urlscan.io logo urlscan.io
SecurityTrails logo

cybernews.com Open in urlscan Pro
2606:4700:3108::ac42:2bc5  Public Scan

Go To Rescan Add Verdict Report
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Submission: On December 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 11 countries across 60 domains to perform 323 HTTP transactions. The main IP is 2606:4700:3108::ac42:2bc5, located in United States and belongs to CLOUDFLARENET, US. The main domain is cybernews.com. The Cisco Umbrella rank of the primary domain is 186353.
TLS certificate: Issued by E1 on December 18th 2023. Valid for: 3 months.
This is the only time cybernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:310... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.75.120.157 54113 (FASTLY)
3 21 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f04... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
2 10 2a00:1450:400... 15169 (GOOGLE)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
2 18.239.69.131 16509 (AMAZON-02)
2 162.19.138.82 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 162.19.138.118 16276 (OVH)
3 104.26.8.178 13335 (CLOUDFLAR...)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 185.86.138.124 201081 (SMARTADSE...)
2 3 54.220.88.163 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 35.227.252.103 396982 (GOOGLE-CL...)
1 13.227.219.102 16509 (AMAZON-02)
1 18.239.64.29 16509 (AMAZON-02)
4 34.98.64.218 396982 (GOOGLE-CL...)
1 81.17.55.171 60781 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
2 216.52.2.6 32475 (SINGLEHOP...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
38 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
3 3 52.58.114.78 16509 (AMAZON-02)
13 45 172.217.16.130 15169 (GOOGLE)
2 2 151.101.130.49 54113 (FASTLY)
5 52.223.40.198 16509 (AMAZON-02)
3 3 35.190.0.66 15169 (GOOGLE)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 178.250.1.9 44788 (ASN-CRITE...)
5 5 37.157.3.26 198622 (ADFORM)
3 6 46.228.164.11 56396 (AMOBEE)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
6 10 172.64.151.101 13335 (CLOUDFLAR...)
3 5 37.252.171.52 29990 (ASN-APPNEX)
4 4 34.91.62.186 396982 (GOOGLE-CL...)
1 2 69.173.144.165 26667 (RUBICONPR...)
2 6 104.75.89.75 16625 (AKAMAI-AS)
2 3.69.190.202 16509 (AMAZON-02)
6 172.217.16.194 15169 (GOOGLE)
2 142.250.185.134 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 51.75.86.98 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 3.230.95.185 14618 (AMAZON-AES)
1 2600:9000:20a... 16509 (AMAZON-02)
1 159.89.25.223 14061 (DIGITALOC...)
1 141.101.90.97 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
3 2a05:d01c:1d8... 16509 (AMAZON-02)
1 184.30.16.195 16625 (AKAMAI-AS)
1 2620:116:800d... 16509 (AMAZON-02)
3 3 213.155.156.167 1299 (TWELVE99 ...)
4 172.217.18.2 15169 (GOOGLE)
1 85.14.248.91 24961 (MYLOC-AS ...)
1 2 52.49.242.154 16509 (AMAZON-02)
1 198.47.127.19 3257 (GTT-BACKB...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 37.157.6.232 198622 (ADFORM)
3 142.250.184.194 15169 (GOOGLE)
323 69
13    2606:4700:3108::ac42:2bc5 (United States)

ASN13335 (CLOUDFLARENET, US)
cybernews.com
media.cybernews.com
6    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
47    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
21    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4005:801::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
10    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net
c.amazon-adsystem.com
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    104.26.8.178 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    54.220.88.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-88-163.eu-west-1.compute.amazonaws.com
ap.lijit.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    13.227.219.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-102.ams54.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net
aax.amazon-adsystem.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
setupad-d.openx.net
1    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync-global.smartadserver.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
2    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
eu-inap.vap.lijit.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
38    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mts0.google.com
36    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    52.58.114.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-78.eu-central-1.compute.amazonaws.com
pm.w55c.net
45    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    2a05:d018:d29:3601:aac8:1b9f:b7f8:fd94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
5    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
10    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
5    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
2    3.69.190.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
www.googleadservices.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
2    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.230.95.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-95-185.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    2600:9000:20ab:fc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
1    141.101.90.97 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.o2online.de
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    2a05:d01c:1d8:8101:ecdd:a035:7b09:ae7f (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads4.g.doubleclick.net
1    85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    52.49.242.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-242-154.eu-west-1.compute.amazonaws.com
skydeutschland.demdex.net
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
90 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
949 KB
77 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
515 KB
36 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
9 MB
13 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
mts0.google.com — Cisco Umbrella Rank: 4606
39 KB
13 cybernews.com
cybernews.com — Cisco Umbrella Rank: 186353
media.cybernews.com — Cisco Umbrella Rank: 271685
242 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
7 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
mug.criteo.com — Cisco Umbrella Rank: 2811
9 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
450 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
1 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
3 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
cm.adform.net — Cisco Umbrella Rank: 1211
4 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
setupad-d.openx.net — Cisco Umbrella Rank: 58986
1 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4165
onesignal.com — Cisco Umbrella Rank: 1473
img.onesignal.com
86 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
4 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
741 B
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
66 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
eu-inap.vap.lijit.com
703 B
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
75 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
925 B
3 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1771
886 B
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
925 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
3 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 41482
2 KB
2 demdex.net
skydeutschland.demdex.net — Cisco Umbrella Rank: 48730
1 KB
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
6 KB
2 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
static.adsafeprotected.com — Cisco Umbrella Rank: 602
706 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
207 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
291 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
853 B
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
820 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
60 KB
2 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1657
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
605 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
944 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
562 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
175 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
25 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11353
1 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
611 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 66923
609 B
1 setupad.com
node.setupad.com — Cisco Umbrella Rank: 47970
241 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
387 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
587 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
173 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7367
176 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
273 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
2 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
724 B
1 t.co
t.co — Cisco Umbrella Rank: 589
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
1 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3789
37 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 40156
105 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
323 60
Domain Requested by
47 pagead2.googlesyndication.com cybernews.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
45 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
cybernews.com
38 tpc.googlesyndication.com googleads.g.doubleclick.net
cybernews.com
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
36 s0.2mdn.net cybernews.com
s0.2mdn.net
21 googleads.g.doubleclick.net 3 redirects www.googletagmanager.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
cybernews.com
10 www.google.com 2 redirects cybernews.com
googleads.g.doubleclick.net
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 www.googletagservices.com googleads.g.doubleclick.net
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
cybernews.com
7 media.cybernews.com cybernews.com
6 www.googleadservices.com googleads.g.doubleclick.net
6 sync.teads.tv 2 redirects e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 cybernews.com cybernews.com
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 c1.adform.net 5 redirects
5 match.adsrvr.org googleads.g.doubleclick.net
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
4 googleads4.g.doubleclick.net cybernews.com
4 um.simpli.fi 4 redirects
4 www.gstatic.com googleads.g.doubleclick.net
4 gum.criteo.com 1 redirects stpd.cloud
static.criteo.net
4 securepubads.g.doubleclick.net cybernews.com
securepubads.g.doubleclick.net
3 onesignal.com cdn.onesignal.com
3 ade.googlesyndication.com cybernews.com
3 d5p.de17a.com 3 redirects
3 ag.innovid.com googleads.g.doubleclick.net
3 a.tribalfusion.com 2 redirects googleads.g.doubleclick.net
3 r.turn.com cybernews.com
googleads.g.doubleclick.net
3 ad.turn.com 3 redirects
3 ads.travelaudience.com 3 redirects
3 pm.w55c.net 3 redirects
3 fonts.googleapis.com googleads.g.doubleclick.net
3 ap.lijit.com 2 redirects stpd.cloud
3 prebid-stag.setupad.net stpd.cloud
cybernews.com
2 skydeutschland.demdex.net 1 redirects googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 ad.doubleclick.net cybernews.com
2 x.bidswitch.net e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 pixel.rubiconproject.com 1 redirects cybernews.com
2 s.tribalfusion.com cybernews.com
2 dis.criteo.com googleads.g.doubleclick.net
2 pr-bh.ybp.yahoo.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 static.criteo.net stpd.cloud
static.criteo.net
2 eu-inap.vap.lijit.com stpd.cloud
2 e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 rtb.openx.net stpd.cloud
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
2 id5-sync.com stpd.cloud
2 c.amazon-adsystem.com stpd.cloud
c.amazon-adsystem.com
2 www.google.de cybernews.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net cybernews.com
connect.facebook.net
2 www.googletagmanager.com cybernews.com
www.googletagmanager.com
2 cdn.onesignal.com cybernews.com
cdn.onesignal.com
1 img.onesignal.com
1 setupad-d.openx.net stpd.cloud
1 mug.criteo.com
1 cm.adform.net 1 redirects
1 cdnjs.cloudflare.com s0.2mdn.net
1 image6.pubmatic.com ads.pubmatic.com
1 m.exactag.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 ads.pubmatic.com stpd.cloud
1 gcm.ctnsnet.com 1 redirects
1 portal.o2online.de cybernews.com
1 node.setupad.com stpd.cloud
1 static.adsafeprotected.com googleads.g.doubleclick.net
1 pixel.adsafeprotected.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 onetag-sys.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 mts0.google.com googleads.g.doubleclick.net
1 ssbsync-global.smartadserver.com cybernews.com
1 u.openx.net stpd.cloud
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 bidder.criteo.com stpd.cloud
1 prg.smartadserver.com stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 lb.eu-1-id5-sync.com stpd.cloud
1 www.facebook.com cybernews.com
1 cdn.jsdelivr.net stpd.cloud
1 analytics.twitter.com cybernews.com
1 t.co cybernews.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 img.youtube.com cybernews.com
1 stpd.cloud cybernews.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
323 90
Subject Issuer Validity Valid
cybernews.com
E1		 2023-12-18 -
2024-03-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
stpd.cloud
E1		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-30 -
2023-12-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
node.setupad.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
portal.o2online.de
E1		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2023-08-22 -
2024-09-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
onesignal.com
E1		 2023-10-27 -
2024-01-25		 3 months crt.sh

This page contains 47 frames:

Primary Page: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Frame ID: A4F2AD5CFDCEEE3BDA83A637C7C91AF5
Requests: 72 HTTP requests in this frame

Frame: https://img.youtube.com/vi/7EcvtEYXjeU/hqdefault.jpg
Frame ID: 67D652BC9683698C5128131A546A6A81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 2A5947F6438DA8E87698664F69F3D3A0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: CF558E57F40D9D3CE04312A2E5269FC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1703010214&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018946&bpp=1&bdt=186&idt=234&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1050833028883&frm=20&pv=2&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: 7C2FA5F198D2CCD118AA1EE7409A2D55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Frame ID: 879A2BDBF2045B0ABB4BB0431DFF3CFE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Frame ID: D26BD93236E2094C46F77D04F8D30943
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Frame ID: F8BDA5A024A6E68E04DF780C8BF08533
Requests: 16 HTTP requests in this frame

