcKeO92MrhFjARpinQJlO4pi6VMLFHGHyQkUQSBPFEKdaYW7pqg_xiMwrfeWxsCUFEjh3N5DTmddgrtuVqOTl6y-VsYUrOKdodlNb-VzFNa2ZUsoGq_l84l5uClPC_M2VfhUIgijcopvzyw295hwnJQ6uLQpDYrF8jScarPUhjBbtRQJw5GBdRTzHWzoC12TpVrugJbnLedvLnkg43lyybCLzfgymiaz3XTmqJHjT9HyKvw35nrdvkFafd_WP7pgVAq67iD0Ki8x4t5nbeunjfvQixhYMSESOfwbb7LN-6AIlic9CDdIxN0CuTxWFZJpjbpxw9pVJq9WcCOOe9o5MzHCXpAr3r19qMZ_lQGs-K1fJa0umf_aoIwUJYWk2rrstt0ehVD-bmw0B_rQAvHBHCplebBVTa_VibvQe1pUz8bN7IvHDVk4vvDY3pkq1LRB6XqJKJa8m7kMLTzPD3ZZ2HWtVaRyYHKr1cqWzr8S0Wu_7wHC5Hnv1jjhz-6i2uzqsIqInZFIPGa_PBi8
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32F5 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjIk6edpmYoPYK9mwNZXAiJgJAAAAADgB4AQC&bg=!LyylLGjNAAYXWUUuN1k7ACkAdvg8WvrGAd7XhqKSOAmagPL3EjRUiM1RoF6u7soNgGYbRoW8qRQ1UwIAAAN9UgAAAAJoAQcKAHJZZ46It8BUkiftqqz58hJROcdao7Eh4gXB5soZU7i3ferX0wnhxH-HlIDGRzy-cjiSZ5pWcGOvPS9sekWNOsoCykBtkfdksJdCpuv9URZKBh42XbdY-w_X87-S0ZsFbf1mqoxyLAmSX_NyhxUV6XkMU_OZAvLg6tkZOY6XKSv5KrofZR6nJAamLfBInbP0NJskwurGBPQSyEJUxWOUOzLFRF-0Aa-UUgM5_dzWDhlhB8yBuNsGUon8HCOFue4X-0UQHgRlK-bNBnO7s5Mws4RucdqrRzaXYuqv2IOq5nW7KDUN7JNHy_vpA1Fica28ZlV4fai968ygzJmvTnmOCzvAKHzS4103CASZnQxh0APkBMMJoWwGejnyOe1cbFMkzu9AfpIZ0vu8TNHWq2loQ0fGBY8UZrjzM1XkQQU15_1uY3WvBZkPycijKDvmjB7egCqqGLhZNrjKozSpC1fpD6BT64mEq2Hl4jSa1YXTmUUjFZD2nMErt6OSxrxCLwGIp6WxxnAowoN2b8qaSxSNxhHRtUB31y44kk0AYjEN2E2Vu9oQTsZ9pT1Wqs3K87LSJNOqi95-2_kMwE75Yguytr8UYpFAiV9PxouYkiONu1sBkAmwdybAkWH0QHVyi285xziDMFmiYMbL2hBoB9UORFI2E1VfN1gruRyp1tJgf7AgtePSLK2SiRgymbzOYt_sfGTm9fa72vOJ2xCbaIDL7VPO-sZLSVMXn-i8GORjzJkXYnRUz5puRlkeuLOkSZ3NTiLX6NUsI1VcNWajScsMULijHeS1gp4dNF2tkULCH5Dml4_KU1FgalEGFfrx4VjhqWsQOeA88NfnlMGz9_KbkPq5h8ASa4cNPjSXbJPQaLxZf2Y5WMC5IaxuLS3cXnExQsX9FQltAj64jPmhpHyqTSdTXlupKme0B8Q1TVXZ-SCYDnUmcplGsxVzKKA3B993PmEzz_u2hYnylTDG7uZWk13rcRgfWJBlXJtvgitEqlZPx6CcspFYdQ3KI_A_27RZnN5bB0W6FJ74Yv9bZ5D5y1F0JRHoaCYEUogfZIExZje56gplepPS0DVU9ibHB68kRk4fizJKSnSz25z9gHJBtOK5i_vW_p5ODVmchYBm6y1vLoPOBZ39NplV51gKTtkaqKAY_UhO5K3w
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 68AC 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezv18f&chm=1&c=2130312850070464&ctx=2&qqid=COfC8dfer_cCFZaIhgod_M0IMw&met.6=6.1_ChAYtwEg6QEqCAgEEgQQATABCgsY5QMgQyoECAgSAAoQGNEEILICKggIBBIEEAEwAQoQGJYHIKwCKggIBBIEEAEwAQoQGMcJIKMCKggIARIEEAEwAQoQGPgLIKACKggIBBIEEAEwAQoLGIMPIDUqBAgIEgAKDxiNECB3KggIARIEEAEwAQoNGPYWIEoqBggDEgIQAQoPGJkYIGMqCAgEEgQQATABCg0YphsgOyoGCAQSAhAB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 68AC 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~l2ezv19k&chm=1&c=2130312850070464&ctx=2&qqid=COfC8dfer_cCFZaIhgod_M0IMw&met.4=fb.14w~lb.1xh~cmrload.21n~ol.2oy~idt.1a~dt.-12r&met.3=735.1yz_1~740.1zk~374.21k~113.2wq_1~112.2wp_2~246.2xt_2&met.1=1.l2ezuybq~6.0~7.0~8.0~9.0~10.0~12.1~13.k~14.l~15.1o~16.1yq~17.1yq~18.1yr~19.2ot~20.2ow~21.2oy&met.7=CBsQCBgBMBU4ohtoAXAVeNAagAGkGIgBzi-wAQG4AQM~CBsQCiBdOCk~CBsQCiBdOCw~CBwQBhgBIF0oXTChBTjEBGjQBHCfBXjWAoABKogBKrABAbgBAw~CB4QChgBIF0oXTDVCzj4CmjBC3DUC3j7DIABzwqIAbEVsAEBuAED~CCoQChgBIF0oXTD_ATiiAQ~CBwQChgBIF4oXjByOBVoXnBxeLU0gAGJMogBz3WwAQG4AQM~CCgQBRgBIMILKMILMOwLOCtowwtw7At4qQSAAf0BiAHiA7ABAbgBAw~CCgQChgBIOcLKOcLMLgMOFFo6Atwsgx4uIcCgAGMhQKIAZTvBLABAbgBAw~CCkQChgBIIARKIARMM0ROE5QgRFYqBFggRFoqRFwvRF4sKoCgAGEqAKIAcrMBrABAbgBAw~CBwQChgBIIARKIARMJUROBVogRFwlBF4gxuAAdcYiAGeP7ABAbgBAw~CAkQChgBIIQRKIQRMJgROBVohBFwlxF43U6AAbFMiAGQyAGwAQG4AQM~CCcQChgBILUTKLUTMMoTOBVotRNwyBN4k3mAAed2iAGKxQKwAQG4AQM~CBwQBRgBILYTKLYTMMsTOBVotxNwyhN4gAiAAdQFiAGWCbABAbgBAw~CBsQCiDOEzgV~CB8QBRgBINITKNITMOYTOBRo0xNw5hN4zRSAAaESiAHKLrABAbgBAw~CCIQARgBINYTKNYTMIYUODBo1xNwhRR4rAKwAQG4AQM~CCcQBRgBIK8UKK8UMMoUOBtosBRwyBR490OAActBiAHqsgGwAQG4AQM~CCIQARgBIOEWKOEWMI0XOCto4xZwjBd4rAKwAQG4AQM~CCgQChgBILgcKLgcMNEcOBlouhxwzhx4gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame 8796 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
198086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32828
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1b8f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yNQBblgA8mJhKGIiyzgC9m4%2B6EoLQh%2BoO4U0yu5rVCbPAqbU%2B7AR7hfrr9Qkz85dF0g49K4M7Svg4PSEo5PdXW1S8meNQqg4HoMkrrG4FbO6jo1oOReB8Nuok637zMpTvrI%2FwLFI%2F1FTsnmfJoFRGNA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7018cd254fceece6-YUL
expires
Sat, 15 Apr 2023 17:29:31 GMT
script.js
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/js/ Frame 8796 		2 KB
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ea302cc6f201574bdcc8ff6181d75fc9a6cfff25d4689d91d65f6b6e3b21e5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 07:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
555799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
628
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Apr 2023 07:06:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA41 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSJb1oHYCKlF7Ci_YU7EOokJk_sP52C65UxygaMplU89HMputTIB2iS4r5w4z69WWnFkW6xQDfBWcrnCxbIJdquWnMRDGHgiKl-AenDV00QSYc4C4eChLdiOT_RO_bK-NFnQhWtNDpHGyzB0OHE_i_ZodMRLI2Zw&sig=Cg0ArKJSzJK57PlZjEQ2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=621&vt=11&dtpt=353&dett=3&cstd=260&cisv=r20220421.51062&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame EA41 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
861
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24022
x-xss-protection
0
server
cafe
etag
7279347391308095826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Apr 2022 18:15:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1979 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUxizedpmYvOvGYT-zgWtjLSwBwAAAAA4AeAEAg&bg=!Q0ClQATNAAYXWUUuN1k7ACkAdvg8WihROG__Ey6tltCK-bnxW0cZllOEUhQDm3NmD1i7D6thBc83-QIAAAJfUgAAAAJoAQeZAvKMmpBxRHiuaDqKvDbCxuq0-PznbntDbySTwqKklsrj1VR_Rimh850jR-VrWl9EFTjxKH9sLKEL5xJfmppLY8dtVo-62Cns1dG6FMH6RW_L7ySCQ98w05Vucqa96GxIkGg0BTXo-QxXYLgwCrKcfiqY0dn1jy1B-WI5knFZm7e5h0sSy4tw8cBzrmBPrruzmo4yTr4I7KEyuEatddHCZaQCBuCJ36RWyxyCiGmd2K5AbZw3yH_kS4pe8xJO3iGMbgOJCmf6A62toKiSbS-MsoxbPf9o3d5lrEUW1qBZJJ8SLXODQ-3isKW369VPjdIxA5Fg6zewrnHJMwvF5zvgexN7bw3NSURiHsjf02_P9kY6bQ95iaX2j3hHLYND-sZjxhQ6yJPEEdPvvM3CISQGxcUVMsnIqAc_Z6JAiwNPA1n8C3_C_ns80twhYn5ryyP9ZYHDyUnpgrHCjfmz7uaJ9VpGWQ6YQbhRdl3SSlPvkfx55a0reVR2Oi-w3Nq9txRsxTUsDib-Ouozqii9KAlxlFvC6-mgOjLgp7bbAXKQUTexb1XVPlY5WHlUxAOR7ykNDfty0BzDG4z93XFlElBgvkvItbtB_25oxYdtaDOtenkqyto0CL_L8EC9aie4_ALYymX3vgNXBHrutqhHgKTMy5KxyXtmPcn2X-DJmiRXOEQcKMHiPP9guL8_9bnVZyZFsEQoV8EaRfOmW1XtnVNleZ9WdKivAjux_NHwhCu7VaYgYdGT4k3Pa4XKVS8SDvKPlb_mIISJD_1RM7jrFsaV3MqoFrMbPkjkOdr2MqJafhsNBCkPN33bmS_iy4okisox5qU4940pfA6nWBB2JMH2_bVkxqcbVLmJf188JYiXp8EDA2FUrOa3RLFfkGzP7LMneCRw5H1HH27sS9gBFMN7PjooA2UmROiHoKULoC_35D4qiv6Q0mhpmxqYF0iK1Tv6d8PGc14kLCPb9OOsMbt3u1Wd2JTtx24QGOCDMt48axL4cCq7
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
foreground_728x90.jpg
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/ Frame 8796 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/foreground_728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2db69477e09d2a6c453ad9a2c46b8f8e02d9b5abc596bc67f4f17892ea1de3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 14:28:50 GMT
x-content-type-options
nosniff
age
270041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55106
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 14:28:50 GMT
text1_2x_728x90.png
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/ Frame 8796 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/text1_2x_728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eddbde97dfb4bca61db527be1a9c43480e1fa1798272104e4362f0aeeec4487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 14:28:50 GMT
x-content-type-options
nosniff
age
270041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16222
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 14:28:50 GMT
text2_2x_728x90.png
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/ Frame 8796 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/text2_2x_728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13cf2541ca0bb159160b7368e3dcfa3efae6868f85eeb311859484f1d8ff1dac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 14:28:50 GMT
x-content-type-options
nosniff
age
270041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12794
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 14:28:50 GMT
smokey_728x90.png
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/ Frame 8796 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/smokey_728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44674220f9a441782b4aa099335d4ac7c682019e145108b676a34c2f112c38bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 14:28:50 GMT
x-content-type-options
nosniff
age
270041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5149
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 14:28:50 GMT
logos_2x_728x90.png
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/ Frame 8796 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/logos_2x_728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b38b2f82b175b66798be9c4d8b036b22d50bd7461eb2fe8f9c22ff2fb9b68fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 14:28:50 GMT
x-content-type-options
nosniff
age
270041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3669
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 14:28:50 GMT
cta_2x_728x90.png
s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/ Frame 8796 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/images/cta_2x_728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2006 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
462a75f10f0a5fd7ed8d6020195721c0dfc2859c32734c3bd9ec9ecc09ed44e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6987188902618913438/adc_WFP_midwest_heartland_eng_728x90_html5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 14:28:50 GMT
x-content-type-options
nosniff
age
270041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2200
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 17:45:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Apr 2023 14:28:50 GMT
truncated
/ Frame 8796 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame EA41 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l2ezv1d6&chm=1&c=2130312850070464&ctx=2&qqid=CLC_8dfer_cCFZaIhgod_M0IMw&met.4=fb.pj~lb.2l5~cmrload.2vj~ol.2zv~idt.33~dt.-10y&met.3=374.1w7~374.2n9~735.2ol_1~740.2ox~749.2th~743.2t9_a~733.2tj~742.2t9_a~735.2wk~735.2wk_1~113.33a_2~112.337_5&met.1=1.l2ezuy9x~6.0~7.0~8.0~9.0~10.0~12.1~13.k~14.l~15.34~16.2n8~17.2n8~18.2n9~19.2zr~20.2zt~21.2zv&met.7=CBsQCBgBMBU4qx5oAXAVeNAagAGkGIgBzi-wAQG4AQM~CBsQCiCZATgc~CBsQCiCZATgh~CBwQBhgBIJkBKJkBMOgHOM8GaJgHcOcHeNYCgAEqiAEqsAEBuAED~CBsQCiCZATiTAQ~CBsQCiCaATiVAQ~CB4QChgBIJoBKJoBMK0HOJMGaJkHcKwHePsMgAHPCogBsRWwAQG4AQM~CCoQChgBIJoBKJoBMIQCOGo~CBwQChgBIJoBKJoBMK8BOBVomwFwrgF4tTSAAYkyiAHPdbABAbgBAw~CBsQBhgBIJoBKJoBML8HOKUG~CCgQBRgBIJkHKJkHMMIHOCpomgdwwQd4wASAAZQCiAHwBLABAbgBAw~CCgQChgBIMEHKMEHMPwHODtowgdw-wd4vFaAAZBUiAGlcLABAbgBAw~CCcQChgBIMMPKMMPMN0POBpoxA9w3A94k3mAAed2iAGKxQKwAQG4AQM~CBsQCiDMETgY~CCcQBRgBIIsSKIsSMKISOBdojhJwohJ490OAActBiAHqsgGwAQG4AQM~CBsQCiDJEjjIAQ~CCUQChgBIOAUKOAUMPUUOBY~CCYQChgBINgVKNgVMPMVOBs~CBsQChgBIOcWKOcWMNoXOHNQ6BZYkRdg6BZokRdw0xd46c4BgAG9zAGIAdnuA7ABAbgBAw~CCkQChgBILYZKLYZMNwZOCZothlw2Bl4sKoCgAGEqAKIAcrMBrABAbgBAw~CBwQChgBILYZKLYZMNwZOCZotxlw2xl4gxuAAdcYiAGeP7ABAbgBAw~CCcQBRgBIOcZKOcZMP4ZOBdo6hlw_Rl490OAActBiAHqsgGwAQG4AQM~CBwQBRgBIIcaKIcaMKQaOB1okBpwohp4gAiAAdQFiAGWCbABAbgBAw~CB8QBRgBIMIbKMIbMNcbOBVowxtw1ht4txCAAYsOiAGPLLABAbgBAw~CCIQARgBIMUbKMUbMO8bOCpoxxtw7ht4rAKwAQG4AQM~CCIQARgBIKYeKKYeMM4eOChopx5wzh54rAKwAQG4AQM~CCgQChgBIMYeKMYeMPEeOCtoxh5w7R54gr4BgAHWuwGIAb_xA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D882 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7wnqetpmYpvIMNGvNdTfktAKAAAAADgB4AQC&bg=!3d6l3prNAAYXWUUuN1k7ACkAdvg8WvkC34bykuQAUixnuZ1QG56tTMST7pQyg_w0U4xQEPNK1-7H6gIAAADBUgAAAANoAQeZAuptZuav11p61sjFdIhCfgIRb12IAVfUe3q0ItrjLc4uQVygKTvLZ-3Y1rCCuI8TLAmVKSPW5hUNu1mc7DkSV5OQchWpP585DeSQziEJcV4HqUAJSyP2-bmiCnMoVXkUTXuYSXAQeuoTFEN6zRxXj4dwhmUKMvWGR19NvhElyewVZCu4qQ10rXvJf2pc1nAs-XziT1TtM3IVAwLlpEJdR0HHYtFk1cpg9RHw35txiIjBHnAcK4lEsp5isC026Cl0aremo8HwLmRax6AYnxnt6Ag8PaUvf1Pbg8z1h0iZ_TNJFOCVRzxF1iSHQKc2NEsvU77Qb6JPk7FNk05JkUlgqoojH31Hyi5QBhrZ2s9O7_dHoCGjWEHoFww9j0wjGcSu5Sr8N1YKoQqLrjHmss8OybYdJeivjQmh2lhtMZqHdugp1oP6bAMsdkfbKLm_u8dTJe2HriSKTCHSL3S5yasGcm8hOZTAqA1NItmkPoyaMPei-_1I7GgZiQLOPAUD6SiU6DvK1avh9CqdX4S3C48MjEIvbZAgXPrKv-g55fWJZRsGt_hVtRJboTosb1Mg0oIeC7x03NNYiyGoDp2pDkpFg3oI35KcHS39yn_ETrKFYn1xlPKHusdoisPwS0A3w7r7uNOlEHNhP1lZSNr-7IxM9B8grWcDZ8L8eThS2xwApaDlUMncDKBwCFysIoXAY6W6LSCGBdPyQj6PLp7KCfCHz3SSCXA6VFP38jrgvxORYqHuaSJDQNcMSaiIakpQwE1ufLMMu_vTVDMQrQGO9kWFolOfr9UX9Pdn5q9K_80TovZtadMpgHeD925aChdfBK_AP1Z3u6ZQNtpAJQ4uiAtRqbgdTsnwGti9wcpHis4nMEb1UR3WczoaskMwqbWCPzv84AGL1F1OqSGHlOz_cAAigi-ML3b4ydk_fNzXK6BKarzJc-2SnnYMm_A7O833ibpllTWdG7k8Vd8YKsH5F2tjzYzRf65x7zV8SWcrEA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
checksync.php
contextual.media.net/ Frame 509D 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
28b2478bf10c0c701bffaad9fed82d7ea96231fc7e955038830f0d0138566d77
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11493
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Wed, 27 Apr 2022 17:29:32 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame BBFA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e125a13cc1d940de0843836339bdd15458318e50d978c6373b3973963edb763d