Frame: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D647DF46AFE304840CFDA97151ABC1FA
Requests: 1 HTTP requests in this frame

Frame: https://eu-inap.vap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: FC580BF7AD5C6118D221CC07A32DAAAE
Requests: 1 HTTP requests in this frame

Frame: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55B46C03BB438BDA67571D7B7F835CD4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A0FAD4EE7610558F1424CB79D5A869ED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D96E98502EC31539FF4992DC61BA3DA5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2F8A90ADDB9FE07C75C836B2EB2BBBBB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARip2bP8ATAB&v=APEucNXFB1z5rQXrv_o_SGSEP4qZtHcwbqxKtEAyqIkjTS3PhP5rojqR4F2mvxFYpci_OE_8TnuWe5uNwqvT_alVMcUdyzr0LfYCFDjTOOzW-sQThAqH3C7vpaY-p61qAtw7jC48A2Br91WCTT4war2Xjjt-9S3JxfomM9XDD91uaCYjgf4pO0I
Frame ID: F9EF5EAB963809EB27E1561557D3BC38
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C44DD45C07AB1AB545BFC16D439D8AAE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C0327226A498E9E81CC475FB0DE4CD6E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6A217FDD79483C1400A82ECAAC519878
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AD91F72730AB43205BE50AC03A1B8DA4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
Frame ID: 7292389495E200EA241AFDA36C732EDF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F0C3512849650629428ED451984942C7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EDA2D9FAEE2B738B1E2653E631BABD5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8BFE40A80737C64AB2F2E553E109B3D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: DED96312B4F7CCEC62EA97ADEB3D34C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: B7049AB5B5B21ED2FE8CE190A3C18EB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJbTh_8BMAE&v=APEucNXoXUslK4qIc1jqzzG0efTWjAz-EKCVHFxqfz31SMPep-aqp0yjOE_fDr8MwHzt3HHaY8YBxwfQUaP835-qdxzAmqka-208F2AxvYht2nfNARmB8415-h14FJP8dh29MZoCLof_p2p0QXga7tDXM60UI8QpyFw6kgakitRKy3-icBLF1IU
Frame ID: 811B1D3877B344509A522881E47F1491
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 402AEA84D94A053ACE25E0BE4021D9CE
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNUi8sng0JZYF9oNUTSTQ7O7_eEIIO3sVSVH68-fFMfD6YfSw-a_FzeBsEvFHO-oRbvtUlqTzVNHP4QRRcLwXJl0GoMN-kF5VDZWwuT3NTxAk399b1d6f9kDALRBXHqx66bRmPPspppJspwCQPN7tNVM6Lbgif-i7-t4DQJ1aQZVrwPxFnY
Frame ID: 8B0AFCE7EF0BA746F1750EB98CF1D370
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 98BB01054B3DAF120ABE98163B3622B2
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 509F7230ED987CF777D5B50778BD6DCC
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: D622FF321CB839C7B9D6B7F74D5CBB25
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5CCBAE36DADE5EF86CF276BD66AE699
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6837A429E89B7DFF732A4DA7F40F2360
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 298EFFDCC6E61E7B5CB0A8EBB8A0CE2B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: D4CD86D380E94FECA48F4280F79AF953
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 882B3E7E67D8F6173F1AB5FD7061D2D6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A2B8768D021CBA81F3ED9A3A23A56E6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E84F5CDAADDB2FD6DE7A6635C2CEEEF1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
Frame ID: E2194A70124C38BA760F9D3ECF0A7695
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Frame ID: A911D4FE338C1E52F50A5ECCE1384AFF
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D6C0564E91899DD7470F33BF25479E7F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 31015258B0D98CB2DF057968B361FFA5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cybernews.com
Frame ID: D824C7B3DA23259CC001F0DA616A9618
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A1CBD208DFA94F7D38B78CAC7690DA3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4BE5BDC31E6AA8613C0E1A5C8BD1C285
Requests: 2 HTTP requests in this frame

Frame: https://setupad-d.openx.net/w/1.0/pd
Frame ID: 36493DE67E6E080311B87E5FBF537908
Requests: 1 HTTP requests in this frame

Frame: https://eu-inap.vap.lijit.com/beacon?informer=13401985
Frame ID: F0156F27E71D34941B7108929271137F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MOVEit hack: credit union discloses 100K victims | Cybernews