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
455
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
index.html
cdn.districtm.io/ids/ Frame 07A0 		116 B
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
15790
cf-cache-status
DYNAMIC
cf-ray
7018cd273d43f03d-EWR
content-encoding
br
content-type
text/html
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 00a6901a148285ca8b56f0d0c1104a48.cloudfront.net (CloudFront)
x-amz-cf-id
egMNIGYqqwij8tsPL9bQZFleR6stXEjfQTpD0w-eYZtA3QdkhYwHiw==
x-amz-cf-pop
EWR52-C4
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame B53D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
43652
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:32 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 163221
X-Served-By
cache-lga21967-LGA, cache-yul12825-YUL
X-Timer
S1650907772.060658,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB65 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131225
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 27 Apr 2022 05:56:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 3F0C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d088a635450850ba18ea7bf9532bdf4995ee77932330b980a5eeda53a0e6263e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2146
content-type
text/html
date
Mon, 25 Apr 2022 17:29:31 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 25 Apr 2022 17:29:31 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8340000A
sync
eb2.3lift.com/ Frame 24E6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e125a13cc1d940de0843836339bdd15458318e50d978c6373b3973963edb763d

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
455
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame E171 		1 KB
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
03351b4850ae1aa4b74520da56b46e0d95d15135b74cfdf3bf43eae206ab82d5

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
672
content-type
text/html
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 42B6 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
28b2478bf10c0c701bffaad9fed82d7ea96231fc7e955038830f0d0138566d77
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11493
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Wed, 27 Apr 2022 17:29:32 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 8AB0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Apr 2022 17:29:32 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame FBCB 		116 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
62887
cf-cache-status
DYNAMIC
cf-ray
7018cd273d46f03d-EWR
content-encoding
br
content-type
text/html
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 5ec6b37107376867228d2ed46a794602.cloudfront.net (CloudFront)
x-amz-cf-id
GdBEtCTkrkoDcF3H1KZL3KoTYGDhaEjrdQhOnwxFGU7919QuTNizrA==
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 7C80 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Apr 2022 17:29:32 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9F2D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
43651
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:32 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 162515
X-Served-By
cache-lga21967-LGA, cache-yul12823-YUL
X-Timer
S1650907772.061487,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 08B0 		672 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4dc9bfb7a91877dfa5cfe9bee4897b7b88ded76f2e3f255d0ace008b14d88d3c

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
426
content-type
text/html
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5725 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131225
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:32 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 27 Apr 2022 05:56:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A0A8 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 25 Apr 2022 17:29:32 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
VRZN
c.deployads.com/cs/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58423/occ
  • https://c.deployads.com/cs/VRZN?b=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/VRZN?b=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

location
https://c.deployads.com/cs/VRZN?b=y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
date
Mon, 25 Apr 2022 17:29:32 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
AMOB
c.deployads.com/cs/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=56
  • https://c.deployads.com/cs/AMOB?b=4146191290397438279
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/AMOB?b=4146191290397438279
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

location
https://c.deployads.com/cs/AMOB?b=4146191290397438279
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookiesyncredir
bttrack.com/pixel/ 		35 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fc.deployads.com%2Fcs%2FBDTL%3Fb%3D%7Bglobalid%7D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

X-ServerName
Track004-iad
Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:21 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
ACRS
c.deployads.com/cs/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001cFpYHAA0&ru=https%3A%2F%2Fc.deployads.com%2Fcs%2FACRS%3Fb%3D33XUSERID33X
  • https://c.deployads.com/cs/ACRS?b=2051871529581
43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/ACRS?b=2051871529581
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://c.deployads.com/cs/ACRS?b=2051871529581
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f367a548-43b2-4ca6-9e67-1de5d4a782b6&ssp=themediagrid&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603021636766816456&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=62c5f73e-003c-4737-b163-4ba2cdd1040e&ssp=themediagrid&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cent
c.deployads.com/cs/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&partner_url=https%3A%2F%2Fc.deployads.com%2Fcs%2Fcent%3Fb%3D4eee6442-da4f...
  • https://c.deployads.com/cs/cent?b=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/cent?b=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.235.17.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-17-126.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

location
https://c.deployads.com/cs/cent?b=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
xuid
eb2.3lift.com/ Frame BBFA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame BBFA
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BBFA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BBFA
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame BBFA
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=be5235e...
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=be5235e71624be0fdc2b5fd3a8e6a8a7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7018cd2bbe18a24a-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=be5235e71624be0fdc2b5fd3a8e6a8a7
date
Mon, 25 Apr 2022 17:29:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7018cd2b2d33a24a-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame BBFA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2632727191946335783295?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 25 Apr 2022 17:29:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame BBFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2632727191946335783295&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=63f747aa-00e2-48e6-a26e-a0af68ff62cf&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 25 Apr 2022 17:29:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame BBFA 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2632727191946335783295&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
etag
"84ab6ebff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0C87CB8519F4482A836370C8D9AF5C20 Ref B: YTO01EDGE0817 Ref C: 2022-04-25T17:29:32Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame BBFA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2632727191946335783295
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame BBFA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJZGQ3CYJI4UM...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 24E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=7aabbd52-0742-4133-a07d-fda9f86dc1fd&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 24E6
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 24E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBBbzPnNwtUic-PMIP_CgKU&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 24E6
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzMjcyNzE5MTk0NjMzNTc4MzI5NQ%3D%3D
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 24E6
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2632727191946335783295&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=ae70048...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=ae70048061a598ccbffb5853fb3294e4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7018cd2bbe15a24a-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e1215d9c-a771-48fc-9fa0-5b019a14a652&_noobservation=1&_expected_cookie=ae70048061a598ccbffb5853fb3294e4
date
Mon, 25 Apr 2022 17:29:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7018cd2b2d30a24a-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 24E6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2632727191946335783295?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 25 Apr 2022 17:29:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-aLoYY9dE2oQlRp_b4rMMLGsVJcZBgCbgvvri9Po.uQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 24E6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2632727191946335783295&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=858da0a0-76d4-474e-963a-590376490cd9&expires=10&ssp=triplelift&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 25 Apr 2022 17:29:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 24E6 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2632727191946335783295&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
etag
"84ab6ebff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F4DE60EDC10E47A9A635F96356455592 Ref B: YTO01EDGE0817 Ref C: 2022-04-25T17:29:32Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 24E6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2632727191946335783295
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 24E6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LJZGQ3CYJI4UM...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=ZrhlXJ9Fqtvb0RMfRvp-
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame FBCB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
155860
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
7018cd284e2ff03d-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Wed, 27 Apr 2022 17:29:32 GMT
usync.js
eus.rubiconproject.com/ Frame A0A8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
18f25152e6157a80c22560120612d9f9c18790e176d7165194cf5ee62a7773d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 16:28:01 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=23361
content-type
text/html; charset=UTF-8
content-length
9542
expires
Mon, 25 Apr 2022 23:58:53 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame E171
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame E171
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame E171
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
25e46964-d4e0-4c29-ac62-60a8842c5121
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E171 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=a50e95cd-aef0-cf18-3842-cceb8ed76f55
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DGTVGGSNEMV6X0YYAKZZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E171
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame E171
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YmbagwALH7wGxwA-
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmbagwALH7wGxwA-&_test=YmbagwALH7wGxwA-
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmbagwALH7wGxwA-&_test=YmbagwALH7wGxwA-
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:39 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650907780.764126,VS0,VE0
x-served-by
cache-yul12824-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmbagwALH7wGxwA-&_test=YmbagwALH7wGxwA-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
691f8ff4-22f6-e6ab-c99b-588919b369fc
pr-bh.ybp.yahoo.com/sync/openx/ Frame E171 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/691f8ff4-22f6-e6ab-c99b-588919b369fc?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:f817:c851:d4d0:49b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame E171
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame E171 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFiNzNhN2EtN2IyZC0yYTQ2LWVkYWMtMTRjNTJjMDY2YWQ1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E171
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BB65 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47582179&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
77da89056b67553020d8e72ed16cd65dfa152652714a1777e0db40f1c887ed89

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:30 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 07A0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
155860
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
7018cd286e63f03d-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Wed, 27 Apr 2022 17:29:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 08B0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4146191290397438279&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame 08B0 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650907772.230931,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12824-YUL
691f8ff4-22f6-e6ab-c99b-588919b369fc
pr-bh.ybp.yahoo.com/sync/openx/ Frame 08B0 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/691f8ff4-22f6-e6ab-c99b-588919b369fc?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:f817:c851:d4d0:49b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 08B0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7aabbd52-0742-4133-a07d-fda9f86dc1fd&ttd_puid=fdd8e9b0-b25a-74e2-f84c-4e7ce6e4a4b5&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 08B0 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDFiNzNhN2EtN2IyZC0yYTQ2LWVkYWMtMTRjNTJjMDY2YWQ1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 08B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE8sWWDrc5p-sZh9ZkYqqys&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4488 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ceda6c21387b743c14a0a4cab2fd98bc1d0dcc0e2e59d5b537e620b00e5179c7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1566
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:32 GMT
Dropped-Udsids
46|3|130|88|47|221|123|188
Expires
Mon, 25 Apr 2022 17:29:32 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync
ib.adnxs.com/ Frame B53D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
26720dea-417c-4b5b-a8a5-4ec5ce5df7ee
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9F2D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d8099e4f-2a47-4eb3-b67f-d70643118a97
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3F47 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce47f9de5f6621e3d17532dbfdd97ff9eb11c0cdaf03c195467880e834dfda1e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1465
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:32 GMT
Dropped-Udsids
46|3|4|130|40|51|191|241
Expires
Mon, 25 Apr 2022 17:29:32 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pubcid.php
hbx.media.net/ Frame 509D 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:59:32 GMT
sync
gum.criteo.com/ Frame 509D 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1583
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
cksync.html
contextual.media.net/ Frame 2B8F
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Drkt%26refUrl%3D%26vid%3D090777228329390936614553570...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077722832939093661455357000V10&ovsid=978477405519839003
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077722832939093661455357000V10&ovsid=978477405519839003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 25 Apr 2022 17:29:32 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077722832939093661455357000V10&ovsid=978477405519839003
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 509D
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=9897b49c75208e6&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D29...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077722832939093661455357000V10&ovsid=AAADKPnY1mvHQAMHz2xHAAAAAAA&expiration=1650994172&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077722832939093661455357000V10&ovsid=AAADKPnY1mvHQAMHz2xHAAAAAAA&expiration=1650994172&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077722832939093661455357000V10&ovsid=AAADKPnY1mvHQAMHz2xHAAAAAAA&expiration=1650994172&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 509D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dmma%26refUrl%3D%26vid%3D090777228329390936614553...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077722832939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077722832939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077722832939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:31 GMT
cksync
cs.media.net/ Frame 509D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkzOTA5MzY2MTQ1NTM1NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 509D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077722832939093661455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077722832939093...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077722832939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077722832939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:31 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0b898c68070063c68@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077722832939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 509D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=8f8c55da-e4cc-4dd9-8169-ba51bd19ddfd
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=8f8c55da-e4cc-4dd9-8169-ba51bd19ddfd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=8f8c55da-e4cc-4dd9-8169-ba51bd19ddfd
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1419358
content-length
0
expires
Mon, 25 Apr 2022 00:00:00 GMT
bidswitch
event.clientgear.com/gogocookie/ Frame 509D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=f367a548-43b2-4ca6-9e67-1de5d4a782b6
  • https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=f367a548-43b2-4ca6-9e67-1de5d4a782b6
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
0