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

323
Requests

85 %
HTTPS

41 %
IPv6

60
Domains

90
Subdomains

69
IPs

11
Countries

11758 kB
Transfer

17741 kB
Size

58
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eu-inap.vap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Request Chain 108
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&google_cver=1&google_push=AXcoOmRZVTg6kRw_T_2FQeh0HCi_yr2_BALN8XwmfK3fy-gsFdRi8-mGmyQqAmfOZBVemep-iWSTAQ5ksYC9irpSr8GVXS2cG74hmg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&google_cver=1&google_push=AXcoOmRZVTg6kRw_T_2FQeh0HCi_yr2_BALN8XwmfK3fy-gsFdRi8-mGmyQqAmfOZBVemep-iWSTAQ5ksYC9irpSr8GVXS2cG74hmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&google_cver=1&google_push=AXcoOmRZVTg6kRw_T_2FQeh0HCi_yr2_BALN8XwmfK3fy-gsFdRi8-mGmyQqAmfOZBVemep-iWSTAQ5ksYC9irpSr8GVXS2cG74hmg
Request Chain 109
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGaOKuJZXbXD3QB51YcdlIw&google_cver=1&google_push=AXcoOmThDz3Y2SVcryxrD0xWt8y4MguqLim1oxAkGerUGr4n-R2JwcOICLAJvQHp-Hai7_WYkUBW_CzdGRhoBN8qk6FmA9Ib2czj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGaOKuJZXbXD3QB51YcdlIw&google_push=AXcoOmThDz3Y2SVcryxrD0xWt8y4MguqLim1oxAkGerUGr4n-R2JwcOICLAJvQHp-Hai7_WYkUBW_CzdGRhoBN8qk6FmA9Ib2czj
Request Chain 111
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGsQTHeCThWxGyZyNtGvQVs&google_cver=1&google_push=AXcoOmQew1_zPLFIumlyrRpOuVnHhNUfPVhYbCCyof8YgAf4ys9hMHa5DPbCR6_TWPT9NKLrBiJSbTfuAvB3K6V8_AEMiV5Rt9hgFw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQew1_zPLFIumlyrRpOuVnHhNUfPVhYbCCyof8YgAf4ys9hMHa5DPbCR6_TWPT9NKLrBiJSbTfuAvB3K6V8_AEMiV5Rt9hgFw
Request Chain 112
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFTkAkK0KzIyO3LFGJjNZsE&google_cver=1&google_push=AXcoOmSvLjJZk5ulKUTfzVnfZBIaG_0mbKg2FHqVOhVjwEjOrdV5vtuLOn5KSbSl_xp7ITNWH2XOBd_wiFU298yJ0uuGzXYE4ynQSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSvLjJZk5ulKUTfzVnfZBIaG_0mbKg2FHqVOhVjwEjOrdV5vtuLOn5KSbSl_xp7ITNWH2XOBd_wiFU298yJ0uuGzXYE4ynQSg&google_hm=eS1TRVE5RGhSRTJwRlFINFdhMTFGRmxqMUFoY3dIalo4dH5B
Request Chain 114
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAeeq4ssYd3fBRfZo2BD9ac&google_cver=1&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61Rr95mBj43FPuJRkdqf2S-4kaMtNQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAeeq4ssYd3fBRfZo2BD9ac&google_cver=1&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61Rr95mBj43FPuJRkdqf2S-4kaMtNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI4NTk3ODU4OTY5MzM4ODExOA&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61Rr95mBj43FPuJRkdqf2S-4kaMtNQ
Request Chain 120
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIPLVny7gOBiukblJcaiN0M&google_cver=1&google_push=AXcoOmSN6UEhQL0NA2oNZoHMNaCAVIci6QrYtJ3zl8vcSUmSJ3tbyqMNPn4c0tRanglbtuUht2WJAVnG2B6bt2R3Mt2GqSMASBG0bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc0OTgzOTc4MjkwMTE1MzkwOQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
Request Chain 121
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBom6gR5vOnswRHWG6eZKBk&google_cver=1&google_push=AXcoOmS0dNrUMnB9qoedtvSOxKt_t6jo0eAU7JMSce-FZ7O_69r_4KGTBBBAnvMajIvvjsdVqsyCJN15SkmRA1G8-FYhwfaUnOxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEBom6gR5vOnswRHWG6eZKBk&google_cver=1&google_push=AXcoOmS0dNrUMnB9qoedtvSOxKt_t6jo0eAU7JMSce-FZ7O_69r_4KGTBBBAnvMajIvvjsdVqsyCJN15SkmRA1G8-FYhwfaUnOxg
Request Chain 122
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEA5up434qCBy-o2dx6JFS9k&google_cver=1&google_push=AXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA5up434qCBy-o2dx6JFS9k&google_cver=1&google_push=AXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 126
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI1DF-0DKHuJLlYk2Z8hn_E&google_cver=1&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9GgoP92W7GdeKjQLdH_24lY7jf7Q HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI1DF-0DKHuJLlYk2Z8hn_E&google_cver=1&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9GgoP92W7GdeKjQLdH_24lY7jf7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9GgoP92W7GdeKjQLdH_24lY7jf7Q
Request Chain 128
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&C=1
Request Chain 130
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYUujMri9xnlFnmch24.kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
Request Chain 132
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
Request Chain 133
  • https://um.simpli.fi/gp_match?google_gid=CAESEGz5bqQv-2ZKEkCzxEbakL8&google_cver=1&google_push=AXcoOmRRJvQUSxTArO4MTRtu2xb6Rtuub0h2tfnsDwGOyZT2KxpQKBmZXxoCTSrVryWeLbToIQsf4oYQtJiph2DWzFJNTa4WYYM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRRJvQUSxTArO4MTRtu2xb6Rtuub0h2tfnsDwGOyZT2KxpQKBmZXxoCTSrVryWeLbToIQsf4oYQtJiph2DWzFJNTa4WYYM
Request Chain 136
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEODiR-Fg2z-0QE3SCsCwx3Q&google_cver=1&google_push=AXcoOmSvjdJ-9vdaz5QEfSuC3UJBm92B5BHb_gFiCJBhJwFu5eCHZsj7VWyfp2p_p3NVeXoxSFC-fCbJmh_ogEKSjCuF_XbrqMoc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHOUUzUDAtMUwtMjQ1Tw==&google_push=AXcoOmSvjdJ-9vdaz5QEfSuC3UJBm92B5BHb_gFiCJBhJwFu5eCHZsj7VWyfp2p_p3NVeXoxSFC-fCbJmh_ogEKSjCuF_XbrqMoc
Request Chain 137
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_cver=1&google_push=AXcoOmQ0oZWqGy2jLcXBLYZaeVefLvEgknrYaeHarNPRPUa8pw6V4eYXI8q4LchEzooyqovcCk7lCtDHEi7vHcvXooXSEiKqwK77 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_push=AXcoOmQ0oZWqGy2jLcXBLYZaeVefLvEgknrYaeHarNPRPUa8pw6V4eYXI8q4LchEzooyqovcCk7lCtDHEi7vHcvXooXSEiKqwK77&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_hm=ZYUujMri9xnlFnmch24-kAAABK4AAAAB&google_nid=index&google_push=AXcoOmQ0oZWqGy2jLcXBLYZaeVefLvEgknrYaeHarNPRPUa8pw6V4eYXI8q4LchEzooyqovcCk7lCtDHEi7vHcvXooXSEiKqwK77
Request Chain 138
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB99L5xAsGkmZTfaNpeur6Y&google_cver=1&google_push=AXcoOmSN1bAuUpc1K-SKykGvDDKcLiMuBxx3Hyq-XvXlxLgZ23BBazHmspGHKEA5okPl7zL4W6vQgfhvFeIMEqz2b-B1ruXzCvKP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSN1bAuUpc1K-SKykGvDDKcLiMuBxx3Hyq-XvXlxLgZ23BBazHmspGHKEA5okPl7zL4W6vQgfhvFeIMEqz2b-B1ruXzCvKP HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 141
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvC4miy6FZdesFeO21fAPwdi-oAOczsC9c9qXjcmGEvTCtauuARABILbX6XtglYKAgJgHoAHZlq_ZKMgBCakC1hwwsmp0sj6oAwHIA8sEqgTIAk_QO0zHzGAE664L4RLtLq10ZJDPDCi9HQqkvWqtqptZnSy06wLrYtomUEynXFyYoNa2cEGl3Ga5abxiLOkJDMyVNmu6CUxr_JdQrysRCKk6rQjXZUq2hVhCVqYyomebajlHSsQ6t5YGNknKl0lvEao75Nc_OVH0mvEm6OI3Qa1nK4k7YITuKfiRtQL58ONMOICZEhXJxBLkQl7R2kbXbyu6dJ60TghKQ1VA1TuPDmIZaG3ej8esNYb2ivlmzctXn3RUDpZdMIvy-nXfXalOCizKsX-XsFUxIyaO1lIlK7b8rwtnwAVxw40pNG8Kl7JpvJLa7zTnn71sqCWPPGZfOTGjWTL0GBMmK4OPWoH5DiP5ChW1oCnW9ePbHVMWXtq05B4vQzuzhjInVSKaKkwUET90cCq8vkHsAO3VcknRtNtIGfiZq8OmKXHABL3h47yzBIgF65HV7kySBQQIBBgBkgUECAUYBKAGLoAH2c7_uAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBChyATSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOa31ou3ooMDmglLaHR0cHM6Ly93d3cubWVkaS1ub3cuZGUvYXBvdGhla2VuL21hcmdhcmV0aGVuLWFwb3RoZWtlLXJlaWNoZXJ0c2hvZmVuLzEwNDM0gAoByAsBmAyqo_qhxQSiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=uIDn4EvG_rs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_sLP1lby0WWAFQfNO5QRzzlW_SKOCrrzqA0J0gNAKeY3JfGo0gG4XoD8JT6eESZVehBNSXktaGAE&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224551542255278086650%22,%22debug_reporting%22:true,%22destination%22:%22https://medi-now.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210924837721%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221880415376222698657%22}&andc=true
Request Chain 142
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C74eSiy6FZYrjFauY1fAPiNqmsATYmrPzdMXEtYH4EcWvlLTkEhABILbX6XtglYKAgJgHoAGG19e9A8gBAqkCyvtJ8fl1sj6oAwHIA8kEqgSsAk_QojhzvKGYm-0Ko1yhqj-umrbqkxjj0MEPmyW9_Su4pkq6cmFIk_pBSncN8kMP0-yAlYpDQyTRqyCiTH7n30vJPKL9kGtQ9_FHYjdaHthwQt5VE8dWrtQQ5K3qALlGMgm5oSSpGn-htQzsJxoh6l8fywwHDT9sAPK40rUwFyh16YNo_wvs6hBmsRVpzFqxlMZm9SFA-PlcIO_UAET6yfoHjvAjAuR516C4vPdaNsOJ-sAcYGJ-bE5gM51kxxS_FZp03CKEw4cwGXtblrks4sWEsYIK6z9jr-YU3Xpe5_AM9PnfxRfS8elKxsekCkgrS8GV8YvOVn7USvYSu86tEAgHrCU0v3wnFsjqtriCTcabtyAF3BLMdssfHHwJrE2oepLaONrfc8qSKZFHV8AE4qXk778EiAWo6I-YTZIFBAgEGAGSBQQIBRgEoAYCgAfiqKhCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQw8wG0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljG7taLt6KDA5oJO2h0dHBzOi8vd3d3LmxpbGllbnRoYWwuYmVybGluL2MwMS0wMjQtYjA0MGM_dm91Y2hlcj1zcGVjaWFsgAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=HLAsqWTbV9E&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_GBUum8xiSnrUP1Na1QnmuPsI7rlVD3dqnEetVfnbppLHvatFI0s9w2_4igSYcQMprpvmbRpPLRgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223933460002173876980%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217619157673903130097%22}&andc=true
Request Chain 148
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1&google_push=AXcoOmQLu3NDkoadVgs3xDKmgRJ0YQMYkqP0HYYYoUdpu8zRIkYyr2gPlCRx9XtHfLDqONpCHCROPXrL0jCZNWyvRO5npq8hyTXutA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc4NTA2NTA0OTAyNTExODMyNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
Request Chain 150
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELqZqZUurLkH6rzKz0T_L58&google_cver=1&google_push=AXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqZqZUurLkH6rzKz0T_L58&google_cver=1&google_push=AXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 152
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKuVuMd0zb4oA1FoX8ylrEw&google_cver=1&google_push=AXcoOmSJr7TLVRaXYQUjJqKS3GZYexpdZg72N60A9DgV4p23JBUM8xBigFrCFnwWhfzCrcTgqXcAK-Z1eItIVOYle3vlrWZ4Ni59yyM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTMwNDM0ODU2NzU5OTI2MA%3D%3D&google_push=AXcoOmSJr7TLVRaXYQUjJqKS3GZYexpdZg72N60A9DgV4p23JBUM8xBigFrCFnwWhfzCrcTgqXcAK-Z1eItIVOYle3vlrWZ4Ni59yyM
Request Chain 153
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPq2YaFmcjBJyffmu1Io3qE&google_cver=1&google_push=AXcoOmSd_bqFxZMbVxlisRrjvXULSK-n-8WG2TXvHnhyNXGDAAVxFim3R1r4Un7KgJ8inRZHiPfLNTWa7baQogaRhL9eL-XIdHuOog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSd_bqFxZMbVxlisRrjvXULSK-n-8WG2TXvHnhyNXGDAAVxFim3R1r4Un7KgJ8inRZHiPfLNTWa7baQogaRhL9eL-XIdHuOog
Request Chain 154
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFs7iugjFS_n3_Coi3IVuEg&google_cver=1&google_push=AXcoOmSMiFjQabAP1l5VPe986iCZmYl8vUBYWGxL-KwGK6jHZ7pGBJIIap146tSAff6iXIxCIj5Fy0RlOTLFqCmFr0GWRDy4Z0HBJsmH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSMiFjQabAP1l5VPe986iCZmYl8vUBYWGxL-KwGK6jHZ7pGBJIIap146tSAff6iXIxCIj5Fy0RlOTLFqCmFr0GWRDy4Z0HBJsmH HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 157
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CW7lYiy6FZYqtFZrb1fAPnI-E0A2F4LuRdM7BpaaPEtrZHhABILbX6XtglfrwgYwHoAHh7uq3A8gBAqkC1hwwsmp0sj6oAwHIA8kEqgS3Ak_QpG20rwZOYD2WWO2qnVtegTNFbbrC5rb8LJ1H1lXGASO1oJ5wyjtlaLG5KCsxIFf5PqyPZeRNBym19CjWl3IpUKJEPz3wJeJdGBZViCkmEdm8js77VIAEbsaDsdNy3xBhacwT3cLXGwm1kMcAcsWiI5pbKnxdQvKLYZ-PbgOl71JLhyFN56p-AzHe5ApuWOvmvsuu9LWvUvh5I_bZRdEOwdECWwxsMgv1DphEI0otdLUbsIvMz68FJTV0raE556Bcj_-_kdyEH4bkBqMM7JbPibDyePjUZ9plh7WMgi0SwwBZIc_8dk-7AD6ODWtsf_eXBt5VYyFzwlvq9I4qPgTVqQ7PFlde4C_69uyViIuDPf4fTr5hzGUAKIucDDy51s4fT8HCw-_hDk985-bPsdnHopmVUyAZwATOyrSVzgSIBcuM6vVMoAYCgAeHkZVIqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ05EJ0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljKsNaLt6KDA5oJOGh0dHBzOi8vd3d3LnBhbmFtYWphY2suZGUvaGVycmVuL3NjaHVobW9kZT9nY2xzcmM9YXcuZHMmgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwPQFQGAFwGyFxwKGggAEhRwdWItNTkyODE2MTA3NDc3OTM4MBgA&sigh=TqK85S4Sqss&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_vWZQMCkKpSvK4Qb2YiA_vnse91I8kQOyOSvoSw_hNMMfcXllMrfvXGLJ51z8xXcetL2OstsICBgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221211633888372464737%22,%22debug_reporting%22:true,%22destination%22:%22https://panamajack.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22922400609%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217894314157762470001%22}&andc=true
Request Chain 163
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 176
  • https://pixel.adsafeprotected.com/rfw/st/1676726/76805677/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1014932963&ias_pubId=pub-5928161074779380&ias_chanId=1&ias_placementId=20797590123&bidurl=https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gTSERSqozhFnO5X18PRjcb HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYUujMri9xnlFnmch24.kAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
Request Chain 204
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdIw0YWb6Flj79VFfz_XWc&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECsetf4xJX0Uq01E4CichA0&google_cver=1
Request Chain 225
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDjUgmBKWEXnWdPwHZFcr2Q&google_cver=1&google_push=AXcoOmRescde3N3f9W_tjxxD7PqLnMqhdhpZHM0Z3YKwVWAOivQHAxyN0UaPpOjl8oUHmtiJwWYO7kuJim5XDFwEFsa53cUgoY8_ZFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllVdWpBQUlxMnNKZXdBTQ==&google_gid=CAESEDjUgmBKWEXnWdPwHZFcr2Q&google_cver=1&google_push=AXcoOmRescde3N3f9W_tjxxD7PqLnMqhdhpZHM0Z3YKwVWAOivQHAxyN0UaPpOjl8oUHmtiJwWYO7kuJim5XDFwEFsa53cUgoY8_ZFA
Request Chain 226
  • https://um.simpli.fi/gp_match?google_gid=CAESEN6YCRHeVe45VGqXPaShqkg&google_cver=1&google_push=AXcoOmSCTMGyOuAPScgGh-5ZD8isrL1xgSN6uGRm0-Y-xh8-zSDn1CuICyor6-gzmH_Znndx24fESroMrCoxBKXxrm0H5ILBwUlaDkU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmSCTMGyOuAPScgGh-5ZD8isrL1xgSN6uGRm0-Y-xh8-zSDn1CuICyor6-gzmH_Znndx24fESroMrCoxBKXxrm0H5ILBwUlaDkU
Request Chain 227
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECzaPWd92SaFafCfx8UYYqQ&google_cver=1&google_push=AXcoOmQIRuJZ3z_TVN9Zy0qF4va4nDi36zOJS5UZCvjSsk0-Mk80GdRZNEnbIWbl9oo4AkLTL1z-oDXxwfN47twKF8I2k5PUUAn4Hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQIRuJZ3z_TVN9Zy0qF4va4nDi36zOJS5UZCvjSsk0-Mk80GdRZNEnbIWbl9oo4AkLTL1z-oDXxwfN47twKF8I2k5PUUAn4Hg&google_hm=MVEZ7jiUQ4GlM1g4HS2wt8g
Request Chain 228
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJV-JVEHPUDbB9CmcfAmy4c&google_cver=1&google_push=AXcoOmQ0Pknk2zI8quyRfx5cSTMNm_fESloaypwP5N7h4vfLavH7LHnTjmfeNdRBoHdG2EGZooLE6Yi3H6li-nFJBtdk3Kga1_7WCNw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQ0Pknk2zI8quyRfx5cSTMNm_fESloaypwP5N7h4vfLavH7LHnTjmfeNdRBoHdG2EGZooLE6Yi3H6li-nFJBtdk3Kga1_7WCNw
Request Chain 245
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAsC_b_4DT0jB4oRjwDNuSY&google_cver=1&google_push=AXcoOmRxZAh4N7D9mDGVZa8pJumqWb6XdSdVyHMKkdZbByZF624amakG1MHq7eF9SvCrQo0eqRZ7uqWWnZhxi9iLfYIErmQog6CDqXA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc4NTA2NTA0OTAyNTExODMyNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
Request Chain 247
  • https://um.simpli.fi/gp_match?google_gid=CAESEN6YCRHeVe45VGqXPaShqkg&google_cver=1&google_push=AXcoOmRiE7D7MUCW-B2yPN3u9BJVPv1Bw-5xDKTm-6jxakZNwnpaiFuY9E3Zu0K_xBXDNoeZbdgAgFASJA5-qLeY8d6cXOVE8DZGuOY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRiE7D7MUCW-B2yPN3u9BJVPv1Bw-5xDKTm-6jxakZNwnpaiFuY9E3Zu0K_xBXDNoeZbdgAgFASJA5-qLeY8d6cXOVE8DZGuOY
Request Chain 248
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJV-JVEHPUDbB9CmcfAmy4c&google_cver=1&google_push=AXcoOmTIQKkusL1Yim5PagFzuzLLmKWV9JDVRTfcW7sheeCPxH61IAjJyLnymQ5qiXRwM1a2ohnpAO-nlTWhZl4CPQxEK04Enj90mJI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmTIQKkusL1Yim5PagFzuzLLmKWV9JDVRTfcW7sheeCPxH61IAjJyLnymQ5qiXRwM1a2ohnpAO-nlTWhZl4CPQxEK04Enj90mJI
Request Chain 249
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENxGf0zVIwHBNb8fwRz1VOI&google_cver=1&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiVHFYM8FfWhU HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENxGf0zVIwHBNb8fwRz1VOI&google_cver=1&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiVHFYM8FfWhU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiVHFYM8FfWhU
Request Chain 257
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=206088858&d_placement=381661316&d_campaign=31095477&d_bust=3570349223&gdpr=&gdpr_consent= HTTP 302
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=206088858&d_placement=381661316&d_campaign=31095477&d_bust=3570349223&gdpr=&gdpr_consent=
Request Chain 265
  • https://um.simpli.fi/gp_match?google_gid=CAESEN6YCRHeVe45VGqXPaShqkg&google_cver=1&google_push=AXcoOmS7Kpi3Jq-mWHdWhjGszs2tI3wl3-JHzis3uq64JRiYoQC4lw95vyibevmXAf2K5Kvh3-2S3IUUxOTYSoCmTT0FHW2LGBtq1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmS7Kpi3Jq-mWHdWhjGszs2tI3wl3-JHzis3uq64JRiYoQC4lw95vyibevmXAf2K5Kvh3-2S3IUUxOTYSoCmTT0FHW2LGBtq1g
Request Chain 267
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJDQwsRB_-jAXfGXYvI44Pg&google_cver=1&google_push=AXcoOmTnATdwPNXH3ivZzysVXCmiHNQet4DhmablOsgDxDT0P_MqSbk7L9gePTdDbBZ1Bhi2-UPOsSSBCYm_WK76WLawpFBE387dpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnATdwPNXH3ivZzysVXCmiHNQet4DhmablOsgDxDT0P_MqSbk7L9gePTdDbBZ1Bhi2-UPOsSSBCYm_WK76WLawpFBE387dpg&google_hm=eS1TRVE5RGhSRTJwRlFINFdhMTFGRmxqMUFoY3dIalo4dH5B
Request Chain 268
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELRCvi7odDGopjU31mdpNXc&google_cver=1&google_push=AXcoOmTDF9OL8r9YgjlYGZow5qVqo6BPJr0SJCBSAUqBHwpMz7iPqLizVPrA6JkC_F9XwhEFuK1Lyg6bbHETLtLXDcRcN7GHJiGP5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmTDF9OL8r9YgjlYGZow5qVqo6BPJr0SJCBSAUqBHwpMz7iPqLizVPrA6JkC_F9XwhEFuK1Lyg6bbHETLtLXDcRcN7GHJiGP5w
Request Chain 269
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENxGf0zVIwHBNb8fwRz1VOI&google_cver=1&google_push=AXcoOmR6kpgtkUjz1_gV9NSCEnMsjtlfZFXE-xtpnkJkyb_6fzsPn_ORHTnf-KZ0h5NgdUwtBzjxw0t49ClPK6a2RED8-DvFrDlMRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR6kpgtkUjz1_gV9NSCEnMsjtlfZFXE-xtpnkJkyb_6fzsPn_ORHTnf-KZ0h5NgdUwtBzjxw0t49ClPK6a2RED8-DvFrDlMRg
Request Chain 279
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 303
  • https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=528774790558052124
Request Chain 306
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=cybernews.com&sn=ChromeSyncframe&so=0&topUrl=cybernews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=YCKYR3x2VVZwNmZONkpxU2xzMDRpL3FMMkIvSHoxYmt2bGh1bmpCZnpLTGVaVnhlanBNYXgzVHZsbkZLQktuMXNHU0RKckxraUxid0VJVHZXVHJvbXBKekN5SVZsd0hVeG82cHc1YzNWS3Q0KzkzV2ZqUTZCOElPN1o4RDlqME9aQW1haWJOeUxqckk4cHhwOXY1VzFrUmxMa3FzeGkzbFZVakZQN3o4MDN0VlJmcFM4UHpJSXJrQ0M4ZEVBTmozRzJzNDNNc051bk42M1NVUG5rTWphSTA3MTQvdnhUTEVvRlVFTmdMbk5TdXZEc2F6Z0IwLzMrZGRPdTFiMXRnZ3F4VlBQT1NDVkMyeldJbDRrNWp2T214N3k1SmdVTnIvSFdMVTh4S0ZWY1BoeTRlRT18&cppv=2
Request Chain 324
  • https://ap.lijit.com/beacon?informer=13401985 HTTP 302
  • https://eu-inap.vap.lijit.com/beacon?informer=13401985