Redirect headers

location
http://event.clientgear.com/gogocookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=f367a548-43b2-4ca6-9e67-1de5d4a782b6
date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
0
cksync.php
contextual.media.net/ Frame 509D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dzem%26refUrl%3D%26vid%3D09077722832939093661455357...
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HA...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077722832939093661455357000V10&vsid=2939093661455357000V10
45 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077722832939093661455357000V10&vsid=2939093661455357000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077722832939093661455357000V10&vsid=2939093661455357000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 509D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2939093661455357000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2939093661455357000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 509D 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 509D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame 509D
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2939093661455357000V10
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KJ23Y5RED9R18NXR6VAA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT
cm
us-u.openx.net/w/1.0/ Frame 9D16
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.3&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_priva...
1 KB
709 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
b4651cb063e6f8d82bbcdd2714b6f9a0c20468473a17a9363c718715054970d0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
690
content-type
text/html
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 25 Apr 2022 17:29:31 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP001
x-33x-status
40000000008200000A
match
cms-xch-chicago.33across.com/ Frame 3F0C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.1&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YmbacxfUheiJLy59JDCIJwAA%26153
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YmbacxfUheiJLy59JDCIJwAA%26153
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=YmbacxfUheiJLy59JDCIJwAA%26153
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
316
Expires
Mon, 25 Apr 2022 17:29:32 GMT
match
cms-xch-chicago.33across.com/ Frame 3F0C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.2&ri=45&ru=https%3A%2F%2Fpixel-sync.sitescout.com%2Fdmp%2FpixelSync%3Fnid%3D104%26us_privacy%3D%24%7BUS_PRIVACY%7D%26redir%3Dhttps%253A...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26external_user_id%3D%7BuserId%7D
  • https://tags.bluekai.com/site/17724?id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D4eee6442-da4f-4f65-ba13-abad251...
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D45%26...
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=45&external_user_id=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
cache-control
no-cache
x-server
10.40.6.161
content-length
0
expires
0
match
cms-xch-chicago.33across.com/ Frame 3F0C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650907772080.4&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privac...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6802119093282668307
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6802119093282668307
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
12577190-6d8f-4010-b519-bce847e4ec8b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
149
match.deepintent.com/usersync/ Frame 3F0C 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/149?us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
match
events-ssc.33across.com/ Frame 3F0C
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1650907772080.6
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=2c34304c-ea38-4407-9157-7e7dbba2353f
  • https://events-ssc.33across.com/match?bidder_id=66&external_user_id=2c34304c-ea38-4407-9157-7e7dbba2353f&ts=1650907772&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=66&external_user_id=2c34304c-ea38-4407-9157-7e7dbba2353f&ts=1650907772&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=66&external_user_id=2c34304c-ea38-4407-9157-7e7dbba2353f&ts=1650907772&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pubcid.php
hbx.media.net/ Frame 42B6 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:59:32 GMT
sync
gum.criteo.com/ Frame 42B6 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2064
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
cksync
cs.media.net/ Frame 42B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkzOTA5MzY2MTQ1NTM1NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEByW6-iNx4RRaicE2iDcrqA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame E481
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Drkt%26refUrl%3D%26vid%3D090777235929390936614553570...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077723592939093661455357000V10&ovsid=978477405519839003
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077723592939093661455357000V10&ovsid=978477405519839003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 25 Apr 2022 17:29:32 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2939093661455357000V10&type=rkt&refUrl=&vid=09077723592939093661455357000V10&ovsid=978477405519839003
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 42B6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=6bd221a2-7bef-4af3-a3e8-2e164b4d8d34
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=6bd221a2-7bef-4af3-a3e8-2e164b4d8d34
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=6bd221a2-7bef-4af3-a3e8-2e164b4d8d34
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1604594
content-length
0
expires
Mon, 25 Apr 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 42B6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6&google_hm=ZjM2N2E1NDgtNDNiMi00Y2E2LTllNjctMWRlNWQ0YTc4MmI2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEP1Avk9zEdl1E-A11o8KX48&google_cver=1&ssp=medianet&bsw_param=f367a548-43b2-4ca6-9e67-1de5d4a782b6
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=f367a548-43b2-4ca6-9e67-1de5d4a782b6&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 25 Apr 2022 17:29:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 42B6
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2939093661455357000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2939093661455357000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=63f747aa-00e2-48e6-a26e-a0af68ff62cf&cs=1
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 42B6 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 42B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7aabbd52-0742-4133-a07d-fda9f86dc1fd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame 42B6
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2939093661455357000V10
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NN2416TYVJXNSZ4QNTFY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2939093661455357000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT
cksync.php
contextual.media.net/ Frame 42B6
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=460ff0db8e0608e3&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077723592939093661455357000V10&ovsid=AAADKVTL6RgxQQNOqI1qAAAAAAA&expiration=1650994172&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077723592939093661455357000V10&ovsid=AAADKVTL6RgxQQNOqI1qAAAAAAA&expiration=1650994172&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=con&refUrl=&vid=09077723592939093661455357000V10&ovsid=AAADKVTL6RgxQQNOqI1qAAAAAAA&expiration=1650994172&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 42B6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dmma%26refUrl%3D%26vid%3D090777235929390936614553...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077723592939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077723592939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x34 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=mma&refUrl=&vid=09077723592939093661455357000V10&ovsid=7e9b6266-da75-4600-97fa-93bd39c882d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:31 GMT
cksync.php
contextual.media.net/ Frame 42B6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077723592939093661455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Ddxu%26refUrl%3D%26vid%3D09077723592939093...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077723592939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077723592939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:31 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0af39abe7400047fd@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2939093661455357000V10&type=dxu&refUrl=&vid=09077723592939093661455357000V10&ovsid=0WJAwHhz1NJ2wI5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 42B6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2939093661455357000V10%26type%3Dzem%26refUrl%3D%26vid%3D09077723592939093661455357...
  • https://stags.bluekai.com/site/23178?id=ZrhlXJ9Fqtvb0RMfRvp-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPK2OJUGYWCKHFDHC5DWMIYFETLGKJ3HA...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077723592939093661455357000V10&vsid=2939093661455357000V10
45 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077723592939093661455357000V10&vsid=2939093661455357000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=ZrhlXJ9Fqtvb0RMfRvp-&refUrl=&type=zem&vid=09077723592939093661455357000V10&vsid=2939093661455357000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
buyers
dmx.districtm.io/s/v1/ Frame FBCB 		497 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c624b0613b1545dd2f6d7abd2667f19056f04704514a5a1b154a911894191a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7018cd299f9af03d-EWR
access-control-allow-headers
Origin, Content-Type
buyers
dmx.districtm.io/s/v1/ Frame 07A0 		490 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01faf25a7b6e4d0124bd386dc3a1965022d146d408f270d891551391541e7b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7018cd29afb6f03d-EWR
access-control-allow-headers
Origin, Content-Type
crum
dsum-sec.casalemedia.com/ Frame 4488
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ad05d3e0-3f5c-44e5-9506-a457d336a197
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4488
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:31 GMT
crum
dsum-sec.casalemedia.com/ Frame 4488
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 4488
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YmbafAAEpQ-GsAAZ
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YmbafAAEpQ-GsAAZ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1758
x-served-by
cache-yul12824-YUL
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1650907773.609906,VS0,VE0
content-length
85
x-cache-hits
19735

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1650907772.497545,VS0,VE14
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YmbafAAEpQ-GsAAZ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 4488
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0WJAwHhz1NJ2wI5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0WJAwHhz1NJ2wI5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:31 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0e05fc7b42a6d9b47@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0WJAwHhz1NJ2wI5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 4488 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YmbacxfUheiJLy59JDCIJwAA%26153&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.240.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-240-143.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.35.118
content-type
image/gif
content-length
49
expires
0
rum
dsum-sec.casalemedia.com/ Frame 4488
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Date
Mon, 25 Apr 2022 17:29:32 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
CookieIndex
rtb.adentifi.com/ Frame 4488 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.49.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-49-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
0
content-type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4488 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YmbacxfUheiJLy59JDCIJwAA%26153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3595
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 18:29:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 3F47
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
699cf4e0-2798-4764-bf4a-504bbcc11b96
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3F47
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7e9b6266-da75-4600-97fa-93bd39c882d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:31 GMT
rum
dsum-sec.casalemedia.com/ Frame 3F47
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4146191290397438279
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4146191290397438279
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4146191290397438279
pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3F47
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADyjE7EzbUAADr2VhfLPg&expiration=1652117372
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum.casalemedia.com/ Frame 3F47
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c0a2a580-f9bc-4598-8cfa-f0f45211b393&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f367a548-43b2-4ca6-9e67-1de5d4a782b6
Date
Mon, 25 Apr 2022 17:29:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 3F47
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d6e8f84f-7192-4d58-479d3afa
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d6e8f84f-7192-4d58-479d3afa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT

Redirect headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d6e8f84f-7192-4d58-479d3afa
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
dcm
s.amazon-adsystem.com/ Frame 3F47 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GNPMX73QMNSPNNEA3DND
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3F47 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YmbacxfUheiJLy59JDCIJwAA%26153
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3595
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 18:29:27 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 1168 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Mon, 25 Apr 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
543180
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 64ED 		0
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame D1F5
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=44e1885e-c4bd-11ec-bdca-6837431987b3
42 B
224 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=44e1885e-c4bd-11ec-bdca-6837431987b3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug003:0:614

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 25 Apr 2022 17:29:32 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=44e1885e-c4bd-11ec-bdca-6837431987b3
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-5
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame D023
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug020:0:463

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Apr 2022 17:29:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mEhCcE8lTy5wzHIRmcMv1ZU4mbk
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 112D
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d0d69b25-b299-4c6c-9dae-79cee72642b7&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
42 B
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.215.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-215-67.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 25 Apr 2022 10:54:59 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug022:0:431
i.match
s.tribalfusion.com/z/ Frame D383
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7018cd2aecad7144-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7018cd2a2b857144-YUL
content-type
text/html
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
46958
Pug
simage2.pubmatic.com/AdServer/ Frame EA17
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=665481160117
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=665481160117
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug002:0:534

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=665481160117
Pug
simage2.pubmatic.com/AdServer/ Frame C49C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0WJAwHhz1NJ2wI5&gdpr=0&gdpr_consent=
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0WJAwHhz1NJ2wI5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug019:0:2926

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 25 Apr 2022 17:29:32 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:0WJAwHhz1NJ2wI5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-014ae05c8c7741a1e@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 01B4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650907772455
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 09:29:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug021:0:507

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:32 GMT
ETag
OPTOUT
Expires
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 7A7C
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7041941671499242023
42 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7041941671499242023
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 09:26:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug027:0:364

Redirect headers

Cache-Control
max-age=72649
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 25 Apr 2022 17:29:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7041941671499242023
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 65C8
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9527fb6-47e9-4397-be30-49f30e5bdb8b-tuct9605ffc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9527fb6-47e9-4397-be30-49f30e5bdb8b-tuct9605ffc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 25 Apr 2022 17:29:32 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12834-YUL
x-timer
S1650907773.617534,VS0,VE195

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 25 Apr 2022 17:29:32 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9527fb6-47e9-4397-be30-49f30e5bdb8b-tuct9605ffc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1650907773.519656,VS0,VE15
x-vcl-time-ms
15
Pug
simage2.pubmatic.com/AdServer/ Frame BD9A
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=3F695155CBEA40AA8059773D874F9164
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=D990985F6F06492F8EC771FBEE66DEDA
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a7f15ab5-7d7b-40ef-b515-ad45de9ccc06
42 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a7f15ab5-7d7b-40ef-b515-ad45de9ccc06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug004:0:582

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 25 Apr 2022 17:29:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a7f15ab5-7d7b-40ef-b515-ad45de9ccc06
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 0E81
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=p9ElZ9tzCbSsD3XbfNpmYg
42 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=p9ElZ9tzCbSsD3XbfNpmYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 25 Apr 2022 17:29:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug002:0:513

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=p9ElZ9tzCbSsD3XbfNpmYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame E852 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.212.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.181.212.90.157.clients.your-server.de
Software
nginx/1.19.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
nginx/1.19.10
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame 8951
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6cb153d2-e004-48c6-b146-cf2b023e215c
1 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6cb153d2-e004-48c6-b146-cf2b023e215c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 10:34:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug030:0:300

Redirect headers

content-length
0
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6cb153d2-e004-48c6-b146-cf2b023e215c
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame 8D5D 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 25 Apr 2022 17:29:32 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-8a593b50bf27@version_1.419
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame F36B
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug019:2:319

Redirect headers

content-length
0
date
Mon, 25 Apr 2022 17:29:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 5930
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug017:0:483

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Sun, 24 Apr 2022 17:29:32 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3F695155CBEA40AA8059773D874F9164
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
33141
tags.bluekai.com/site/ Frame BB65
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=7aabbd52-0742-4133-a07d-fda9f86dc1fd&icm
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=30d885adeb54e82e
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=30d885adeb54e82e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
104.77.220.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=30d885adeb54e82e
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
204.237.133.247 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame BB65
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Frontend-ID
13
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Frontend-ID
12
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame BB65 		43 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.213.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-213-20.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 94ac78512342d473815908b66b16cd7c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
ejZ_Jt0305Km3a97e4gD8i4ioqTT9u_vEozhnkqsoRzgMy1F5mNOwg==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40f8252e-c4bd-11ec-aad8-9f94043e2d80&gdpr=0&gdpr_consent=
1 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40f8252e-c4bd-11ec-aad8-9f94043e2d80&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug018:0:735
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=40f8252e-c4bd-11ec-aad8-9f94043e2d80&gdpr=0&gdpr_consent=
Date
Mon, 25 Apr 2022 17:29:31 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
44dadda7-c4bd-11ec-a993-fd1079b66ac9
Pug
image2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6802119093282668307&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6802119093282668307&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug005:0:619
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
536f41d4-f6a4-4990-b3c4-ab257e579674
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6802119093282668307&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame BB65 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.49.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-49-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
0
content-type
text/plain
sync
x.bidswitch.net/ Frame BB65
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f367a548-43b2-4ca6-9e67-1de5d4a782b6&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10603021636766816456&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=62c5f73e-003c-4737-b163-4ba2cdd1040e&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10603021636766816456&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
sn.ashx
pmp.mxptint.net/ Frame BB65
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_EEE4CE38_4BAE5C4D&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
204.2.255.233 Miami, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-333894572; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-333894572; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 25 Apr 2022 11:18:09 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug025:0:2359
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug010:0:575
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4153669688251824763
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4153669688251824763
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 14:36:02 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug029:0:406
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4153669688251824763
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AA229FB4C1
42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AA229FB4C1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug014:0:515
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 25 Apr 2022 17:29:42 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000AA229FB4C1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6802119093282668307
42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6802119093282668307
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug007:0:469
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 554.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b80fd70-beaa-4d89-b71b-76d63093f6db
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BB65
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21a782a5-b5cc-43a9-a869-36c4546cfb9d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21a782a5-b5cc-43a9-a869-36c4546cfb9d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:34 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug007:0:880
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21a782a5-b5cc-43a9-a869-36c4546cfb9d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 25 Apr 2022 17:29:34 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame BB65 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.174.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-174-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
cs&eq_cc=1
um2.eqads.com/um/ Frame 722C
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.247.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-247-148.compute-1.amazonaws.com
Software
/
Resource Hash
9ca94a2afebb32a950e15588bdf2327884551736eaf2726499772190b08d4f5f

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 25 Apr 2022 17:29:32 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Mon, 25 Apr 2022 17:29:32 GMT
location
/um/cs&eq_cc=1
bsevent.gif
rtbc-nyc.doubleverify.com/ Frame EA41 		0
295 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-nyc.doubleverify.com/bsevent.gif?impid=d54abdfd20be4c96bc933fb6f2858afb&nav_pltfrm=Linux%20x86_64&cbust=1650907772492986
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal102.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.110.76 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-phlb106.doubleverify.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:16 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
04/24/2022 17:29:32
YmbafAAEoYnHnAAZ&_test=YmbafAAEoYnHnAAZ
dmx.us-east-34.districtm.io/s/10016/ Frame 07A0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-34.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=YmbafAAEoYnHnAAZ
  • https://dmx.us-east-34.districtm.io/s/10016/YmbafAAEoYnHnAAZ&_test=YmbafAAEoYnHnAAZ
95 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-34.districtm.io/s/10016/YmbafAAEoYnHnAAZ&_test=YmbafAAEoYnHnAAZ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.73.194.24 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
24.194.73.34.bc.googleusercontent.com
Software
/
Resource Hash
a4a0c6c4e8faa03659f0d9e387a6b4011dc669d85465a6080b045f2737e5340e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
95
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650907773.627131,VS0,VE0
x-served-by
cache-yul12824-YUL
x-cache
HIT
location
https://dmx.us-east-34.districtm.io/s/10016/YmbafAAEoYnHnAAZ&_test=YmbafAAEoYnHnAAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
AADyjE7EzbUAADr2VhfLPg
dmx.districtm.io/s/10025/ Frame 07A0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/districtm
  • https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
78 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac2022372ed240d0dcb5f744e3bc8b714ac3855e9e994ccf3ba46c364385452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2b2998f03d-EWR

Redirect headers

location
https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
mEhCcE8lTy5wzHIRmcMv1ZU4mbk
dmx.districtm.io/s/10026/ Frame 07A0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
83 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1974449cdd2dc562e0de1a418ad8244ae2b31ecbbf2f785f295c0050d4570b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2b59dcf03d-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Date
Mon, 25 Apr 2022 17:29:32 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
dmx.districtm.io/s/10001/ Frame 07A0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://dmx.districtm.io/s/10001/4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
106 B
151 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
793234918b850e0a8af09eee29efebe88123a08fd1567d47a764efdc4f4a6ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2b59dff03d-EWR

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
y-8KJ6zx1E2uH06dKJ2w49xGBPiI1X.Vkh~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
dmx.districtm.io/s/10051/ Frame 07A0
Redirect Chain
  • https://pixel.advertising.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58270/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
  • https://dmx.districtm.io/s/10051/y-8KJ6zx1E2uH06dKJ2w49xGBPiI1X.Vkh~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
131 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10051/y-8KJ6zx1E2uH06dKJ2w49xGBPiI1X.Vkh~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13234e276424e9d0b065be3f62cb1c263f6c8c2be043ca2e05f06fcea5f98f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2bba8cf03d-EWR

Redirect headers

location
https://dmx.districtm.io/s/10051/y-8KJ6zx1E2uH06dKJ2w49xGBPiI1X.Vkh~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
date
Mon, 25 Apr 2022 17:29:32 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
59e32e91-d4fa-43e2-b46f-81986f95b9e8
dmx.districtm.io/s/10059/ Frame FBCB
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/59e32e91-d4fa-43e2-b46f-81986f95b9e8
92 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/59e32e91-d4fa-43e2-b46f-81986f95b9e8
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2510638320e6c3c719e54940946878fa379c78ebbc2fc81c1d291ecb8d3db280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2b299af03d-EWR

Redirect headers

location
https://dmx.districtm.io/s/10059/59e32e91-d4fa-43e2-b46f-81986f95b9e8
date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
0
978477405519839003
dmx.districtm.io/s/10056/ Frame FBCB
Redirect Chain
  • https://p.rfihub.com/cm?pub=36496&in=1
  • https://dmx.districtm.io/s/10056/978477405519839003
74 B
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10056/978477405519839003
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49802c3b156f9325fe8818a411d26d8c65af00f52b8070c34bdf7db4c670181d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2b59e1f03d-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10056/978477405519839003
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
AADyjE7EzbUAADr2VhfLPg
dmx.districtm.io/s/10025/ Frame FBCB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/districtm
  • https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
78 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac2022372ed240d0dcb5f744e3bc8b714ac3855e9e994ccf3ba46c364385452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2b299cf03d-EWR

Redirect headers

location
https://dmx.districtm.io/s/10025/AADyjE7EzbUAADr2VhfLPg
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
AAADKPnY1mvHTQMP2AiiAAAAAAA&expiration=1650994172&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&is_secure=true
dmx.us-east-31.districtm.io/s/10007/ Frame FBCB
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&rurl=//dmx.us-east-31.districtm.io/s/10007/
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=39da34f7ca2508e3&is_secure=true&version=1&networkId=33921&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&rurl=%2F%2Fdmx.us-east-31.districtm.io%...
  • https://dmx.us-east-31.districtm.io/s/10007/AAADKPnY1mvHTQMP2AiiAAAAAAA&expiration=1650994172&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&is_secure=true
153 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-31.districtm.io/s/10007/AAADKPnY1mvHTQMP2AiiAAAAAAA&expiration=1650994172&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&is_secure=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
34.75.117.5 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.117.75.34.bc.googleusercontent.com
Software
/
Resource Hash
abfdf674cad577fe4c87603fbe44a1733baae94c6ad86e57f564f7e61b737522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
153
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-31.districtm.io/s/10007/AAADKPnY1mvHTQMP2AiiAAAAAAA&expiration=1650994172&nuid=28IcvfNx5j4H0U53dUwWQDKOFmi&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
mEhCcE8lTy5wzHIRmcMv1ZU4mbk
dmx.districtm.io/s/10026/ Frame FBCB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
83 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1974449cdd2dc562e0de1a418ad8244ae2b31ecbbf2f785f295c0050d4570b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7018cd2b299df03d-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10026/mEhCcE8lTy5wzHIRmcMv1ZU4mbk
Date
Mon, 25 Apr 2022 17:29:32 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
log
c21lg-d.media.net/ Frame 509D 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=04255f66-1c44-4c36-811c-8895ecef875c&cs=15&vsid=2939093661455357000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 25 Apr 2022 17:29:32 GMT
match
cms-xch-chicago.33across.com/ Frame 9D16 		68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=8bb3e5de-6cd1-440d-947b-41acecb036ea
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
709996.gif
id.rlcdn.com/ Frame 9D16 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame 9D16
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Io5jjBvczcweOALLNf2eDw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
rdrtk8hq31ugt2k91erg4pnmhjivhjc2

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D16
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e9b6266-da75-4600-97fa-93bd39c882d1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e9b6266-da75-4600-97fa-93bd39c882d1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x53 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=7e9b6266-da75-4600-97fa-93bd39c882d1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 25 Apr 2022 17:29:31 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D16
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=40f8252e-c4bd-11ec-aad8-9f94043e2d80
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=40f8252e-c4bd-11ec-aad8-9f94043e2d80
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=40f8252e-c4bd-11ec-aad8-9f94043e2d80
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
44f7b514-c4bd-11ec-a993-fd1079b66ac9
sd
us-u.openx.net/w/1.0/ Frame 9D16
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:31 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9D16 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=fba69a4c-e95d-4965-b2ad-d6aad56865b9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 9D16
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:32 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d31c6a39-6a30-4eab-ab6b-8f76714750dc&apid=UP4081e39b-c4bd-11ec-af7e-0ab22995595b
date
Mon, 25 Apr 2022 17:29:32 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 9D16
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=a81e96d6-7f1d-4282-a735-ce8fdf7fc56d
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFGhn27Xw8wiqWV92VMTrEs&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFGhn27Xw8wiqWV92VMTrEs&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFGhn27Xw8wiqWV92VMTrEs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D16
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
91b9e1f4-f490-489e-b393-b671521f43bb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6802119093282668307
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9D16 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=a50e95cd-aef0-cf18-3842-cceb8ed76f55
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NS7S1XA88CK0AJPM3AYA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
csi
csi.gstatic.com/ Frame 68AC 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~l2ezv19l&chm=1&c=2130312850070464&ctx=2&qqid=COfC8dfer_cCFZaIhgod_M0IMw&met.6=6.1_CgsYmSQgNioECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4004:811::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
c21lg-d.media.net/ Frame 42B6 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=04255f66-1c44-4c36-811c-8895ecef875c&cs=15&vsid=2939093661455357000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-252-25.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:32 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 25 Apr 2022 17:29:32 GMT
crum
dsum-sec.casalemedia.com/ Frame 722C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8b8fdaca-6e39-4d51-b2bf-3046f21eace9&expiration=1658770172
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 25 Apr 2022 17:29:32 GMT
users
dmx.districtm.io/s/v1/ Frame 07A0 		0
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Apr 2022 17:29:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7018cd2d2c74f03d-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.districtm.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-max-age
14400
cf-cache-status
DYNAMIC
cf-ray
7018cd2cac0f32ee-EWR
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
users
dmx.districtm.io/s/v1/ Frame FBCB 		0
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Apr 2022 17:29:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7018cd2d2c77f03d-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.districtm.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-max-age
14400
cf-cache-status
DYNAMIC
cf-ray
7018cd2cac1032ee-EWR
date
Mon, 25 Apr 2022 17:29:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame B53D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:33 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
565ee32d-c28b-4d74-870d-63f6139c16c3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9F2D 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:33 GMT
X-Proxy-Origin
149.56.153.185; 149.56.153.185; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
685ef1f6-e43c-4c3b-b3eb-4671d3383ca7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event.png
tpsc-ue1.doubleverify.com/ Frame 2B67 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=831fa8aa2293495a9af293490bfe0000&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=175&eoid=9&msrjs=2647&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=21&tetms=11&msltms=62&vltms=175&sei=290&vetms=264&engms=1&engisel=1&ttfurm=2479&cbust=1650907773294860
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:33 GMT
Vary
Origin
Access-Control-Allow-Origin
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/24/2022 17:29:33
event.png
tpsc-ue1.doubleverify.com/ Frame 85F2 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=17bd2216c2ee43b08bc0fce735dbbbe1&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=44&eoid=9&msrjs=2650&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=0&tetms=12&msltms=33&vltms=44&sei=289&vetms=167&engms=1&engisel=1&ttfurm=2243&cbust=1650907773618352
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2650.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:33 GMT
Vary
Origin
Access-Control-Allow-Origin
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/24/2022 17:29:33
event.png
tpsc-ue1.doubleverify.com/ Frame 2B67 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=831fa8aa2293495a9af293490bfe0000&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=11&ismms=64&isumms=64&isvelg=1&nvr=2&isgmmims=64&isgmv4mims=64&elmtp=1&isbxdms=2566&b0=2791&adhgt=600&adwdth=300&norwdth=300&norhgt=600&engisel=1&dvp_vsosnmr=1&lftb=2791&sftb=2791&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=62&dvp_dpr=1&cbust=1650907774293831
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:34 GMT
Vary
Origin
Access-Control-Allow-Origin
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/24/2022 17:29:34
SPug
simage4.pubmatic.com/AdServer/ Frame BB65 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 2AFD 		265 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
fcb6262944c0f1cec2f10682ab5dd66c1f87bae9aa4222f057043505c3a7c769

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:33 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
188
event.png
tpsc-ue1.doubleverify.com/ Frame 85F2 		0
319 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=17bd2216c2ee43b08bc0fce735dbbbe1&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=11&ismms=52&isumms=52&isvelg=1&nvr=2&isgmmims=52&isgmv4mims=52&elmtp=1&isbxdms=2253&b0=2516&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&lftb=2516&sftb=2516&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=50&dvp_dpr=1&cbust=1650907774617561
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2650.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:34 GMT
Vary
Origin
Access-Control-Allow-Origin
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/24/2022 17:29:34
PugMaster
image6.pubmatic.com/AdServer/ Frame 5725 		428 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49303527&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ae19ad49c4dab8d4123d277fe0393de6cb8cd4cf525f89225d3df750cb352622

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 17:29:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
428
content-type
text/html; charset=UTF-8
/
io.narrative.io/ Frame 5725
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
  • https://io.narrative.io/?io.narrative.guid.v2=469314b0-c4bd-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=469314b0-c4bd-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Server
54.173.102.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-102-163.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:35 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=469314b0-c4bd-11ec-9141-120bff9cc4e7&companyId=673&id=pubmatic_id:2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
Date
Mon, 25 Apr 2022 17:29:35 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 5725 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C&gdpr=0&gdpr_consent=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.240.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-240-143.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:35 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.104
content-type
image/gif
content-length
49
expires
0
3096
stags.bluekai.com/site/ Frame 5725 		62 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/3096?id=REPLACE_WITH_PUBMATIC_UNIQUE_USER_ID&limit=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.229 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 17:29:35 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ9Hr,pingTime:5,time:5664,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D,%7Bpiv:100,vs:i,r:,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5039,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B618~0%5D,as:%5B618~728.90%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5040~100%5D,as:%5B5040~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:99,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:35 GMT
X-Server-Name
dt45.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 4078 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=691104&asId=494e4c86-a31e-0844-2f58-ac8672b396bc&tv=%7Bc:aOQ9Hs,pingTime:5,time:5665,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D,%7Bpiv:100,vs:i,r:,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5040,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B618~0%5D,as:%5B618~728.90%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5040~100%5D,as:%5B5040~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:99,fm:t42sL0d+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b1%7C1c%7C1d1%7C1e11%7C1e12%7C1f11%7C1f12%7C1f13%7C1f14%7C1f15%7C1f16%7C1f17%7C1f18%7C1f19%7C1f1a%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j1*.691104-54013511%7C1j11%7C1k1%7C1l1%7C1m1%7C1n1,idMap:1j1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Apr 2022 17:29:35 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame 5725 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Mon, 25 Apr 2022 13:14:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame 2AFD 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=159756
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.186.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-186-98.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 25 Apr 2022 17:29:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
dc_oe=ChMIs9Cc2d6v9wIVBL-zCh0tBg12EAAYACDF3-ZQQhMI58Lx196v9wIVloiGCh38zQgz;met=1;&timestamp=1650907781365;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 68AC 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIs9Cc2d6v9wIVBL-zCh0tBg12EAAYACDF3-ZQQhMI58Lx196v9wIVloiGCh38zQgz;met=1;&timestamp=1650907781365;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIm-3w2d6v9wIV0VcNCh3UrwSqEAAYACCP0LRF;met=1;&timestamp=1650907781693;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame EA41 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm-3w2d6v9wIV0VcNCh3UrwSqEAAYACCP0LRF;met=1;&timestamp=1650907781693;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Apr 2022 17:29:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
Domain
freestar-d.openx.net
URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famazon-web-services-fixes-container-escape-in-log4shell-hotfix%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f0869d7d-5277-4ae2-b509-b4f37d1b61ef%2C709fb5de-14d3-40b9-920a-fed8b6db4f1d%2Caaefb960-f688-413e-955a-232a2478282c%2C2f2cd1ff-28e4-4456-a931-520376a840ad%2C678df99e-9b76-40a0-8fcd-c01234d84448&nocache=1650907765284&scsm=www.freestar.com%3A601&pubcid=2e74d6e9-1bdd-4b15-a29a-869482c39748&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250&divids=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_300x250_300x600_160x600_Right_3%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&aucs=%252F15184186%252C1006593%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2C%252F15184186%252C1006593%252Fbleepingcomputer_728x90_320x50_InContent_1%252Fbleepingcomputer_728x90_320x50_InContent_1%2C%252F15184186%252C1006593%252Fbleepingcomputer_300x250_300x600_160x600_Right_2%252Fbleepingcomputer_300x250_300x600_160x600_Right_2%2C%252F15184186%252C1006593%252Fbleepingcomputer_300x250_300x600_160x600_Right_3%252Fbleepingcomputer_300x250_300x600_160x600_Right_3%2C%252F15184186%252C1006593%252Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%252Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=6802119093282668307
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=vnt&i=40f8252e-c4bd-11ec-aad8-9f94043e2d80
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=7e9b6266-da75-4600-97fa-93bd39c882d1&gdpr=&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
b1sync.z
URL
https://b1sync.z%20%20%20%20emanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAog_TKLxOiWN0RxF7P7HZc&google_cver=1&google_push=AYg5qPKDcPvhYGT34hmVGrflCp7kZ5F_U2gJjH_S4mdYcqI1EYTxdLfWTk6YZYVUsRVg0oqeu4XNAsl0JvJmLQ1tehitPuYKXnTuXQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| cnxps object| freestar object| apd_options function| gtag object| dataLayer object| adsbygoogle function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf boolean| fifabAlready function| fi_fab object| __cfBeacon object| google_tag_manager undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| fsdata object| _comscore object| fsprebid object| cnx_usr_storage function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config object| fiUtils object| $customVisiblity object| $waitOn function| load_script object| googletag function| udm_ object| ns_p object| COMSCORE function| google_sa_impl object| google_rum_config object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_image_requests object| oattr boolean| __@@##MUH function| Tapad object| ats object| _google_rum_ns_ function| fsprebidChunk object| _pbjsGlobals object| mnet object| player_instance_630b0db25fdf4692a086c61154e249ac object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| esc_cfg object| _atw object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks function| cnxProxyTask object| google_llp object| regeneratorRuntime object| apstag object| closure_lm_374403 object| _qevents boolean| apstagLOADED object| dg9kdH2 function| dg9kdH3 object| xop boolean| creativeVendorLibraryLoaded function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| EE70hY2 function| EE70hY3 function| xblocker object| Tdzfqu function| TdzfqS function| xblacklist object| ID5 object| PublisherCommonId undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent undefined| google_timing_params number| infolinks_pid boolean| IL_INIT object| $iceboot object| INFOLINKS function| _typeof object| $ice object| $infolinks number| $iceId object| iqscript object| $jscomp function| getIfbip function| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key function| hb_iceChunk object| hb_ice object| $ICE_HB function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| ILVideo boolean| DFPSFMessageEnabled boolean| msgData function| cnxAddEventListener