323 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/ 		133 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c215817ac6590a446d8b5f6d8df74c797a9d492083377a2442d4b0a3a40d0782
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83965a82996468ef-FRA
content-encoding
br
content-security-policy
default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-site
ct-content-bucket
News
ct-content-type
Editorial
ct-date-published
2023-10-10
date
Fri, 22 Dec 2023 06:36:58 GMT
expires
Fri, 22 Dec 2023 10:36:58 GMT
last-modified
Tue, 19 Dec 2023 18:23:34 GMT
permissions-policy
geolocation=(), camera=(), microphone=()
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1849
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83965a838c281c3e-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 25 Dec 2023 06:36:58 GMT
clop-leaks-black-hat-announcement.png
media.cybernews.com/images/featured-big/2023/08/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cybernews.com/images/featured-big/2023/08/clop-leaks-black-hat-announcement.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4f43b8974037d45c4ee9199d9e325143c2a511388811d70571d049312a8fb1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc
h3=":443"; ma=86400
content-length
127324
cf-resized
internal=ok/m q=0 n=26+772 c=0+0 v=2023.9.8 l=127324
last-modified
Wed, 16 Aug 2023 14:55:02 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfAjYanfpwo5Fl3EEUH98Z-74kBBDG3-qSyS-DIfI0DQ:09f1ed578c510fe1304d25d8672b74e4"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=15780000
accept-ranges
bytes
cf-ray
83965a8388779225-FRA
base-f66abc99343feb5986aa.js
cybernews.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cybernews.com/js/base-f66abc99343feb5986aa.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f36d0521480a2b88d4428ba420d0e52741e487c450cdaa07b5f790d9347664f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age
244502
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=24590
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 19 Dec 2023 10:24:25 GMT
cf-bgj
minify
server
cloudflare
etag
W/"65816f59-600e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=14400
permissions-policy
geolocation=(), camera=(), microphone=()
cf-ray
83965a8369ce68ef-FRA
expires
Fri, 22 Dec 2023 10:36:58 GMT
adds-body-f66abc99343feb5986aa.js
cybernews.com/js/ 		1 KB
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cybernews.com/js/adds-body-f66abc99343feb5986aa.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d959f0e60cf01a041df2583fe38ab79a5f0418f513b3512c3f6aa17aec8986
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age
244502
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=1262
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 19 Dec 2023 10:24:25 GMT
cf-bgj
minify
server
cloudflare
etag
W/"65816f59-4ee"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=14400
permissions-policy
geolocation=(), camera=(), microphone=()
cf-ray
83965a8369cf68ef-FRA
expires
Fri, 22 Dec 2023 10:36:58 GMT
gtm.js
www.googletagmanager.com/ 		246 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb648ad4ba45cf6d7a36b9bee5cae2432244d8b6c4008cbd607182c94e5b0a82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87400
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Dec 2023 06:36:58 GMT
truncated
/ 		61 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		62 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcbe29ddadf674b264c84fb8dbe9f5d5e796d1e0c5c239273ff6245e6dda0f69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		63 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		62 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380
Requested by
Host: cybernews.com
URL: https://cybernews.com/js/adds-body-f66abc99343feb5986aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c2e64b247a66f17881bd8228c65d96ba68fd2c26693389d3a4dcf5e2d07a373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://cybernews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51271
x-xss-protection
0
server
cafe
etag
4259298681722813164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/js/adds-body-f66abc99343feb5986aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ff0230dc015e049efef926dd235dd94335813c7ac47c53d5e7b045f05f23ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29058
x-xss-protection
0
server
cafe
etag
567 / 19713 / 31080056 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:58 GMT
5774
stpd.cloud/saas/ 		350 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/saas/5774
Requested by
Host: cybernews.com
URL: https://cybernews.com/js/adds-body-f66abc99343feb5986aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7405d17b5e748c2a6fceb47d65449c72a1a3560747f46d8cd6163627a09561