299 Cookies

Domain/Path Name / Value
www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix Name: ntvSession
Value: {}
www.bleepingcomputer.com/news/security/amazon-web-services-fixes-container-escape-in-log4shell-hotfix Name: logglytrackingsession
Value: 742e5e9f-bd11-4e9f-b1d9-902b026e6fbf
.3lift.com/sync Name: sync
Value: CgoIoQEQhemVjoYwCgoIgQIQhemVjoYwCgoI4gEQhemVjoYwCgoI5gEQhemVjoYwCgoIhwIQhemVjoYwCgkICRCF6ZWOhjAKCQg6EIXplY6GMAoJCAsQhemVjoYwCgoIjAIQhemVjoYwCgkIXxCF6ZWOhjA=
.bleepingcomputer.com/ Name: session_id
Value: d8419cb79439cdd2e39a9780c337da04
www.bleepingcomputer.com/ Name: lav
Value: 13638
www.bleepingcomputer.com/ Name: fsbotchecked
Value: true
.youtube.com/ Name: YSC
Value: k_Vfiw-aBN8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QcmdyKii8Q8
cdn.firstimpression.io/ Name: OAID
Value: c07dec21375ac25c7b625df08bb53fa4
www.bleepingcomputer.com/ Name: __atuvc
Value: 1%7C17
www.bleepingcomputer.com/ Name: __atuvs
Value: 6266da736ccc7266000
www.bleepingcomputer.com/ Name: _fssid
Value: 50a67962-ae23-41ce-8209-6dfd6c3af8e2
.addthis.com/ Name: ouid
Value: 6266da7300011f529b7afde5a2422101348fa773660f1ef9b8e5
.addthis.com/ Name: di2
Value: aVRfv#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#34Q#1:R#19w
.addthis.com/ Name: um
Value: j.'2022042517292327600293038986'
.addthis.com/ Name: uid
Value: 6266da731b0364a3
.addthis.com/ Name: na_id
Value: 2022042517292327600293038986
.addthis.com/ Name: vc
Value: 2
.scorecardresearch.com/ Name: UID
Value: 1FEe04b3942b5ed8c7e30d31650907763
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.3926409.1650907763
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.2067551352.1650907763
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
capi.connatix.com/ Name: cnx_userId
Value: ee458dd6e82741618dfe564baf3b9b43
www.bleepingcomputer.com/ Name: cnx_userId
Value: ee458dd6e82741618dfe564baf3b9b43
.addthis.com/ Name: uvc
Value: 1%7C17
.adnxs.com/ Name: uuid2
Value: 6802119093282668307
.adsrvr.org/ Name: TDID
Value: 7aabbd52-0742-4133-a07d-fda9f86dc1fd
.casalemedia.com/ Name: CMID
Value: YmbacxfUheiJLy59JDCIJwAA
.casalemedia.com/ Name: CMPS
Value: 467
.bidr.io/ Name: bito
Value: AADyjE7EzbUAADr2VhfLPg
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMPRO
Value: 153
www.bleepingcomputer.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.bleepingcomputer.com/ Name: _lr_geo_location
Value: CA
.springserve.com/ Name: ssid
Value: b2ff45cd-5463-4da8-9938-ad150d5f8b31
.springserve.com/ Name: sst
Value: 1650907764042
.addthis.com/ Name: loc
Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
.reddit.com/ Name: csv
Value: 2
.rubiconproject.com/ Name: khaos
Value: L2EZUVRD-W-HD2J
.doubleclick.net/ Name: IDE
Value: AHWqTUlP3ZXFwz4rle6IdvfcwJ1rZkX19Wl8-71JvaTNGp0CjhgxLRg_wCxJEgVP6vc
.yahoo.com/ Name: A3
Value: d=AQABBHTaZmICEM-3bpCGKwAwjfv30FuIjewFEgEBAQEraGJwYgAAAAAA_eMAAA&S=AQAAAnc5eWDepdirwKdqGLJefE4
.openx.net/ Name: i
Value: 2e74d6e9-1bdd-4b15-a29a-869482c39748|1650907764
.deployads.com/ Name: d7s_uid
Value: rawol02y4wen
.pub.network/ Name: _fsuid
Value: 18bdb42a-74ea-488b-9ef9-da6dbca95c12
.advertising.com/ Name: APID
Value: UP4081e39b-c4bd-11ec-af7e-0ab22995595b
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.yieldmo.com/ Name: yieldmo_id
Value: g1d07c92a55447ed0d01%7C1650907765388%7C0%7C
.postrelease.com/ Name: visitor
Value: 963c0c22-7b53-4373-9413-850918f1db83
.postrelease.com/ Name: status
Value: 0
.contextweb.com/ Name: V
Value: gbIPVn2xryOu
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 51a1ef51e580da66
.gumgum.com/ Name: vst
Value: u_d527e861-4ea4-4111-8507-9173986c5357
.go.sonobi.com/ Name: __uis
Value: 5380bcf5-d295-414f-a01f-ce0e8429ee0f
.emxdgt.com/ Name: uid
Value: 57371650907765473749b6
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ee9a973d-2939-48e4-8e67-bd3823c1dcb2"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2653:u=1:x=1:i=1650907765:t=1650994165:v=2:sig=AQERV-WoBe42hV32QA0efIH6Lo8m9fvI"
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYASABKAEw9bSbkwY4AUABSAEQ9bSbkwYYAA..
.amazon-adsystem.com/ Name: ad-id
Value: A6R6JLFMH0e3qd3Vm9t-HEo
.quantserve.com/ Name: mc
Value: 6266da75-a0000-1da76-20220
www.bleepingcomputer.com/ Name: _ntv_uid
Value: 963c0c22-7b53-4373-9413-850918f1db83
.bfmio.com/ Name: __106_cid
Value: 7aabbd52-0742-4133-a07d-fda9f86dc1fd
.bfmio.com/ Name: __io_cid
Value: 7aabbd52-0742-4133-a07d-fda9f86dc1fd
.emxdgt.com/ Name: apn_id
Value: 6802119093282668307
.bleepingcomputer.com/ Name: __qca
Value: P0-658317419-1650907765636
.bidswitch.net/ Name: tuuid
Value: f367a548-43b2-4ca6-9e67-1de5d4a782b6
.bidswitch.net/ Name: c
Value: 1650907765
.bidswitch.net/ Name: tuuid_lu
Value: 1650907765
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C
.tremorhub.com/ Name: tvid
Value: a29f4abea21b4738af63eedb066d756e
.technoratimedia.com/ Name: tads_uid
Value: D990985F6F06492F8EC771FBEE66DEDA
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220425132925-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.3lift.com/ Name: tluid
Value: 2632727191946335783295
.360yield.com/ Name: tuuid
Value: d51a365d-3699-41f1-b44c-b622530268ee
.360yield.com/ Name: tuuid_lu
Value: 1650907765
.zemanta.com/ Name: zuid
Value: ZrhlXJ9Fqtvb0RMfRvp-
.outbrain.com/ Name: obuid
Value: d56f5059-1bc5-42f7-b56b-749ef8dacd92
.spotxchange.com/ Name: audience
Value: 40f827af-c4bd-11ec-80c1-143e1ea80203
.ipredictive.com/ Name: cu
Value: 40f8252e-c4bd-11ec-aad8-9f94043e2d80|1650907765951
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-98484270-4f25-4f2e-70cc-721199c32fd5.5YlW90LY2nJ1o87xs27FGHsMBocBuadP%2Bw9xSq62f3Q
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AmEhCcE8lTy5wzHIRmcMv1ZU4mbk.QoiizVr3qwQfxBY8hSop0IE6dqkQGisGmKPnL0sikj8
.mathtag.com/ Name: uuid
Value: 7e9b6266-da75-4600-97fa-93bd39c882d1
.tremorhub.com/ Name: tvssa
Value: 1650907765988
.sxp.smartclip.net/ Name: uuid
Value: c1cebdad-75da-6662-3a86-21266666d127
.simpli.fi/ Name: suid
Value: 3F695155CBEA40AA8059773D874F9164
.id5-sync.com/ Name: id5
Value: 760a155d-130a-370b-a626-f06cdca29913#1650907766041#1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4153669688251824763
.lijit.com/ Name: ljt_reader
Value: 9622508e9f7a7f72bfce4ab6
.smartadserver.com/ Name: pid
Value: 306996922530740619
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDM1MjQ0NzYz01EyRuWaoPENjdD4BkYoKmoBpTMQaA%3D%3D
.sharethrough.com/ Name: stx_user_id
Value: 59e32e91-d4fa-43e2-b46f-81986f95b9e8
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:7e9b6266-da75-4600-97fa-93bd39c882d1&KRTB&16736-uid:7e9b6266-da75-4600-97fa-93bd39c882d1&KRTB&23019-uid:7e9b6266-da75-4600-97fa-93bd39c882d1&KRTB&23208-uid:7e9b6266-da75-4600-97fa-93bd39c882d1
.pubmatic.com/ Name: PUBMDCID
Value: 2
.creativecdn.com/ Name: u
Value: j5RTQx45mQtw6eZgZkFZ
.creativecdn.com/ Name: ts
Value: 1650907766
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-7aabbd52-0742-4133-a07d-fda9f86dc1fd&KRTB&22918-7aabbd52-0742-4133-a07d-fda9f86dc1fd&KRTB&23031-7aabbd52-0742-4133-a07d-fda9f86dc1fd
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:3F695155CBEA40AA8059773D874F9164
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKMoe_6mPqCSNtjGbThZYC4&KRTB&16514-CAESEKMoe_6mPqCSNtjGbThZYC4&KRTB&23025-CAESEKMoe_6mPqCSNtjGbThZYC4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.turn.com/ Name: uid
Value: 4146191290397438279
.pippio.com/ Name: did
Value: sh5-xvOTZuQZt76Y
.pippio.com/ Name: didts
Value: 1650907766
.pippio.com/ Name: nnls
Value:
.sitescout.com/ Name: ssi
Value: 4eee6442-da4f-4f65-ba13-abad2515bfc3#1650907766279
.media.net/ Name: visitor-id
Value: 2939093661455357000V10
.media.net/ Name: data-sov
Value: 9622508e9f7a7f72bfce4ab6~~3
.smartadserver.com/ Name: csync
Value: 127:AADyjE7EzbUAADr2VhfLPg
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4146191290397438279
.outbrain.com/ Name: rtbhs
Value: j5RTQx45mQtw6eZgZkFZ
.ads.yieldmo.com/ Name: ptrt
Value: 7aabbd52-0742-4133-a07d-fda9f86dc1fd
.ads.yieldmo.com/ Name: ptrstk
Value: mEhCcE8lTy5wzHIRmcMv1ZU4mbk
.lijit.com/ Name: _ljtrtb_43
Value: aasy8Dv4M_Ny-DT2b6kp9zv4M_ByqzT0ban7vH18
.lijit.com/ Name: _ljtrtb_12
Value: 6802119093282668307
.lijit.com/ Name: _ljtrtb_80
Value: L2EZUVRD-W-HD2J
.lijit.com/ Name: _ljtrtb_3
Value: 7e9b6266-da75-4600-97fa-93bd39c882d1
.exelator.com/ Name: EE
Value: "1e6223ce07405c351a4c94ebbcf181de"
.ads.yieldmo.com/ Name: ptrpp
Value: gbIPVn2xryOu
.ads.yieldmo.com/ Name: ptrbsw
Value: f367a548-43b2-4ca6-9e67-1de5d4a782b6
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEw1czIyDg51cDcxMA02djUMNEk2dIkNSkpOc3QwjAldXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYEl%252BUWb6ImfHxUUpaQyLSopPBR8weAwAo7QqfQ%253D%253D"
.pippio.com/ Name: pxrc
Value: CPa0m5MGEgQIAhAAEgYI7OsBEAA=
.technoratimedia.com/ Name: tads_uidp_73
Value: AADyjE7EzbUAADr2VhfLPg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADyjE7EzbUAADr2VhfLPg
.linksynergy.com/ Name: rmuid
Value: 0859266d-9401-4f88-9783-795890aa92ac
.linksynergy.com/ Name: icts
Value: 2022-04-25T17:29:26Z
.bleepingcomputer.com/ Name: __gads
Value: ID=033f291fa76b168d:T=1650907763:S=ALNI_Mbgp-bOk6LxlsLTKJ8Q3toX__Z_Dg
.tapad.com/ Name: TapAd_TS
Value: 1650907766542
.tapad.com/ Name: TapAd_DID
Value: 62c5f73e-003c-4737-b163-4ba2cdd1040e
.socdm.com/ Name: SOC
Value: YmbadsCo8XsAAIX.z-UAAAAA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1dh0|4is.0.CAESEI9aABOsoENVhY0OuGQwMIg|7TZ.0.1|2N.0.AAADKJ7lyYFJ8AMND4CsAAAAAAA|3oy.0.4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341|7bq.0.1|86L.0.1|7dN.0.AADyjE7EzbUAADr2VhfLPg
.infolinks.com/ Name: cuid
Value: a3295248-d5d1-4da2-a50b-dcf7bf3c52c0
.adkernel.com/ Name: ADKUID
Value: A7722154196437862207
.go.sonobi.com/ Name: HAPLB8S
Value: s8528|Ymbac
.infolinks.com/ Name: TPLSERCOOKIE
Value: 2632727191946335783295
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 9622508e9f7a7f72bfce4ab6
.infolinks.com/ Name: IMDUSERCOOKIE
Value: d51a365d-3699-41f1-b44c-b622530268ee
www.bleepingcomputer.com/ Name: _pubcid
Value: 2e74d6e9-1bdd-4b15-a29a-869482c39748
.infolinks.com/ Name: OXUSERCOOKIE
Value: d64fcb21-a18e-436e-b983-798e1e430120
.infolinks.com/ Name: R1USERCOOKIE
Value: OPTOUT
.infolinks.com/ Name: ANUSERCOOKIE
Value: 6802119093282668307
.infolinks.com/ Name: EARNUSERCOOKIE
Value: A7722154196437862207
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-d0n6SOZE2uF4j36JO_SVFIvHZ_nkPzKL~A~UP4081e39b-c4bd-11ec-af7e-0ab22995595b
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1650907767202
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: 5380bcf5-d295-414f-a01f-ce0e8429ee0f
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjS3MDE3NzEwNTW0tDC2NDAwFuIz1E32DXL1djd2cS1xLpDiNTQzNbA0MDc3MzcyMQIAtZmd5jMAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjS3MDE3NzEwNTW0tDC2NDAwFuIz1E32DXL1djd2cS1xLgAAYrmlYSQAAAA
.infolinks.com/ Name: IXUSERCOOKIE
Value: YmbacxfUheiJLy59JDCIJwAA&153
.tynt.com/ Name: uid
Value: obbLO2Jm2ndT20sjOqhSpw==
.bnmla.com/ Name: rx_sspurl_1000361
Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3Da7f15ab5-7d7b-40ef-b515-ad45de9ccc06
.bnmla.com/ Name: rx_uuid
Value: a7f15ab5-7d7b-40ef-b515-ad45de9ccc06
.bnmla.com/ Name: rx_maxage_1000361
Value: 1652203767
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 978477405519839003
.owneriq.net/ Name: si
Value: Q7041941671499242023
.intentiq.com/ Name: intentIQ
Value: 1rdZ0F89h1
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAADKVTL6Rgv1QM6PHKcAAAAAAA&KRTB&22713-AAADKVTL6Rgv1QM6PHKcAAAAAAA&KRTB&22715-AAADKVTL6Rgv1QM6PHKcAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-OJ17dGrOencjzn1yPp9gc2rOenQjnX1wPJ_NIuXW&KRTB&19420-OJ17dGrOencjzn1yPp9gc2rOenQjnX1wPJ_NIuXW&KRTB&22979-OJ17dGrOencjzn1yPp9gc2rOenQjnX1wPJ_NIuXW
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwMTlfMCZUNDJTa043
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 2503514553#1650907767368#0#1650907767368
.infolinks.com/ Name: KADUSERCOOKIE
Value: 2B89685F-3F76-49DE-8EF6-1B6EA5E9C08C~1650915543435
.33across.com/ Name: 33x_ps
Value: u%3D2051871529581%3As1%3D1650907767458%3Ats%3D1650907767458
.infolinks.com/ Name: 33AUSERCOOKIE
Value: 2051871529581
.cpx.to/ Name: cpSess
Value: 27ac51d61f31fb1a
.cpx.to/ Name: dsp_app_nexus
Value: 6802119093282668307#1650907767524
.resetdigital.co/ Name: ckbk
Value: 000000AA229FB4C1
.lijit.com/ Name: ljtrtb
Value: eJwVjMEKAjEMBf8lZwNpWtvEo1RYRD3IquBFWqsXQRRhoSv%2Bu93jmzfMFwzDArwQG6OkloW9F0sBZmDbE26afUNYUpij80So4Z5QbS5WryJcTFOFmrvh1flw3Ec8YRd53bCbEil9qsTBbS%2B7irHn7B8vHae9rO%2Bxp5yeYeiMwO8POhckfg%3D%3D
.bleepingcomputer.com/ Name: __gpi
Value: UID=0000045d611e1c5b:T=1650907766:RT=1650907766:S=ALNI_MbLs-u2rFGOrA5SbO1M3-9ZpX5R4g
.admixer.net/ Name: am-uid
Value: 3158d42f5b874679b55b310eac5de4cb
www.bleepingcomputer.com/ Name: _lr_sampling_rate
Value: 100
.mathtag.com/ Name: mt_mop
Value: 9:1650907768
.bnmla.com/ Name: rx_sspid_1000361
Value: 19_203_213
www.bleepingcomputer.com/ Name: _lr_retry_request
Value: true
www.bleepingcomputer.com/ Name: _lr_env_src_ats
Value: false
.krxd.net/ Name: _kuid_
Value: OzMgo9J8
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e47718cbfe472701ad27c501a44cd198
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDUxNze0SE5KAzKMzA0ME1OMzJNNgbSJSXKKoaUFAxAkpd2qBNFQAABUdgrK"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBISrtVCaSgAAAaBwIc"
.teads.tv/ Name: tt_viewer
Value: 42a13dbc-ff6b-4744-9a13-60f5c322ef3c
www.bleepingcomputer.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%227aabbd52-0742-4133-a07d-fda9f86dc1fd%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-03-25T17%3A29%3A29%22%7D
.bizibly.com/ Name: _BUID
Value: 72858182d46d7e7aea3b415c1e3b81fa
.bleepingcomputer.com/ Name: panoramaId_expiry
Value: 1651512569826
.bleepingcomputer.com/ Name: _cc_id
Value: e47718cbfe472701ad27c501a44cd198
.bleepingcomputer.com/ Name: panoramaId
Value: cefd2202ea585456f8677c07efc116d539384cba64f2153a07b97be000426177
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In6olNdd!]tbPl1M>e)ZlrFUfJ+tGXxoDY<fNu8_G3r<UEpnXT:KS?Nw1Cb#pP%_V@*R3If)y3KL9D3I?+kdEAi*
.tremorhub.com/ Name: tv_UIGL
Value: CAESEKlj1ku1FprjEOazad-bCnk
www.bleepingcomputer.com/ Name: cto_bundle
Value: sIAllV9mRnZOd3BCbkUybGxwUDJHUEpyVWd2RFQ1eXVsaVFzeiUyQkpkQTNIY1hlQk95ZG96alB0MEIxNXZiUzBLV2lGckZMaEc0Mm5VTnk4RW1XJTJGJTJGTDRHRVRzOEVCOE9oTVNrWldEWEdtSTFUQjlMJTJGMVdacE9nOFRpM29yRDdzNmZBZWdU
www.bleepingcomputer.com/ Name: cto_bidid
Value: POKuYF9qbnFucGpnc04yNUdwJTJCNCUyRkFzZ3RvUHFYd3J5JTJGakJCVTlVeEx1Z3FuTHp6aGJ5TmxHTUo4dEJPOXRWSU90em1tQjdaY29JSXpHeWJMTERkWXFkWFhqNzIlMkJ3dDA3YkRTeXVxckNIOTJ1NCUyQkUlM0Q
.quantserve.com/ Name: d
Value: EKUBGgH-JYEO-TDejbEJ-SA
.mookie1.com/ Name: id
Value: 10603021636766816456
.mookie1.com/ Name: mdata
Value: 1|10603021636766816456|1650907770504
.mookie1.com/ Name: ov
Value: a21b54b16312f04edcef4f24088b30ed
.adingo.jp/ Name: ID
Value: cc1b1f9615811d83ca68898e73ac17c2
.torchad.com/ Name: ADK_EX_309
Value: 1
.torchad.com/ Name: ADKUID
Value: A7722154196437862207
.rubiconproject.com/ Name: audit
Value: 1|t8s4nysfHZE8PS59llCyyAn+338NruYFNlmF1nCeGbjWaDs14xzbSC6gMtNlHnY/sbSsaH3aF/UiZ07GJqnMno4BjqNRGrmz
.agkn.com/ Name: u
Value: C|0CEAp-Zb7KfmW-wAAAAAAAQ13AQCAAQpAAAAAAA
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22af668bdd51%22%2C%22f%22%3A1%2C%22ts%22%3A1650907772080%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1650907772080%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1650907772080%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1650907767566%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1650907772080%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1650907767566%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1650907767566%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1650907767566%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1650907767566%7D%2C%7B%22p%22%3A%225cb91279ed%22%2C%22f%22%3A1%2C%22ts%22%3A1650907772080%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1650907767566%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1650907772080%7D%5D
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ33AGOH4BXcAXyv_9nA4nQu2J7sOPTprCPXH0IezmhvW5vNUI2r2aaUSWZQC4TM1
.mookie1.com/ Name: syncdata_IOW
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1652054400%3A99_222_239_234_48_55_233_220_204_238_189_166_13_231_176_96_104_3_165_57_7_243_81_54_8_56_5_71_22_21_178_240%7C1651449600%3A15_223_38_2%7C1652140800%3A35%7C1651276800%3A216%7C1653436800%3A224%7C1651708800%3A63%7C1656028800%3A69
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 334ABC907B6464C82408AD017A4E6533
.casalemedia.com/ Name: CMST
Value: Ymbac2Jm2nwA
.linkedin.com/ Name: li_sugr
Value: e1215d9c-a771-48fc-9fa0-5b019a14a652
.rlcdn.com/ Name: rlas3
Value: KpeIut/jhOohxC6I4Xx5sGr8k51ykNFszDELaZd7Hac=
c.deployads.com/ Name: d7s_dc
Value: 44AMBEK414619129039743827974VRZNjy-Qy7wkfRE2uEwhIe7SnUR3CuCv3It6H.3AkrQzQs-~A74centp4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-43417
.mfadsrvr.com/ Name: c
Value: 1650907772
.mfadsrvr.com/ Name: tuuid_lu
Value: 1650907772
.w55c.net/ Name: wfivefivec
Value: 0WJAwHhz1NJ2wI5
.mookie1.com/ Name: syncdata_TAP
Value: 1
.media.net/ Name: data-rk
Value: 978477405519839003~~8
.media.net/ Name: data-tam
Value: setstatuscode~~35
.mfadsrvr.com/ Name: tuuid
Value: 63f747aa-00e2-48e6-a26e-a0af68ff62cf
.openx.net/ Name: univ_id
Value: 537072971|7aabbd52-0742-4133-a07d-fda9f86dc1fd|1650907772432384
.w55c.net/ Name: matchpubmatic
Value: 5
.openx.net/ Name: pd
Value: v2|1650907772|mmiKbwuYvPvMvJeSgahEgKkWg2f8kegy
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Da7f15ab5-7d7b-40ef-b515-ad45de9ccc06
.bnmla.com/ Name: rx_maxage_10738
Value: 1652203772
.media.net/ Name: data-g
Value: CAESEByW6-iNx4RRaicE2iDcrqA~~8
.media.net/ Name: data-ttd
Value: 7aabbd52-0742-4133-a07d-fda9f86dc1fd~~1
.w55c.net/ Name: matchmedianet
Value: 5
.w55c.net/ Name: matchcasale
Value: 5
.smadex.com/ Name: smxtrack
Value: 858da0a0-76d4-474e-963a-590376490cd9
.onaudience.com/ Name: cookie
Value: f159b26e90d9b252
.onaudience.com/ Name: done_redirects147
Value: 1
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.adgrx.com/ Name: ADGRX_UID
Value: 44e1885e-c4bd-11ec-bdca-6837431987b3
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:0WJAwHhz1NJ2wI5
.acuityplatform.com/ Name: auid
Value: 665481160117
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQBg4VzOimGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUAYOFczoo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAGsS5DU0MzWwNDA3NzcyNTZaJQ7nm5kbmRgBAOMRX4UgAAAA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4153669688251824763&KRTB&23263-4153669688251824763
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-40f8252e-c4bd-11ec-aad8-9f94043e2d80&KRTB&23011-40f8252e-c4bd-11ec-aad8-9f94043e2d80&KRTB&23355-40f8252e-c4bd-11ec-aad8-9f94043e2d80
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YmbafAAEoYnHnAAZ
.fiftyt.com/ Name: fifid
Value: b94c520b-1546-4caf-53ed-95ab00ee117d
.fiftyt.com/ Name: cs
Value: MTY1MDkwNzc3MnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMZgEu-rCXKfry8RmSmxU0L4T423HuBh6ma9tnGHAFJu
.taboola.com/ Name: t_gid
Value: a9527fb6-47e9-4397-be30-49f30e5bdb8b-tuct9605ffc
.mfadsrvr.com/ Name: bsw_uid
Value: f367a548-43b2-4ca6-9e67-1de5d4a782b6
.mfadsrvr.com/ Name: ssh
Value: !medianet,1650907772
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.brand-display.com/ Name: _knxq_
Value: d6e8f84f-7192-4d58-479d3afa.1650907772.0.1650907772.1650907772
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7041941671499242023&KRTB&22521-Q7041941671499242023
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-mEhCcE8lTy5wzHIRmcMv1ZU4mbk
.media.net/ Name: data-mm
Value: 7e9b6266-da75-4600-97fa-93bd39c882d1~~8
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-d0d69b25-b299-4c6c-9dae-79cee72642b7&KRTB&23340-d0d69b25-b299-4c6c-9dae-79cee72642b7
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-665481160117
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-44e1885e-c4bd-11ec-bdca-6837431987b3
.eqads.com/ Name: EQUser
Value: UID=8b8fdaca-6e39-4d51-b2bf-3046f21eace9
.agkn.com/ Name: aa
Value: opt-out
.dotomi.com/ Name: DotomiTest
Value: 39da34f7ca2508e3
.inmobi.com/ Name: idsp_c
Value: 6cb153d2-e004-48c6-b146-cf2b023e215c
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-4eee6442-da4f-4f65-ba13-abad2515bfc3-6266da76-4341
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6802119093282668307&KRTB&23339-6802119093282668307
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCNbsh9LlutM6EAUSFwoIcHVibWF0aWMSCwj8iozb5brTOhAFEhsKDHNoYXJldGhyb3VnaBILCKD0tt3lutM6EAUSFQoGY2FzYWxlEgsI5MCp5eW60zoQBRIWCgdzdng5dDUwEgsI0qfmlOa60zoQBRgBIAEoAjILCIbo98X8utM6EAU4AVoHeGtzdzlsYWAC
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23175-000000AA229FB4C1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: aad2ff5a-dc8b-42fc-ab6e-23e0b0bf07db
beacon.lynx.cognitivlabs.com/ Name: ss
Value: ZqHXebam%2BqZiute3p3xDScqn308jYIVTj9tDS03E8Sot1JnO8GQa5l3CMqHsGQ7PhBGpmxkWtyEAJnw5gjJccA%3D%3D
ads.playground.xyz/ Name: connect.sid
Value: s%3AN_8nryTRy6TelvEjPLZhWtiFx4P1WrNn.ScbwalpHzlJaBNVcDZOQQxF9pBcX6uxanAz5f4RCFEI
.semasio.net/ Name: SEUNCY
Value: DF2059C42F2D0059
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY1MDkwNzc3MjQ4NiwiMyI6MTY1MDkwNzc3MjQyNSwiNCI6MTY1MDkwNzc3MjA2NSwiMzkiOjE2NTA5MDc3NzIwNjUsIjE3IjoxNjUwOTA3NzcyNjY3LCI3IjoxNjUwOTA3NzcyNDI1LCI2MCI6MTY1MDkwNzc3MjQyNSwiNTEiOjE2NTA5MDc3NzIwNjUsIjQxIjoxNjUwOTA3NzY2MzU5fQ
.media.net/ Name: data-xu
Value: 0WJAwHhz1NJ2wI5~~8
.fiftyt.com/ Name: fppm
Value: 20220425172932
ads.avct.cloud/ Name: uuid
Value: c0a2a580-f9bc-4598-8cfa-f0f45211b393
.onaudience.com/ Name: done_redirects109
Value: 1
.adsymptotic.com/ Name: U
Value: be5235e71624be0fdc2b5fd3a8e6a8a7
.tribalfusion.com/ Name: ANON_ID
Value: aJnseFp26Ub8e4OCbB8K69w7J8saR4JnkxH9UmPShAITDHVyjsrAFMGZbdr3d2Mkq8aluB04hE61UQcZdwWxeX
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~24j5:195i~24j5:18w9~24j5:187s~24j5:18z8~24j5:192u~24j5:18xp~24j5:175w~24j5:190u~24j5:192v~24j5:18za~24j5:18ym~24j5"
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-a7f15ab5-7d7b-40ef-b515-ad45de9ccc06
.mxptint.net/ Name: mxpim
Value: R1B342_EEE4CE38_4BAE5C4D.1.00000000000000006266DA7C
.criteo.com/ Name: uid
Value: 6bd221a2-7bef-4af3-a3e8-2e164b4d8d34
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B342_EEE4CE38_4BAE5C4D&KRTB&23092-R1B342_EEE4CE38_4BAE5C4D
.rlcdn.com/ Name: pxrc
Value: CPa0m5MGEgUI6EcQABIGCLrqARAGEgYIuOsBEAYSBgjp3SoQBA==
.media.net/ Name: data-co
Value: AAADKVTL6RgxQQNOqI1qAAAAAAA~~8
.media.net/ Name: data-ze
Value: ZrhlXJ9Fqtvb0RMfRvp-~~8
.media.net/ Name: data-mf
Value: 63f747aa-00e2-48e6-a26e-a0af68ff62cf~~1
.media.net/ Name: data-bs
Value: f367a548-43b2-4ca6-9e67-1de5d4a782b6~~1
.media.net/ Name: data-c-ts
Value: 1650907772
.media.net/ Name: data-c
Value: 8f8c55da-e4cc-4dd9-8169-ba51bd19ddfd~~1
.c.appier.net/ Name: _auid
Value: p9ElZ9tzCbSsD3XbfNpmYg
.casalemedia.com/ Name: CMRUM3
Value: 986266da77276027b6829a-ef84-40d1-9931-2a14adc348f5&2f6266da7c27600WJAwHhz1NJ2wI5&e66266da772760&1f6266da772760Q7041941671499242023&276266da7727607aabbd52-0742-4133-a07d-fda9f86dc1fd&bf6266da7c0001d6e8f84f-7192-4d58-479d3afa&336266da7c2760f367a548-43b2-4ca6-9e67-1de5d4a782b6&2d6266da7a2760CAESEB_b4v5Tw4ycDixG_7W-G4U&286266da7c27608b8fdaca-6e39-4d51-b2bf-3046f21eace9&036266da7c27607e9b6266-da75-4600-97fa-93bd39c882d1&496266da7705a0&f16266da7c05a0&ce6266da7705a0&2e6266da7c05a0&826266da7ca8c0&046266da7c05a0
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-p9ElZ9tzCbSsD3XbfNpmYg&KRTB&23130-p9ElZ9tzCbSsD3XbfNpmYg
.pubmatic.com/ Name: PugT
Value: 1650907773
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2FvQWJJR0d6STRTV04yWms1NE5XbzBTREJWTlROa1ZYZFhVVVJMVDBadGFib0dJQWlYVGhJYlFVRkJSRXRRYmxreGJYWklWRkZOVURKQmFXbEJRVUZCUVVGQnVnWWJDS2xPRWhaQlFVUjVha1UzUlhwaVZVRkJSSEl5Vm1obVRGQm51Z1lnQ0twT0VodHRSV2hEWTBVNGJGUjVOWGQ2U0VsU2JXTk5kakZhVlRSdFltdTZCZ01Jcms2NkJnTUlzRTY2QmhjSXlFNFNFamszT0RRM056UXdOVFV4T1Rnek9UQXdNdz09IiwiaWF0IjoxNjUwOTA3NzczfQ.ZcY6IFU5SRFGnEo2s_n6-RLZCGDupwZxfYPsyKTruNFQgZA9cbohRo3WpXRalIeuLDCZr8jgoRoiE7lPpNo7IQ
.adsby.bidtheatre.com/ Name: __kuid
Value: 21a782a5-b5cc-43a9-a869-36c4546cfb9d.420121774
.pubmatic.com/ Name: SPugT
Value: 1650907774
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: pi
Value: 156696:4
.pubmatic.com/ Name: DPSync3
Value: 1652054400%3A246_219_226_201_236_245_221_228_197%7C1651449600%3A164%7C1650931200%3A174
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1650929375268
io.narrative.io/ Name: io.narrative.guid.v2
Value: 469314b0-c4bd-11ec-9141-120bff9cc4e7