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=300
cf-ray
83965a83fced4da4-FRA
stpdhash
true
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1847
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83965a83bc4b1c3e-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 25 Dec 2023 06:36:58 GMT
Damien.jpg
media.cybernews.com/2022/05/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cybernews.com/2022/05/Damien.jpg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61d428927ee939648e75ce295d112ec2870e7683922741f123c0c2c97b717bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 10:36:58 GMT
date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
cf-polished
origSize=38776
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
38139
last-modified
Wed, 27 Jul 2022 11:16:29 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"d5ab03d3189a480fcaf5aaeb4f55d087"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83965a83b8939225-FRA
x-amz-cf-id
PSYaN0p8l47j-g6yqjoYvzI-AXdD7yh2Wk7GUx9X2JCBbsyL_YxhCQ==
x-amz-meta-mtime
1652961630
putin-russia-cyberwar-what-next.jpg
media.cybernews.com/images/thumbnail/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cybernews.com/images/thumbnail/2023/12/putin-russia-cyberwar-what-next.jpg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
311667b03aae33e4f2fc1ccdd76730c6f16b0f97d17efb743fb038eb9fcaa277
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 af1da25c2dddf71cac076999aa9861e6.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc
h3=":443"; ma=86400
content-length
11962
cf-resized
internal=ok/h q=0 n=12+154 c=0+0 v=2023.9.8 l=11962
last-modified
Thu, 14 Dec 2023 15:01:41 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cf-lY-_nfABZMX39pnNLRmXL1GPri99XVCPD58WiJxDQ:41a60880e84b7112628f92187323d606"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=15780000
accept-ranges
bytes
cf-ray
83965a83b8949225-FRA
nerd-explaining.jpg
media.cybernews.com/images/thumbnail_small/2023/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cybernews.com/images/thumbnail_small/2023/12/nerd-explaining.jpg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089f3882ca8ed99068f5221bbed0c0177e41121ade3abd7ab03b3257b2a7f1b6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 cd89ff2afb5d679fe3dbf35f3872a5b2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc
h3=":443"; ma=86400
content-length
3918
cf-resized
internal=ok/h q=0 n=28+0 c=6+83 v=2023.9.8 l=3918
last-modified
Wed, 13 Dec 2023 12:15:30 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfp7xMHtBnLexnnxhaKXdil7op8iFZYhIqdjUqgfspDQ:3c2a91fcec1afb4fea38a951ed71d3a3"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=15780000
accept-ranges
bytes
cf-ray
83965a83b8959225-FRA
harvard-meta.png
media.cybernews.com/images/thumbnail_small/2023/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cybernews.com/images/thumbnail_small/2023/12/harvard-meta.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a200593a66e505b5894efac3b5601a8c0017aaddbf7aed37c014b50516086b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc
h3=":443"; ma=86400
content-length
3995
cf-resized
internal=ok/e q=0 n=55+0 c=25+72 v=2023.9.8 l=3995
last-modified
Wed, 13 Dec 2023 09:25:13 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cf32rTu3Xf-wkedaaWgwNK9WYL8iFZYhIqdjUqgfspDQ:ff0928e98dbe8e4b188d19f7ae56271c"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=15780000
accept-ranges
bytes
cf-ray
83965a83b8969225-FRA
leaked-crypto-leads-.png
media.cybernews.com/images/thumbnail_small/2023/12/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cybernews.com/images/thumbnail_small/2023/12/leaked-crypto-leads-.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b539cd755cf9c00024fd5804cb186b530d8902b493646e35ce1ced515c1c22c7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc
h3=":443"; ma=86400
content-length
4549
cf-resized
internal=ok/e q=0 n=23+0 c=16+82 v=2023.9.8 l=4549
last-modified
Fri, 08 Dec 2023 08:09:39 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfgmY8pR65VXJlX07aR9nxoOqe8iFZYhIqdjUqgfspDQ:d78754e33db9219144b2f87f6d26ae98"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=15780000
accept-ranges
bytes
cf-ray
83965a83b8979225-FRA
dtc-dubai-logo.jpg
media.cybernews.com/images/thumbnail_small/2023/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cybernews.com/images/thumbnail_small/2023/12/dtc-dubai-logo.jpg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b9f58893d69d4bc0b114dec514772f290b205b13f46f12dc7dae83080f365c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
alt-svc
h3=":443"; ma=86400
content-length
3644
cf-resized
internal=ok/e q=0 n=31+0 c=11+55 v=2023.9.8 l=3644
last-modified
Mon, 11 Dec 2023 12:52:06 GMT
cf-bgj
imgq:90,h2pri
server
cloudflare
etag
"cfCNLOWydI_fu73jpdFhfvPjTu8iFZYhIqdjUqgfspDQ:9895d250ad60294e4cd78b314ca8d96a"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
max-age=15780000
accept-ranges
bytes
cf-ray
83965a83b8989225-FRA
hqdefault.jpg
img.youtube.com/vi/7EcvtEYXjeU/ Frame 67D6 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/7EcvtEYXjeU/hqdefault.jpg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9067b6611b0b53bb66dfdc76b7a79e59528af028c54ad7983e6d40f6fb630db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36956
x-xss-protection
0
server
sffe
etag
"1696860334"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 22 Dec 2023 08:36:58 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fbbe4eaff77586b1e509b3646e2669492a37c113b7f95714b81fbf12c1a2cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90917
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Dec 2023 06:36:58 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220028-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/589784210/?random=1703227018881&cv=11&fst=1703227018881&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v813159125&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&hn=www.googleadservices.com&frm=0&tiba=MOVEit%20hack%3A%20credit%20union%20discloses%20100K%20victims%20%7C%20Cybernews&auid=2032324470.1703227019&uamb=0&uaw=0&data=contentBucket%3DNews%3BcontentType%3DEditorial&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMWQ6GT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615a434f22ecb50cf449f3fa17c7f50a174fbc0ca950d7d54da48be5103b5507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Dec 2023 06:36:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
schfJCG8rkm8mp45BMpVqDpXi61m3W7bceUGFcgn4SkiWaAgLkMB8WPwhNZs0yx+0VEB7RpDJIKVGsehp96RLQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=45je3bt0v882489589z8813159125&_p=1703227018784&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=678660438.1703227018&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703227018&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&dt=MOVEit%20hack%3A%20credit%20union%20discloses%20100K%20victims%20%7C%20Cybernews&en=page_view&_fv=1&_ss=1&ep.contentBucket=News&ep.pagePostAuthor=Damien%20Black&tfd=436
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT8DKCHF41&cid=678660438.1703227018&gtm=45je3bt0v882489589z8813159125&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT8DKCHF41&cid=678660438.1703227018&gtm=45je3bt0v882489589z8813159125&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=990721095
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4005:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
831f91e3f3ac2958442ebada25709910b04fd1dfedc5adbd6715c6e5ea55bd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137957
x-xss-protection
0
server
cafe
etag
841218577148775094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:58 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 2A59 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5928161074779380
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26285
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=3368b32f-9abb-45dd-b224-09a005c545af&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d81906e0-6c91-499f-9062-ef30f453fc30&tw_document_href=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&tw_iframe_status=0&txn_id=o3auk&type=javascript&version=2.3.29
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
102
date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f4cd981680304ae1
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
713cc50a955cc24903a4ca26cc3487f0af1918069cb064ec7b401b8d71fdc795
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=3368b32f-9abb-45dd-b224-09a005c545af&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d81906e0-6c91-499f-9062-ef30f453fc30&tw_document_href=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&tw_iframe_status=0&txn_id=o3auk&type=javascript&version=2.3.29
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
109
date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
59da6ffb2b11ff63
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
45ae7a099016d52121b85dc3aa35038a816271afe4b2d70cb0974273c2301213
content-length
43
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:18:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
15480
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 21 Dec 2024 02:18:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		95 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cybernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fa3f31317cf74cb391b4c94fa4f19b32e0e2d23e25a1a8f1b2695b38249269c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
x-xss-protection
0
expires
Fri, 22 Dec 2023 06:36:59 GMT
/
www.google.com/pagead/1p-user-list/589784210/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/589784210/?random=1703227018881&cv=11&fst=1703224800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v813159125&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&frm=0&tiba=MOVEit%20hack%3A%20credit%20union%20discloses%20100K%20victims%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_k0sZFcn7xyDr_2Q5wjH7VJ3xdxCRfA&random=3741125582&rmt_tld=0&ipr=y
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/589784210/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/589784210/?random=1703227018881&cv=11&fst=1703224800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v813159125&u_w=1600&u_h=1200&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&frm=0&tiba=MOVEit%20hack%3A%20credit%20union%20discloses%20100K%20victims%20%7C%20Cybernews&data=contentBucket%3DNews%3BcontentType%3DEditorial&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_k0sZFcn7xyDr_2Q5wjH7VJ3xdxCRfA&random=3741125582&rmt_tld=1&ipr=y
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4005:801::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1031670724691978
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1031670724691978?v=2.9.138&r=stable&domain=cybernews.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5480cc2b32b1f52f2b7be7b836904e1e4f3741bb0e25f739140bc49709ef584b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Dec 2023 06:36:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
9jvkTUclO/J75ySOPIxaDWIwGqaeYDhd3OUFxEckpNiRP8o7/TYWzcSYssK3WE+x+DWytXrxnnnYvHcna3RRWQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcybernews.com%2F&domain=cybernews.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cybernews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 22 Dec 2023 06:36:58 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
213241
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:21:15 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS58-P4
age
945
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
MsuElpV1uXQj_Zw_VG-g2HQ7InN1-yBF95_5O8sOQkD4wjmReiSAnQ==
prebid
id5-sync.com/api/config/ 		135 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cybernews.com
date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcybernews.com%2F&domain=cybernews.com&cw=1&lsw=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
239178
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231222
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cde3e52a9e5c2f94addacc0ac45357918f5601929dad17a1dfb0cf4c08d23677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9369
x-jsd-version
1.0.1911
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21934-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-W8p22zODHzRJPxCGpMCXVFelaro"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpCD9WCr4LDUpM2aJgDR%2FzN%2B5QEEmBkSmaAqtkFrvAl%2F9t333weKMGPAYnYJlf80dUCRLGkT%2FaVcNqelFqYOYOmKpwApK0zwG1bVFwn5D0l6EsBYFLBLxWyPND%2FED7XW6WmTIVST%2Fdr3sDggzF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83965a8529729950-FRA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1031670724691978&ev=PageView&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&rl=&if=false&ts=1703227019060&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703227019060.1027757816&ler=empty&it=1703227018984&coo=false&rqm=GET
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Dec 2023 06:36:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b7defd058aac902313a0610f1f1ab42179e79f22d7f1eca61e73fd58bbfd8c79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cybernews.com
date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cookie_sync
prebid-stag.setupad.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e64066de59e77553d65d9e36c6044055c5c70b03cad844aafd19e0122f48317