28 Console Messages

Source Level URL
Text
network error URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=RevNewExchange
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://usersync.gumgum.com/usersync?b=apn&i=6802119093282668307
Message:
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED
network error URL: https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://match.prod.bidr.io/cookie-sync/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://usersync.gumgum.com/usersync?b=vnt&i=40f8252e-c4bd-11ec-aad8-9f94043e2d80
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://ads.adaptv.advertising.com/a/h/VYmJZLEntSYpZcNpBsosMleWs6UAHVaBK84LVAMRQ0g=?cb=1650907764042&gdpr=&gdpr_consent=&us_privacy=&pet=preroll&pageUrl=bleepingcomputer.com%2F&scpid=[scpid]&hp=[hp]&eov=eov&pi.width=640&pi.height=480
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=6802119093282668307&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://b1sync.z%20%20%20%20emanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAog_TKLxOiWN0RxF7P7HZc&google_cver=1&google_push=AYg5qPKDcPvhYGT34hmVGrflCp7kZ5F_U2gJjH_S4mdYcqI1EYTxdLfWTk6YZYVUsRVg0oqeu4XNAsl0JvJmLQ1tehitPuYKXnTuXQ
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTc3MjIxNTQxOTY0Mzc4NjIyMDc&google_push=AYg5qPKr_4lLRngDXiuWDosGh04zY5MEK6xmmCfdQJuKC6wC21n2IxvbzxXhbZ_JqL6rbxHPJpEE6f0GrUZ9lkrkH53MWyv0YSfI
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPLBkUAXpv7r30PMZpjg8xW9kcjU0jbz8BiDGV8hSN-GQU_DfcbfJfZt7T4wegQTEgDNKuS7AVIXxmTaEoqkeo3d8iS71tM&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLeE-yvKA3zxZzCLPGTmS4k4Y695Cg5XnpYorTv92-77wg_fX-HDhmz5khcRKchC7P5-Ki_MJosMPSQozhwZiV_Z-ND9Ac0&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKF8D0buW_RM94AhPwukpUB2WHIeiBJ8Jv48pimSXP6Tt3ifrWt2zwHlHP9i_o2KMuOjW8iTB21mnC-r3_k2msy8CFuZqRI&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPIqva9TvU_dQ8DOI8l6Wkxw60juurfs3b5-kSXA91aquJs2rDmpaJO1GZkvrf3pEFSOe1sJAthYkGER3X66xDCoMVoysjep&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_cver=1&google_push=AYg5qPJ8jfCpKPSS-KVM8VLXFv7v8waAM2dDwkBKzN8XBshXF5CcAM94YqLQxSFCVSV8t-GDdiZhOuYoWn7rJTYxwr2QXFn7LPD1&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_push=AYg5qPKeHRXrBjLgXjoqa7Cl7P-TSZyid59U4Ztp1YeqEJgPsqohjI5Q4zFkH5n4N7s1GhfvLmirGWAJHQbnsSLSmUzbApLVzFQ&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJjc_1xu67IDRazpQki9lRhTLEGfBPJ-WINvDd1Z84UKBbGDoZPTeNTwzFGDYzxg_wiyJ6zJt7zrg0sFw30hPJqZrh_X3bx&google_hm=cc1b1f9615811d83ca68898e73ac17c2
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmbacxfUheiJLy59JDCIJwAAAJkAAAIB&google_gid=CAESENsRdYcb_EXTN0OzP-psTJg&google_cver=1&google_push=AYg5qPKQHq2NlCRgAXRdkA9yl23ZEz73VLzWUOeLb26Bpw2XP-9BrAlOCTdrBE27AqdYOUBqTPd-VAf1xDAmgNw9bsZc6Zz06Yvt8Q
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3160005b8a1bce3eae619e530b8a24d1.safeframe.googlesyndication.com
33across-match.dotomi.com
a.pub.network
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
ap.lijit.com
api-public.addthis.com
api.btloader.com
api.floors.dev
api.intentiq.com
api.rlcdn.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.z
b1sync.zemanta.com
bc-ssb-cle.springserve.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
beacon.walmart.com
bh.contextweb.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.deployads.com
c.pub.network
c1.adform.net
c21lg-d.media.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.bizibly.com
cdn.districtm.io
cdn.doubleverify.com
cdn.firstimpression.io
cdn.id5-sync.com
cdnjs.cloudflare.com
cds.connatix.com
ce.lijit.com
check.analytics.rlcdn.com
ck.connatix.com
cks.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms-xch-chicago.33across.com
cms-xch.33across.com
cms.quantserve.com
code.createjs.com
contextual.media.net
core.iprom.net
creativecdn.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.agkn.com
d.pub.network
de.tynt.com
dis.criteo.com
districtm-match.dotomi.com
dmp.brand-display.com
dmx.districtm.io
dmx.us-east-31.districtm.io
dmx.us-east-34.districtm.io
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
fw.adsafeprotected.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
inv-nets.admixer.net
io.narrative.io
jadserve.postrelease.com
jnn-pa.googleapis.com
js-sec.indexww.com
loadm.exelator.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
medianet-match.dotomi.com
mug.criteo.com
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pbs.publishers.tremorhub.com
pghub.io
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
resources.infolinks.com
router.infolinks.com
rt3013.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-nyc.doubleverify.com
rules.quantcount.com
s-jsonp.moatads.com
s.ad.smaato.net
s.amazon-adsystem.com
s.cpx.to
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.doubleclick.net
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.springserve.com
sync.srv.stackadapt.com
sync.sxp.smartclip.net
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
tag.escalated.io
tagan.adlightning.com
tags.bluekai.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v1.addthisedge.com
vid-io-cle.springserve.com
vid.connatix.com
vid.springserve.com
visitor.fiftyt.com
vpaid.springserve.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.reddit.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
b1sync.z
cm.g.doubleclick.net
freestar-d.openx.net
googlecm.hit.gemius.pl
s7.addthis.com
sync-tm.everesttech.net
sync.inmobi.com
usersync.gumgum.com
104.102.252.25
104.16.68.69
104.18.102.194
104.20.60.209
104.244.36.20
104.26.12.6
104.36.115.109
104.36.115.113
104.36.115.114
104.36.115.98
104.45.178.220
104.77.220.229
107.178.246.49
107.178.254.65
124.146.215.51
13.225.213.20
13.225.64.68
13.226.31.10
13.33.46.26
13.33.46.33
13.33.46.73
130.211.23.194
132.226.41.106
139.162.78.222
142.250.176.194
142.250.81.226
142.251.32.98
142.251.40.194
142.251.40.226
142.251.40.230
143.204.137.197
143.204.146.57
151.101.1.108
151.101.1.140
151.101.129.44
151.101.2.137
151.101.66.137
151.101.66.49
152.199.2.76
157.90.212.181
159.65.196.12
162.248.18.11
169.197.150.7
169.60.66.35
172.66.41.9
172.66.42.247
173.231.178.85
174.137.133.49
18.214.209.43
18.220.186.98
18.233.240.143
185.167.164.39
185.184.8.90
192.132.33.46
192.35.249.120
195.5.165.20
198.148.27.140
199.127.204.142
199.187.193.185
199.187.193.202
199.38.167.129
20.85.9.11
2001:4998:1c:800::1001
204.154.110.76
204.2.255.233
204.237.133.247
204.62.13.72
209.54.177.54
216.152.140.200
216.200.232.253
23.10.82.211
23.208.216.126
23.50.79.213
23.52.161.180
23.52.162.163
23.52.162.190
23.52.162.21
23.52.163.40
23.78.168.242
23.78.200.97
23.78.210.18
23.88.75.186
23.92.190.74
2600:141b:7000:6ab::4469
2600:141b:9000::684a:4118
2600:1f18:4e9:5a05:f817:c851:d4d0:49b5
2600:1f18:612b:4232:40ff:2de3:a398:119a
2600:9000:2105:ec00:8:48e:53c0:93a1
2600:9000:2140:2000:6:44e3:f8c0:93a1
2600:9000:2140:3400:19:fc2c:a140:93a1
2600:9000:2199:e400:15:6f6c:b180:93a1
2600:9000:21ea:800:1b:5138:8a40:93a1
2602:803:c002:200::52
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::ac43:443c
2606:4700:20::ac43:4acf
2606:4700:4400::ac40:98f5
2606:4700:440e::6812:2fe6
2606:4700::6811:190e
2606:ae80:1471:15::410
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2016
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:824::2002
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f716:921a:893c:c3d8
2620:1ec:21::14
2620:1ec:c11::200
2800:3f0:4004:811::2003
2a04:4e42:200::300
3.135.250.134
3.141.89.91
3.19.8.185
3.214.88.14
3.230.217.116
3.92.156.8
34.102.253.54
34.107.148.139
34.111.151.213
34.117.228.201
34.117.239.71
34.120.155.137
34.149.20.76
34.195.153.99
34.195.17.74
34.196.247.148
34.202.188.87
34.204.147.250
34.208.143.18
34.227.196.244
34.229.3.43
34.230.171.57
34.235.17.126
34.239.90.167
34.73.194.24
34.75.117.5
34.98.67.3
35.170.124.134
35.174.49.97
35.186.194.101
35.186.253.211
35.190.60.146
35.190.90.30
35.201.71.192
35.201.96.126
35.207.24.140
35.211.165.199
35.211.178.172
35.227.238.208
35.241.45.217
35.244.159.8
35.71.131.137
38.27.122.101
44.196.51.251
44.197.56.222
44.198.251.190
45.35.192.162
46.105.202.126
47.252.78.131
50.57.31.206
51.222.239.230
51.222.80.231
52.0.174.205
52.1.175.157
52.1.219.85
52.223.22.214
52.30.111.237
52.45.55.227
52.71.37.99
52.85.61.100
52.85.61.5
52.91.254.52
52.95.115.196
54.145.48.80
54.152.116.38
54.152.83.91
54.173.102.163
54.175.87.114
54.225.138.85
54.230.102.43
54.230.102.54
54.234.215.67
54.235.190.65
54.236.94.205
54.36.109.186
63.251.86.50
64.202.112.31
67.202.105.22
67.202.105.32
68.67.160.117
68.67.181.207
69.166.1.10
69.90.254.78
70.42.32.63
74.119.119.139
74.119.119.150
8.28.7.84
8.43.72.98
00e0dfd3442318307a64696f55f9d8404f670522d46c2943e5f0f893bf3692d8
01faf25a7b6e4d0124bd386dc3a1965022d146d408f270d891551391541e7b93
029dd963e7a50049720a3145f756c61fd860648447101977c9145d7ebe5fd9d1
03351b4850ae1aa4b74520da56b46e0d95d15135b74cfdf3bf43eae206ab82d5
047a097643ca9c369d217ef0d73fc841ba403173f3bb6ce91b40dcb78a5f480c
048fa91c330ac00a3580897d8774f49d42c1c3b03232b03386b92cde1065378a
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0631a727949497b3ad7a641b0e86693facbbfaed4cfef8ce017e779a7fb696b4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d26806f601d17472ce3fdc3db3dd3f0cd0fb946f0ced4507b1bbaed5b2d2c6
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
095e9c8ccd5f0d3e01056097d0dba6ed3860ede26cda210079d9321b287ea18a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b03c4e89b248daeb0c2ed482fb6c31e6c2863e9dc0eb650b65a38b7367e9513
0b1e8715cc524b1b8ae7e90fcc4fa9e68c257a9e6d60fb501d7125408a3d8064
0b37f3d8aa5e1f298bf71477c945f576745020ce44f048ec67e19a93cd285372
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d23a033adadf4aee3d9ae65d0057ec452e3ea117ac5a38cf59fdc6cda3f5d9a
0db94e2ca1a13b6c69d8b540d0729dd83e3247dba1f9413c3f761ba0258ed96c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
10fe74aba1e8e28a02e2237adb9fa2dd2fe26d969284d269de0c79a49bc4c5c8
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12bb078a26fa0aec2669317185ee70af87a94669d16e552cc910e2632b7d729f
13cf2541ca0bb159160b7368e3dcfa3efae6868f85eeb311859484f1d8ff1dac
167a9f1f53485f47bf94204ef9e24a585ae47b9237b5a8a943ef9c2cbb0a27e3
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1710d464b48f69445575b1673de0e936ea93501348df7ce54ebebfc7298b409b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f25152e6157a80c22560120612d9f9c18790e176d7165194cf5ee62a7773d2
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19ccb209bb4a5900d07e56f1e992cb8b2688a40139ae5c3cfde158ccf4c206a6
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
1adf5abdbc3c2fc6b66a65fde3435fb2af0d459b27a5261953f20b70075cf944
1b0e4eb471137744496db869c870e0bcbf1a363a403494e7bc8c02cea951d253
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8
1be9525d54584ad7d18e97fe4837c469458410c1d9c1595292f1ec295ac42100
1c322b0ef334c0f3578efa2fa35430b531599ec420cc24e0d4cae7a2af567ec4
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2197249e084415d9a1345665d1a663a942c9cb5147eb151e6b5975bce3f4875a
22470cc61ec7eaa9220f1aee09c0dc08d1864fba232e996f8e573460835c2e6f
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
2417421beb6c3ccfcd47d04e2d96429eeb99b12c729989d7cf05c27baeea3b69
24ad9c413214d19752572f377203eb059a816c4864a6e7e90a6558fe3933242b
2510638320e6c3c719e54940946878fa379c78ebbc2fc81c1d291ecb8d3db280
253ee27891398bcd4a59ed884cb7045811561a4e1569efc6154bf99918a7c401
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38
284242a4f9b15f5fc932a6a3d09a3f262ad90323768848482ce44bfa9643f4fd
28b2478bf10c0c701bffaad9fed82d7ea96231fc7e955038830f0d0138566d77
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29048481ec02f818e13acfb118a6cab64893e4efddc3a681afbbaf7078fdcecb
2a3c6e99591820af61cc1982b87d337448abdab0b6cdb9a631fb7591e0ecae4a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2db69477e09d2a6c453ad9a2c46b8f8e02d9b5abc596bc67f4f17892ea1de3e8
2e026ec057f2e046c1379531120241ca1a9d65330247416e40b352cc813430ac
2ea302cc6f201574bdcc8ff6181d75fc9a6cfff25d4689d91d65f6b6e3b21e5b
2eb1483bde4617aa5f7e54730965c731203ec585576b2b56ee857f305d3de2e4
2eed4ed555f8199c696b4001a8427804d89b6c47e699d02df9c40c0e9937b525
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30adcceef958c38a02a02125fb5794f73e88cd388a62ac554c5d406cab2dd431
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
3100e246781d3a8d752e7816c91dc2a722a5f3b92fad36ea7815fb4d6e96422e
3126e2043f141e9eec91532cc1738eefedb560ef1ec5af233492979a4f74356d
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
333d69b35e15ad7da88f3c7064ad829d1553fcf46c64f913b8c47487db84ecba
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3599c50dcd34df00b5f369a16543e9e48c8cb271bb19ec6ddb3a3c2486bcc14d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c9c569b00d6b113860d3c416fe5203ae70377dd9914ae31279fa1de08d16e5
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
389185a12a66d2db58191308927525e099c9d7067833888064ac5e3123d9b52d
39513cc2f28c7740864fea656eff2f10f2e3184fce2341c1e08abfbaf0a6e77e
3973ab8afde6b69e3fa7e9e264f517ded9707a4ad1f22056ca1a3f02af81dae6
39a8609002305d7127558b52c7b84b45276a3432b50edd08b89316e7fcfe4a76
3a0991b50c58dc258fe623489baca181bdf2fc58ee2a0c889ebbc8843ff522ea
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d
3c3b7c9c6e75f7892e7e848dcb05d0a24f6895ea8584fe58d2626a51c8e0f964
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd10b4462486d7da1b2f3f09c160071329c1f47b9d7fc22b749ba1f1a31d692
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f428ebe6a721f39f9c0377b8045edea6f072fdccc2128391870419168558630
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40af323bd1cd60a8e1ff0e8bd9463a849f4b95ba0787b091d682068d1a744c33
40fd0d3eb16813d64ca762e80d746f887f3d923248e1d8f53dc2c0d1b0cb7a70
41c3c82e012376bbc03f4fbb4e5236fc568c543c7133263fcabebf8da3a30efa
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
434698ea8b3e7b3d7af701ce1075968ef901f59302c2d1124969aca2241c336d
4412423df08d9e421663ad6d00e47fc3192e7184d9c27fd544214981d0db7df9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44674220f9a441782b4aa099335d4ac7c682019e145108b676a34c2f112c38bd
46276a23d2b32f72628baac7a401b919f0896237a699e4176cdc02a8af4bbd09
462a75f10f0a5fd7ed8d6020195721c0dfc2859c32734c3bd9ec9ecc09ed44e2
47f19bfbc085d181c1842e3186792f81749c95844b801143e9df84d00ee7f22c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4901b094a91ea6d5aba73774bb9803fdca22599cfca597ef81249225b5ed01b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49802c3b156f9325fe8818a411d26d8c65af00f52b8070c34bdf7db4c670181d
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49d1c8e6a88421c8f0838de8662543baffe0b859e80bfc8035ae5471e14f91bc
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d312294a06982e0377c120ec4264047c63fcb56b327468835938bcc8f144ece
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dc9bfb7a91877dfa5cfe9bee4897b7b88ded76f2e3f255d0ace008b14d88d3c
4e04f2f9ba5dddde3c0b488168ace17767e7029dabb391989db718c65380a71e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb9f90cfe5c302457ac43a5919584df51b9b6bbddfd2a968a4473b7ef6bdd0d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505fda74065e25ae3fdc0807820fd861383338cf47c24bd1bf27994c2fa4b853
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c9e3755e85285bc0d81df0c04bdd0d83cd39419d8d496dc9454722b7f70894
58dc1988dc8c797f981d80cf596d4082b07f66de99a051f4d70975143c3ad66f
5aef37c7abe75530fac92a34f337cd7f558956e9800f5b0e05094fb83e963be6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7639c3f54682a6104f445666f108b3825bff5e338727a9732b02eefa2d60a9
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f3516cece6b9d560c6ae8743de31eee8365a976e864d22cb6016e88669fb613
5f765edf6f521fb806e06ebd1cf7d1d038a27e82b000c89a13a3fa11f5eeb235
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6261e67d9fb22a0c074fe3b1f92197c7fbbad46584e71db9883a2d7a3016eef9
6293bbb6716359caf35821207d352e3b360635ad769789364a00b9a548571892
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
637844c5e197cb22325c055bc6dccbf08706c6e51519fa744fe5f5912c00dceb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
642d23e21b0ad266ebcd9a4b593bb0b182b4485d1c0dcfd32a7bc3165e75c694
6432a7f40a3a2ebc202ebe81869f86b2830fe77b382a96737235d71fc1363912
649fc78f0d874b4e2e7cde4d0ee7255fe6c6a8ed2e909566752e4ac82d7abd03
66c80e4a1dab8a7bb0e74e9dcfcfcd2e1d8845b1118182107ad593c6b26e2600
66d7a3391b2504c065d23ec68e92633b37d399423b183ea9d7e68a40b4d39f5b
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68662d4522085bfc46db7b3063bdb4ef59b8a9bf4acdbc9d279c4024c3a297f9
68903a24bc807c4491573b87d97cfb3caf2565ab3fc00230764056dd33d1acb6
69933e17998a945d516cbefad1fef4aa0f58387669dd3c44c5f734ddc9841452
6a1ea606fa44a20f5613ecaf7f258483c6905dc8511d1a855474560136c389c5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c66174bdd188ea0a6cdc03fb938ed608c8502b8de891ae7d6193d2af0c338b2
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a
704ab6b2b015b3d75b71f41b9ae452a2d102c5733ae68e629b1ae21e30778adc
709532cb1ade3ef49dd15c524486af68d1eec94746048e93bdd96f2b94dc7c35
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
731e952d643cd71b3699e9d9b45320f20318c9a8439c059aa296e45b79d5380f
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
76cb1e71e0c10f007a1c5746441477c4f25371db40e01628b59f746698d38618
76fed158f82e08bf6a918cd487bbe37f9918a9744aa8c7dc42f16c4f337b8120
7709d607b439e5d7e4c97566c93da45eff008623faae6218a032e2ddc166263f
77da89056b67553020d8e72ed16cd65dfa152652714a1777e0db40f1c887ed89
78da514c9f16a47d8e2374012619445409c56fd4da464e9cbd7b581cbf809b08
793234918b850e0a8af09eee29efebe88123a08fd1567d47a764efdc4f4a6ddf
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bde5628d99b71a5372bdfc10c247bd4271e8a90bec43ea1c198b590ed2d889a
7bfa11a67bb5f7a2c10cfb57c3bf709b476210ff5a8d8aa81c39e1c0a12cf68a
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7c518df5b590ed1146546a65bd1f5fca63baac3b3f66d1b3a6cf95feaace4c8f
7d406befe770b52900f737754c24218637a738e98970d10f28faa4a2fcf4b7bd
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e9c50e789e5f710a23b459e30376d94aed570c731ac03635a6ab46e987cd99c
7ee1ac7bc4654745d1d0467174ffbb5730230bccaa8c70e7b72e03b69fde300d
81ff26da747e8c6b833f7ae3549dd378044fbbd05a72b4def3d5115f92a0c79d
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
874cc1315f35963fb2488576f0c83489e22edfe22f6ce355e7e87e65063bbf7c
8780fff8a66122d3e377033787e9a4e4fba9c25c18ad466a4f8bc6672196d8aa
87a6fc3aa7aa2711852dca36e16602427e08eacb5ad36b5246b7296dd0307daf
88ecb1865e99ee036b2333c744e0ee18f182b3fc70df2dc80ea85789e15f0bf2
8994b3523abac2d9ac6725557d280d8cd613fa384f5a679d2ea45e97b41c69f9
8a4356fe19981f33f33da8c78acf6dd81d82a95c7ef4030859654f391cff8746
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8e1f17c906b321dcdf4a10dbb4bf4287bd48e6956bc8d56749c837597671ead3
8eddbde97dfb4bca61db527be1a9c43480e1fa1798272104e4362f0aeeec4487
8fb7d8fc4e811c815faec2d6b5a702de941118005a1b5adce657483021b31f64
8fefbfe3af770b9da29088faf80f1cb4e2db7983937475c50b93f598a51bec14
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
93ecda2ea4335893d4fb3b45ca01ba75b4e7e239efdf145afab6114155a36cee
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
956035a88a8424f2d36b292231cd4cd7ed705d412b47a7aa929f7b537196c1cb
95b91f9d7966da014f691b2461df67d9ca4a134c665661b57c9bdecc52ed7e08
95c624b0613b1545dd2f6d7abd2667f19056f04704514a5a1b154a911894191a
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
966f2d91f30369d087b2a7149623cf40a173d02985dac8d613619016e6ab81b4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7e343770663ee8d26705311db11a52d8bd5d2bfa8bda100a50c8b594eb0c9c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6b3612f6ea743469b6432f038309068cea9b3a6dd45c922fa2c357e07b31a7
9be0e66a8aad7fc8e5583a98a3823b31a5b7ffa0b3109d551bb95cb8ffb9ec99
9c0adf732a1f4ed03a2c996bc775b6fafe3335cdc264d12b48a6704dd5e03ee6
9c963a33a9c2cb053945df36c0368e88ae3f52d0c6770399428504f4f8a48e40
9ca94a2afebb32a950e15588bdf2327884551736eaf2726499772190b08d4f5f
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
9ef0a332f58203b516c798bfc9171ee225b682827658266c785edf763ddd923a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0642f2d3480718da1bd887fc38069674f03434e804f2d0a5e58f9470c3a3c8f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2d4b2ea6539aa8afbca8aa3c0d4fe7cc93cff51438eb1528ccfad408d18c631
a3cef617a157185292b9a5a8b67b6686cef4a31c235c43ae00ab9b19d3a5610e
a3d73279ac7db4f6b339004bdb375cdf8683bafa955c4fa0fbff0258e9503c1c
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a48e95820e6f2d2f595ada168f6bbdfd50bc78c1f10ab46d8a6eb723ed608502
a4a0c6c4e8faa03659f0d9e387a6b4011dc669d85465a6080b045f2737e5340e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab3a2d19cd2bb396e69bd66e061bda8cf1c32b50e9239d58d49b7e3c4011c6d7
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abfdf674cad577fe4c87603fbe44a1733baae94c6ad86e57f564f7e61b737522
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae19ad49c4dab8d4123d277fe0393de6cb8cd4cf525f89225d3df750cb352622
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
af6f2c85ecc99d72bcc3598161f057c701338bfe66584d9d588dfe3ea6fafd92
af9c110d8d552290d05dc661a11ec4e470777a5477ee87461487bd6fd3c0b5d0
afc3d327a930eb2e44cb4563707eda89fab223479810257e72025ccf61d8e128
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b13234e276424e9d0b065be3f62cb1c263f6c8c2be043ca2e05f06fcea5f98f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17655f2ac3f2629a0bf346ebff0d7e9a4959289f1f09620e64c1eaa0a46269b
b27b072e7a371ef30b64b6085ed49735791e659f9cbec672552b3eaef76e0daa
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b38b2f82b175b66798be9c4d8b036b22d50bd7461eb2fe8f9c22ff2fb9b68fa5
b4651cb063e6f8d82bbcdd2714b6f9a0c20468473a17a9363c718715054970d0
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b657c21103cc9ad1ef4e90150c5d9814538331cebd0b8d0dfb048bedb11e2621
b915e1b0c7b0594da9b4566945aedcf69f7cee2998d4623fb410320eff0e5616
b930e8c279a618118458cfbdc2d4f6e728eca2ea7e8e5dd37e7832094077631b
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
baa7346a51ac22b01b0f63ef8be8a7b0946a67fbe68ccf2c8a783a769bad8870
baf5d841ba74ddf99bea783d669b3d4e688b9bc273d78304605c2243a7ffb552
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc45cf63819ce01f17a53e7c070e874b3f288bcad2405da097de2c24c236927d
bcc02275a0140d6780d60f3378acc1ec2b76ea528aaa30e271e6785e16a1385b
bd0e97247dd5ea660af2dd36179d36d63bf90f37ce572eb9853ca7d38a31df1e
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf89d6b316de2e07cb07e429da8a8ab29f139dcb8cd3bd2932cfc12737c7f31e
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c336e70e95b15337d773638cc60a27d504c236862f21039f5bbd0ceebcde3e4d
c61ca2b0bd76424a3689e4ce2339fef8d23ea6cb40d89c2ec8f9f64f3e00d70b
c69cc363e146d13633145ec5961b8a93cdac15e0389cf2cf23e3205a25aefedf
c7fdafd753353d1bdab95edb3f3c94a6d3eb77154b7fe3dfdfd8d45118025460
c82e579199a3cf83a19ed1fa837aa32a96177456557b59f6712d1e94cb3c6a3a
c8fb613e744b0671bcbc5e2e90ef912e8d16156a8c3a7238d0aca385ee974815
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cac2022372ed240d0dcb5f744e3bc8b714ac3855e9e994ccf3ba46c364385452
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd027aba8c453088421fd5281858d38cebc0b55ecd56c847bacaf7bde2528c25
ce47f9de5f6621e3d17532dbfdd97ff9eb11c0cdaf03c195467880e834dfda1e
ceda6c21387b743c14a0a4cab2fd98bc1d0dcc0e2e59d5b537e620b00e5179c7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d088a635450850ba18ea7bf9532bdf4995ee77932330b980a5eeda53a0e6263e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2084062fff698fe4865f688cafdd7898038b0293b89ac6a5506ee3310652922
d318e49d152df9586ed6c78b8c6fbc6b49b438bd9c34fb1b8a15b95d4a608e74
d43ff03ab80f81f266774cedd1c8e839aa6fe9340e66b43e7a02510726cf3a1c
d4eda19b2b9b196cf08423854eb70ab85d2c098b4af80cf8e2c4287c505f91b1
d52682f3e4c11623e5a096a24adde817b7eea913d8d8f8c4df0416d33671192b
d596fe893e8f28aef689b557a4c420792f126e10f6bf9175f90e5c241f65dc59
d64e0788307cdaedb90579842aa62130a826ec92f2cc2e29ab163d2f094fe6c6
d67f2f0944bd8b74e4733f49da6111b3aff1250b368d707950f479474fd37e0c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d965d9a4916b618f2c896f8cde9184b351a39abc94e32284fa1c259b49bee47b
daffdd6f62e491d3b2ab8012fb6c886e904863487f503e76a4fc6281594d533b
dbf7574ff7c42f83ecf93b5c96e025d075677bb836b2ab68d8a70a170f5cdb53
dd3a6c709519b5402234baf7a7cac6fd52b3855ac4708993a067ebf17b8fa80b
dddc682f67ac8b7ae452e205772176b097944bc9fa3b5350fee2546c0c96767f
de08c16f85c5a0c60dc46ad7db95ddccae6b277c33bfe9b0866edd5ac642d294
de6095c1e70c0973c16617652129af895ef22f722ce54b2a0c96e66ca6dcdabe
e01b5f9cbb1a16294ed7231753c183684a2c026eae9cbe2b9075e34e21dedcdd
e0e83202a9ee204ef43f827c6577a14f183f0fb12e3b96ca6edb852d5c6d9a96
e125a13cc1d940de0843836339bdd15458318e50d978c6373b3973963edb763d
e1974449cdd2dc562e0de1a418ad8244ae2b31ecbbf2f785f295c0050d4570b7
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2a2f47ce38a4bc850f961e0a889b5e953f4d956bd6f8bb21a103b0a23283bf9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4547e63b34e6b2abe4d8f884907f436be6d8b404c6e5e49418d7893da623c88
e4a783177bbd97d5981bdc4b33b9bf4692fb715864e15dd9a693f339e7d01867
e53d6119a4bd801c50d6e4a9847b051ebac8d49c77e9806efc252934d1d19cd7
e57f15b3c0818f917a71d335a192553d300b0920e10838624e4a9511ecc31ff5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59ffbe30c390e093a32b9c979d22de80084f5f06746cdd26e2af10fde6fd6f4
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e8c56f4a07013a144a6ecc5c7ccfedbf5f31684f6a04a1e0432bf403dcb4b8f0
e95a438c1e3b5a3308484a56d2cfc9886ee990d37767296e7b6c1c236eb3437b
ea04cb390bf3e0d9be17947dd8f2bdf25bb11fbc13d6a494c8e725e882674868
ea3dca34d8ca8cf75a445df4b7baeced097c0f3fcded922a70d7802d92de02b1
ea42e7b54ce96ed36e3c07f98823f37cac6ec220abf4dc503b0146bedc343f85
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f0c085b72dacb34ac8292b08fdbf0a692009320dcf4040eea77c0be553302855
f0d19e7d56aa281565beef26a0f1c99a292b9246f806ce2e6f76dca3e3f35ec1
f10305b973d7f1d24b0319a00d494eb736084bae288e666ba49d75344ea1a66c
f2fee4fc61567c6ed576cf11f279836e477884b79ea6756e83f9e6da0707af26
f38b53e5a0e4e3db80ae5bc1afa619d1b74a95a60f45cc291d8e4993cb979952
f4d386cd0b02158fb22a97e0b4dcaf1f7355d79fc8ee005139f06504f20d278a
f629b8954c9eb4891e1269a2b6ad4e8d949abce37891832ff38812398c8d0542
f674ac2105c83818ad1446945a7983dc00dff03223142f45145e7566062d02d6
f721c02819837ba9316e1927e1b1395791e6804741584c5a2677484c997ec382
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
f93b9a90fe00d1b8b03712468e90bb19b51dda5e80deb21454813295905ea1fd
fcb6262944c0f1cec2f10682ab5dd66c1f87bae9aa4222f057043505c3a7c769
fce0627165f79d95b2b011a25ad8b793547d319472fd07642ba93735568ad86f
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fde4d6a1d913a32f7d05d204d1cc29bf4683bbd6794ccacefc474d267fd2c4ad
fe8baad259a0b435d1dc9f563d706dfa9c7e2de2c648eb088ba50c21b27bdaac
fee0cc4b41c2a9e4556ace3acbc166aa62e64252de972ba518c5dab5caccd851
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8