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KkPOO1xi9FmRH0z7pNAbj3N%2BB1ojYS2GK%2FT36jhzlrcFM6su66rkgd0q5Njf07%2BOPraqkQ6Hy8zNE1uWda1IXA5K51mbZz9aHT%2Ba715FpvIH9cW7cnCI98EUmsL%2Bjx7XOKmdUlA7kXK"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83965a8599954dc5-FRA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ 		426 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a0ccfc2387313b67e685adc7ad3eee63e5e21524f871e7bdf299cd5c80cf9a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.259.0
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACtWIcCjNIfFCVshumJkKEP8DB0mvUyrobSb%2BsPiHPEmTe2WnfET%2B9w7cCACMd8jNvGMzgPGCLhc7z9i24Uw8mkmswIBs64z0ka2gvF6tLWppEchrByUxUH5BQ8kfTyccai81yx3OKe0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83965a8599924dc5-FRA
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cybernews.com
date
Fri, 22 Dec 2023 06:36:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://cybernews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		94 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.88.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-88-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
237598b9c97a28387b4f3f4a8c30581a8afc8502aee6de938ade46d8656efe89

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://cybernews.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
99
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=19490819919&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cybernews.com
date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4d69f285b5333f6da188599d48732888dc2aa05e4253e47c5d7897773f433bc1

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://cybernews.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
481.json
id5-sync.com/g/v2/ 		251 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
044ba774801c7b26b94a5dca716a592c42f8e08a06a81acffc49ad42951893f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cybernews.com
date
Fri, 22 Dec 2023 06:36:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
config.aps.amazon-adsystem.com/configs/ 		564 B
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-102.ams54.r.cloudfront.net
Software
CloudFront /
Resource Hash
9dcdd4dff6dab5e556d07cf571e17a19ce4c7dba8a9b657bee0b9e68b6d5b018

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:03:19 GMT
via
1.1 2b298af2bb6f21ab0dee9e764d8bcb28.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS54-C1
age
2020
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
f8TwriJOwSEHx_ewwiW2oS7-xYfKeC2q-qQyO8f0tw0wqakqh1MZgw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&pid=3YYf3nD67aNKa&cb=0&ws=1600x1200&v=23.1211.1645&t=400&slots=%5B%7B%22sd%22%3A%22cybernews_com_300x600_sidebar_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21924397842%2Fcybernews.com_300x600_sidebar_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.64.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-64-29.ams58.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P4
x-amz-rid
VRH89SMAJ53Z7EF717KV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://cybernews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
40lHkRpODGF3rVoYfAE5qLPXgHcQZM8mbnGrcsh0tnaQt6whLXR19w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-131.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 cf65dbfe06da8e543052ca7066d0e458.cloudfront.net (CloudFront)
date
Fri, 22 Dec 2023 06:04:14 GMT
x-amz-cf-pop
AMS58-P4
age
3971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
q93lzjpkDuQIZjdRzB-9jmZsKa0UAp1SDyFUwePYuStjYv2MaBEavw==
cm
u.openx.net/w/1.0/ Frame CF55 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Fri, 22 Dec 2023 06:36:59 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ads
googleads.g.doubleclick.net/pagead/ Frame 7C2F 		295 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&adk=1812271804&adf=3025194257&lmt=1703010214&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018946&bpp=1&bdt=186&idt=234&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1050833028883&frm=20&pv=2&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51bbbd8f8a33f915a47dd67ffddc207a7e01d0f9d3f57b832699e884ce27a409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
69989
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:36:59 GMT
expires
Fri, 22 Dec 2023 06:36:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 879A 		110 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68f5b212006bb81ae4bc5be6ae9cbbbf06d491eb05e18b97d10f3f40514a2332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:36:59 GMT
expires
Fri, 22 Dec 2023 06:36:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D26B 		120 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91a3628cb871ccafc5d22f14103f6dca7fd89f6326037ea57628c60478948f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43436
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:36:59 GMT
expires
Fri, 22 Dec 2023 06:36:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F8BD 		161 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d974c42a2c4f0b058fefe374a7d1fe52e05d6fa1e202268d9767d33ed6ba6453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49845
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:36:59 GMT
expires
Fri, 22 Dec 2023 06:36:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync
ssbsync-global.smartadserver.com/api/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:58 GMT
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		119 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3619052773082774&correlator=2638175442925059&eid=31079956%2C31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21924397842%2Ccybernews.com_300x600_sidebar_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703227019426&lmt=1703010214&adxs=1023&adys=1303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&vis=1&psz=350x20&msz=350x0&fws=516&ohw=350&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=true&dlt=1703227018761&idt=253&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=3686707683&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e1c51ef6da4c217279fdac6b80139496600f84769dcb607f6b741ecb607462f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47804
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D647 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:36:59 GMT
expires
Sat, 21 Dec 2024 06:36:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
eu-inap.vap.lijit.com/beacon/prebid-server/ Frame FC58
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%...
  • https://eu-inap.vap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_si...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-inap.vap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 22 Dec 2023 06:36:59 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

content-length
110
content-type
text/html
date
Fri, 22 Dec 2023 06:36:59 GMT
location
https://eu-inap.vap.lijit.com:443/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
server
awselb/2.0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Dec 2023 06:36:59 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 23 Dec 2023 06:36:59 GMT
container.html
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55B4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:36:59 GMT
expires
Sat, 21 Dec 2024 06:36:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
8372239940965140847
tpc.googlesyndication.com/daca_images/simgad/ Frame D26B 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8372239940965140847
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad150b4f6e6c794e080dd0f2a345a49cb346323efc8c293529ce9dca21f03b4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 18:35:21 GMT
date
Tue, 19 Dec 2023 18:35:21 GMT
x-content-type-options
nosniff
age
216098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73870
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 09:55:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame D26B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
27402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D26B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:48:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D26B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame D26B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDzWG_Kcc1tjgMFGQWThMT9pOeUpNZDT3du7lKemTFTJkzeqj4T8hQ2UoGLsgbgBDe-QnCQk7FIUf7MkUU7q2O0S0fhw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D26B 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:59 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D26B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 02:51:51 GMT
css
fonts.googleapis.com/ Frame F8BD 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 06:33:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Dec 2023 06:36:59 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame F8BD 		225 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 04:32:33 GMT
x-content-type-options
nosniff
server
cafe
age
7466
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Sat, 23 Dec 2023 04:32:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F8BD 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame F8BD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
27402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F8BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:48:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F8BD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame F8BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5_iGTuA3QTae9qd45jLS0pfzSU4BzeUachdp9WqISye9nYBVFzqS-hLgmi55AarsQWXcrwYT8t7QfwfGsslJvxG04LA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F8BD 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:59 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame F8BD 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 09:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 09:13:33 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A0FA 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3515
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 05:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D96E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2F8A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
data=_bPFb2IYqYyI1XgHlo2PD0jHC_Su86BWv6UrXkPxFe0A1K6pF6wbLmwphxQAJKcaTfHMlB-u_ngoL19i7Je4X44mswKTNg3775nBp5kMPW5B9qQ9Bvn5e1Pv
mts0.google.com/vt/ Frame F8BD 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=_bPFb2IYqYyI1XgHlo2PD0jHC_Su86BWv6UrXkPxFe0A1K6pF6wbLmwphxQAJKcaTfHMlB-u_ngoL19i7Je4X44mswKTNg3775nBp5kMPW5B9qQ9Bvn5e1Pv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
74e5c3b4d29b6140fd7818de05328b2c711ddc050651a729b08db3cba2b58af6
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=57
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38382
x-xss-protection
0
x-server-version-bin
CggIBBDd2OmrBg==
server
scaffolding on HTTPServer2
etag
0f61df38f942d3f50
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
expires
Fri, 22 Dec 2023 07:37:00 GMT
truncated
/ Frame F8BD 		244 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F8BD 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56007
x-xss-protection
0
server
cafe
etag
5399100907576838485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:59 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F9EF 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARip2bP8ATAB&v=APEucNXFB1z5rQXrv_o_SGSEP4qZtHcwbqxKtEAyqIkjTS3PhP5rojqR4F2mvxFYpci_OE_8TnuWe5uNwqvT_alVMcUdyzr0LfYCFDjTOOzW-sQThAqH3C7vpaY-p61qAtw7jC48A2Br91WCTT4war2Xjjt-9S3JxfomM9XDD91uaCYjgf4pO0I
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:36:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 55B4 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
Origin
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 11:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 11:58:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 55B4 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 08:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 08:59:51 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 55B4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 00:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
21207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 00:43:32 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 55B4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
563511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 55B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:48:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C44D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 55B4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55B4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Az-cdn7f6vTudme3aMuNiuXBzgPFjm70fdB28jNT1V4Xgp7oUpyR-IGlvWLKku5ZLWMM3jZHz5_eEC57_aNTLGzYqBp-IiOF8btOxixdPtxZDjeBA
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 55B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKeOOg7j30Wi5wOsMeK0uckZjbq4nkrzee1Au4dCS6-AAuOsuLnqIWVYj3EwS8I8zdZeH6AeyXUL6jyrC5kWYieMHaCQ
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 55B4 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:59 GMT
18181568451143527009
tpc.googlesyndication.com/simgad/ Frame 879A 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18181568451143527009?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn6MNsIGoMETvDWa7q-fPisu6i_vA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19431b4d7cdf3bee1ed045a136b23de439d74858c8e7aa687bd8783931fb1252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 12:30:37 GMT
x-content-type-options
nosniff
age
324382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77955
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 09:29:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Dec 2024 12:30:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 879A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
27402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 879A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:48:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 879A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 879A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvi3fuKloSrnTNyc3LBr-LTPxEO-eY4CRV7IdkfPGAcGSP4PiAuODuuuxSFbE1PLALSZWKfUpqJLesHgAqDImsZoCvXQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 879A 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:36:59 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 879A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 02:51:51 GMT
pixel
cm.g.doubleclick.net/ Frame D96E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&google_cver=1&google_push=AXcoOmRZVTg6kRw_T_2FQeh0HCi_yr2_BALN8XwmfK3fy-g...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&google_cver=1&google_push=AXcoOmRZVTg6kRw_T_2FQeh0HCi_yr2_BALN8XwmfK3fy-gsFdRi8-mGmyQqAmfOZBVemep-iWSTAQ5ksYC9irpSr8GVXS2cG74hmg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 22 Dec 2023 06:36:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEM4QQI7yaVYeUVMvlpmcCG0&google_cver=1&google_push=AXcoOmRZVTg6kRw_T_2FQeh0HCi_yr2_BALN8XwmfK3fy-gsFdRi8-mGmyQqAmfOZBVemep-iWSTAQ5ksYC9irpSr8GVXS2cG74hmg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D96E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGaOKuJZXbXD3QB51YcdlIw&google_push=AXcoOmThDz3Y2SVcryxrD0xWt8y4MguqLim1oxAkGerUGr4n-R2JwcOICL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGaOKuJZXbXD3QB51YcdlIw&google_push=AXcoOmThDz3Y2SVcryxrD0xWt8y4MguqLim1oxAkGerUGr4n-R2JwcOICLAJvQHp-Hai7_WYkUBW_CzdGRhoBN8qk6FmA9Ib2czj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220099-FRA
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1703227020.011944,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGaOKuJZXbXD3QB51YcdlIw&google_push=AXcoOmThDz3Y2SVcryxrD0xWt8y4MguqLim1oxAkGerUGr4n-R2JwcOICLAJvQHp-Hai7_WYkUBW_CzdGRhoBN8qk6FmA9Ib2czj
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame D96E 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHXlXTLnmF8YUBuYPX_WNUg&google_cver=1&google_push=AXcoOmTRAjvenBnV2opBiEB658O9-dToj51wIMrT6VxuH3INNJ1sdhREJ6OojHJ44YKRAggRyBKs2Sb9jwZlZZvTKAQCiQ1FXdsp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame D96E
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGsQTHeCThWxGyZyNtGvQVs&google_cver=1&google_push=AXcoOmQew1_zPLFIumlyrRpOuVnHhNUfPVhYbCCyof8YgAf4ys9hMHa5DPbCR6_TWPT9NKLrBiJSbTfuAvB3K6V8...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQew1_zPLFIumlyrRpOuVnHhNUfPVhYbCCyof8YgAf4ys9hMHa5DPbCR6_TWPT9NKLrBiJSbTfuAvB3K6V8_AEMiV5Rt9hgFw
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQew1_zPLFIumlyrRpOuVnHhNUfPVhYbCCyof8YgAf4ys9hMHa5DPbCR6_TWPT9NKLrBiJSbTfuAvB3K6V8_AEMiV5Rt9hgFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQew1_zPLFIumlyrRpOuVnHhNUfPVhYbCCyof8YgAf4ys9hMHa5DPbCR6_TWPT9NKLrBiJSbTfuAvB3K6V8_AEMiV5Rt9hgFw
x-host
tde-deliveryengine-production-59dc4ccdb-gwm58
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D96E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFTkAkK0KzIyO3LFGJjNZsE&google_cver=1&google_push=AXcoOmSvLjJZk5ulKUTfzVnfZBIaG_0mbKg2FHqVOhVjwEjOrdV5vtuLOn5KSbSl_xp7ITNWH2XOBd_wiFU298yJ0uuGzXY...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSvLjJZk5ulKUTfzVnfZBIaG_0mbKg2FHqVOhVjwEjOrdV5vtuLOn5KSbSl_xp7ITNWH2XOBd_wiFU298yJ0uuGzXYE4ynQSg&google_hm=eS1TRVE5RGhSRTJwRlFI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSvLjJZk5ulKUTfzVnfZBIaG_0mbKg2FHqVOhVjwEjOrdV5vtuLOn5KSbSl_xp7ITNWH2XOBd_wiFU298yJ0uuGzXYE4ynQSg&google_hm=eS1TRVE5RGhSRTJwRlFINFdhMTFGRmxqMUFoY3dIalo4dH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSvLjJZk5ulKUTfzVnfZBIaG_0mbKg2FHqVOhVjwEjOrdV5vtuLOn5KSbSl_xp7ITNWH2XOBd_wiFU298yJ0uuGzXYE4ynQSg&google_hm=eS1TRVE5RGhSRTJwRlFINFdhMTFGRmxqMUFoY3dIalo4dH5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame D96E 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR8Sx535G1QzWPZjoS1eZcvrfm8acwc4QuazEVpmy8VrzK5rrMRErfx2ax6WTov-aSeY0MSJUusvJIi2wC3vrkZ4UTata3cSg&google_gid=CAESEHenw50dHFgY2bPMUK2Lug8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
278291
expires
Fri, 22 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D96E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAeeq4ssYd3fBRfZo2BD9ac&google_cver=1&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61Rr95mB...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAeeq4ssYd3fBRfZo2BD9ac&google_cver=1&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61R...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI4NTk3ODU4OTY5MzM4ODExOA&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61Rr95...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI4NTk3ODU4OTY5MzM4ODExOA&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61Rr95mBj43FPuJRkdqf2S-4kaMtNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTI4NTk3ODU4OTY5MzM4ODExOA&google_push=AXcoOmRGZJXd8v3NiuPZVDev0arK1Y_eMaq3rmXUXBzNSB03K3RTuUovobraeGFth0oQ-OJz61Rr95mBj43FPuJRkdqf2S-4kaMtNQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame D96E 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LauKjotrqPE3TrGNul3Oz8AeIR6BMgLfZpFdJe16Ez1bwevWSn_J7XKJgiRO_c3jcxHpdY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame C032 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3515
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 05:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6A21 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35825
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D26B 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d45c66c1648f7220aca8d5e6d6acc2d668070fd1926c2c29e0500ecd073c07f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8BD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8ae78c695711b688c2a8fdbfd3f6f04acb78b9bea7cb6ebc698ca37859caeeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2F8A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIPLVny7gOBiukblJcaiN0M&google_cver=1&google_push=AXcoOmSN6UEhQL0NA2oNZoHMNaCAVIci6QrYtJ3zl8vcSUmSJ3tbyqMNPn4c0tRanglbtuUht2WJAVnG2B6bt2R3Mt2GqSMASBG0bg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc0OTgzOTc4MjkwMTE1MzkwOQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F8A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBom6gR5vOnswRHWG6eZKBk&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEBom6gR5vOnswRHWG6eZKBk&google_cver=1&google_push=AXcoOmS0dNrUMnB9qoedtvSOxKt_t6jo0eAU7JMSce-FZ7O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEBom6gR5vOnswRHWG6eZKBk&google_cver=1&google_push=AXcoOmS0dNrUMnB9qoedtvSOxKt_t6jo0eAU7JMSce-FZ7O_69r_4KGTBBBAnvMajIvvjsdVqsyCJN15SkmRA1G8-FYhwfaUnOxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 22 Dec 2023 06:36:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z0J5cksyS08xUmd6OXk1&google_gid=CAESEBom6gR5vOnswRHWG6eZKBk&google_cver=1&google_push=AXcoOmS0dNrUMnB9qoedtvSOxKt_t6jo0eAU7JMSce-FZ7O_69r_4KGTBBBAnvMajIvvjsdVqsyCJN15SkmRA1G8-FYhwfaUnOxg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 2F8A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEA5up434qCBy-o2dx6JFS9k&google_cver=1&google_push=AXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA5up434qCBy-o2dx6JFS9k&google_cver=1&google_push=AXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17U...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA5up434qCBy-o2dx6JFS9k&google_cver=1&google_push=AXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83965a8cf8dd1e56-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
146
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA5up434qCBy-o2dx6JFS9k&google_cver=1&google_push=AXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQio4z0cvfOHfh4GfoxqmClEnz-3pMZAE-n_xE34_x4fRqYo9z5SBwXnHCJutqxXy0U186kahn3Jxm92nZgTVpHyWvL17Ul5A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83965a8b5f6a1e56-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 2F8A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESED889piKowZhw0WiMWKkY1Y&google_cver=1&google_push=AXcoOmQvaWggGMWYYpQOKusVLJVR9YR18Zqz1LxjHWBGDe9V-4zJGh0PUbrFxESXGRUAScit0L8rFeY6wdRMfek0p6FEfT1eG6eQLg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2F8A 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGpXVWzIRBK_WZ6XnmDF2K0&google_cver=1&google_push=AXcoOmSBYWMOuuwQbmHzRTs2fV_ukBuyimsPv0br1xZmS-JS1wq5A-aEY04yAKU5nxy3BLtESEiPFlbuF34tAdHPwvOyFAPRqQ_Cig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usersync.aspx
dis.criteo.com/dis/ Frame 2F8A 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT6COWJG_QBa-696ucvX4alMlvpDUL_1VJFKG59oRSDbMYExuF9bBUpzrGkVsrdatW6GirMPq7hGBI9Lv_RscuZ5how9kFiaQ&google_gid=CAESEO2HDz7RSa0XElDZRv5gao0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
231333
expires
Fri, 22 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2F8A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI1DF-0DKHuJLlYk2Z8hn_E&google_cver=1&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9GgoP9...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI1DF-0DKHuJLlYk2Z8hn_E&google_cver=1&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9GgoP9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9GgoP92W7GdeKjQLdH_24lY7jf7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmSj7-Gn66WYZXdX6HdCZOomdnOJ8co_k9wjYmJO_vvRB9jRr8yU9MqeP3Ij_Sv7FS5DBs9GgoP92W7GdeKjQLdH_24lY7jf7Q
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2F8A 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHWZsCsocJ7m2Ngp4YJc2ZFTvRCjVOFgNsxnC61aGRJYS4lQVPUGjyjOidZU6sQjSgc1bZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame A0FA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
expires
Fri, 22 Dec 2023 06:37:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame F9EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&C=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARip2bP8ATAB&v=APEucNXFB1z5rQXrv_o_SGSEP4qZtHcwbqxKtEAyqIkjTS3PhP5rojqR4F2mvxFYpci_OE_8TnuWe5uNwqvT_alVMcUdyzr0LfYCFDjTOOzW-sQThAqH3C7vpaY-p61qAtw7jC48A2Br91WCTT4war2Xjjt-9S3JxfomM9XDD91uaCYjgf4pO0I
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1ABQho1Avypi9bZVCjvKFU0OKVl1OGsxPVKhUG1I5nP6ZO9wHh7e%2FUE5FykQw9LOSCtizx7BMWVVP7GNptesBuoBF3cNj5MRY8%2FYtx0ZCwf05z7x3ioTLG%2BzbWEeV0CU%2F%2BWDeVpMWkEhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83965a8b9be8916b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ao4ShkVp7IQN4KxEj026nI%2BD8PWTsPeP63wDDBa883T6FCiWrMRUjl3H0YDAo133j2q81s4eHBCXXXO%2BGLzzfeqGH0iLimPJJH8%2B98p4o75SZh2lAIxWsncaTf4VP2l28fdfJPQKDQo9gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&C=1
cache-control
no-cache
cf-ray
83965a8b7bb9916b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame F9EF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYUujMri9xnlFnmch24.kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARip2bP8ATAB&v=APEucNXFB1z5rQXrv_o_SGSEP4qZtHcwbqxKtEAyqIkjTS3PhP5rojqR4F2mvxFYpci_OE_8TnuWe5uNwqvT_alVMcUdyzr0LfYCFDjTOOzW-sQThAqH3C7vpaY-p61qAtw7jC48A2Br91WCTT4war2Xjjt-9S3JxfomM9XDD91uaCYjgf4pO0I
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBsSl3SPTo1XBdKzW34bnrICFYoulGCE3ShaVsl56WRXYW7wZd%2B1xJLpx1s7aUoOYxrX0520%2FUsbmlwEBKFvUlZAWBBctGlxCd29phd%2FYJl2%2FDOyKFyzjmhXe3ZvRl1XynIyFLiZOfV82w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83965a8bef5e381c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F9EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARip2bP8ATAB&v=APEucNXFB1z5rQXrv_o_SGSEP4qZtHcwbqxKtEAyqIkjTS3PhP5rojqR4F2mvxFYpci_OE_8TnuWe5uNwqvT_alVMcUdyzr0LfYCFDjTOOzW-sQThAqH3C7vpaY-p61qAtw7jC48A2Br91WCTT4war2Xjjt-9S3JxfomM9XDD91uaCYjgf4pO0I
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
an-x-request-uuid
a9e4a199-4c40-497f-bf4e-affde71bf0ef
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F9EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARip2bP8ATAB&v=APEucNXFB1z5rQXrv_o_SGSEP4qZtHcwbqxKtEAyqIkjTS3PhP5rojqR4F2mvxFYpci_OE_8TnuWe5uNwqvT_alVMcUdyzr0LfYCFDjTOOzW-sQThAqH3C7vpaY-p61qAtw7jC48A2Br91WCTT4war2Xjjt-9S3JxfomM9XDD91uaCYjgf4pO0I
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
an-x-request-uuid
751e3eba-898f-470f-b4a9-e4f474f391ea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
x-proxy-origin
80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C44D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGz5bqQv-2ZKEkCzxEbakL8&google_cver=1&google_push=AXcoOmRRJvQUSxTArO4MTRtu2xb6Rtuub0h2tfnsDwGOyZT2KxpQKBmZXxoCTSrVryWeLbToIQsf4oYQtJiph2DWzFJNTa4WYYM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRRJvQUSxTArO4MTRtu2xb6Rtuub0h2tfnsDwGOyZT2KxpQKBmZXxoCTSrVryWeLbToIQsf4oYQtJiph2D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRRJvQUSxTArO4MTRtu2xb6Rtuub0h2tfnsDwGOyZT2KxpQKBmZXxoCTSrVryWeLbToIQsf4oYQtJiph2DWzFJNTa4WYYM
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRRJvQUSxTArO4MTRtu2xb6Rtuub0h2tfnsDwGOyZT2KxpQKBmZXxoCTSrVryWeLbToIQsf4oYQtJiph2DWzFJNTa4WYYM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Dec 2023 06:37:00 GMT
google
match.adsrvr.org/track/cmf/ Frame C44D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHdUBIlpQkOszVJqpeFdecA&google_cver=1&google_push=AXcoOmT02KeyYwy6OYcRK6N17kWrIsHq1aYmfCUplHYmc-LVl8Qv2Ye_XeCS9boshboe6Ch85CENi9iJLSAnIfrioJEkgM5vFTvC
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
dds
rtb.openx.net/sync/ Frame C44D 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEhV1EZ60o1xTgpZnJB_6ao&google_cver=1&google_push=AXcoOmRELnuT76PKWp1JvnKXjA2LtPi1nmurRo6BE6SmS7OFWXiVSrCBKMTNWTzWZGuV1HTmFCASY07OoUmqd026dXNGl4ApwaI
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame C44D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEODiR-Fg2z-0QE3SCsCwx3Q&google_cver=1&google_push=AXcoOmSvjdJ-9vdaz5QEfSuC3UJBm92B5BHb_gFiCJBhJwFu5eCHZsj7VWyfp2p_p3NVeXoxSFC...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHOUUzUDAtMUwtMjQ1Tw==&google_push=AXcoOmSvjdJ-9vdaz5QEfSuC3UJBm92B5BHb_gFiCJBhJwFu5eCHZsj7VWyfp2p_p3NVeXoxSFC-fCbJmh_ogEKSjCuF_XbrqMoc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHOUUzUDAtMUwtMjQ1Tw==&google_push=AXcoOmSvjdJ-9vdaz5QEfSuC3UJBm92B5BHb_gFiCJBhJwFu5eCHZsj7VWyfp2p_p3NVeXoxSFC-fCbJmh_ogEKSjCuF_XbrqMoc
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHOUUzUDAtMUwtMjQ1Tw==&google_push=AXcoOmSvjdJ-9vdaz5QEfSuC3UJBm92B5BHb_gFiCJBhJwFu5eCHZsj7VWyfp2p_p3NVeXoxSFC-fCbJmh_ogEKSjCuF_XbrqMoc
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame C44D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_hm=ZYUujMri9xnlFnmch24-kAAABK4AAAAB&google_nid=index&google_push=AXcoOmQ0oZWqGy2jLcXBLYZaeVefLvEgknrYa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_hm=ZYUujMri9xnlFnmch24-kAAABK4AAAAB&google_nid=index&google_push=AXcoOmQ0oZWqGy2jLcXBLYZaeVefLvEgknrYaeHarNPRPUa8pw6V4eYXI8q4LchEzooyqovcCk7lCtDHEi7vHcvXooXSEiKqwK77
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBqUjeyqqPa74C791g8eulwoyZO1nPxKTQ3v0GBvwK4XIr8%2BTXcm1YRwo3sKf6rUlzc6J6gYOFs6uvHf8FUe8%2BwmAVo5ORmjNLkurBx6%2FsL0V6yLL09%2Fh3IUJJgJwoo5me8yOpMYAg1uow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOxA9xFjeg2udk1exc6ztuU&google_hm=ZYUujMri9xnlFnmch24-kAAABK4AAAAB&google_nid=index&google_push=AXcoOmQ0oZWqGy2jLcXBLYZaeVefLvEgknrYaeHarNPRPUa8pw6V4eYXI8q4LchEzooyqovcCk7lCtDHEi7vHcvXooXSEiKqwK77
cache-control
no-cache
cf-ray
83965a8bcf41381c-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
report
sync.teads.tv/um/ Frame C44D
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB99L5xAsGkm...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSN1bAuUpc1K-SKykGvDDKcLiMuBxx3Hyq-XvXlxLgZ23BBazHmspGHKEA5okPl7zL4W6vQgfhvFeIMEqz2b-B1ruXzCvKP
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 06:37:00 GMT
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame C44D 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHAoQzaWq6_H7gZA7BbI-8E&google_cver=1&google_push=AXcoOmQEZS3dh9AK9hzyjD9wotUe7ZlrygBsnsRiASq1k7PQRGYkUlfFE1fYinF19vPzbzESlWOp3ofjjAt7103wbSpbm8zavqGs
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame C44D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6UQX1j9GXEs4VNb3PONGwb4dRGiRMrxQieqbI-r4s2vHbMHpHuxCaSYqhAr48EHQqEreoup0
Requested by
Host: e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
URL: https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.googleadservices.com/pagead/ar-adview/ Frame F8BD
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvC4miy6FZdesFeO21fAPwdi-oAOczsC9c9qXjcmGEvTCtauuARABILbX6XtglYKAgJgHoAHZlq_ZKMgBCakC1hwwsmp0sj6oAwHIA8sEqgTIAk_QO0zHzGAE664L4RLtLq10ZJDPDCi9HQq...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224551542255278086650%22,%22debug_reporting%22:true,%22destination%22:%22https://medi-now.de%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224551542255278086650%22,%22debug_reporting%22:true,%22destination%22:%22https://medi-now.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210924837721%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221880415376222698657%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"4551542255278086650","debug_reporting":true,"destination":"https://medi-now.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10924837721"],"22":["true"],"4":["12-22"],"6":["true"]},"priority":"500","source_event_id":"1880415376222698657"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 06:37:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4551542255278086650","debug_reporting":true,"destination":"https://medi-now.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10924837721"],"22":["true"],"4":["12-22"],"6":["true"]},"priority":"500","source_event_id":"1880415376222698657"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame D26B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C74eSiy6FZYrjFauY1fAPiNqmsATYmrPzdMXEtYH4EcWvlLTkEhABILbX6XtglYKAgJgHoAGG19e9A8gBAqkCyvtJ8fl1sj6oAwHIA8kEqgSsAk_QojhzvKGYm-0Ko1yhqj-umrbqkxjj0ME...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223933460002173876980%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223933460002173876980%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217619157673903130097%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"3933460002173876980","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-22"],"6":["true"]},"priority":"500","source_event_id":"17619157673903130097"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 06:37:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3933460002173876980","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-22"],"6":["true"]},"priority":"500","source_event_id":"17619157673903130097"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 55B4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
378016d88f416b5a4569e86246b803ab5902836f0e10a4c5fee5192776b15817

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AD91 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
249813
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:13:27 GMT
expires
Wed, 18 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
300x600.html
s0.2mdn.net/sadbundle/11698040626992906240/ Frame 7292 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5389d4ff8aa7414543574acab723071581bde8808b8ab852e2b3b774fd3a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
expires
Sat, 21 Dec 2024 06:37:00 GMT
last-modified
Wed, 15 Feb 2023 15:30:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 55B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsus_1r2CO8FxpcOLS-2DqRLU2SsofL36YU3OJFE6jVMFw4kHRWjy1Gn2N3pPZb-PRbocrrUt0vUbfC5TYuJHUljocwZ0C_PbStoAUn9Mi_sS3HX4vE2-SAhP7z5nlSypEnDKtjv_L3GBSefLU8_3JYoPYjLt0GWheMvh88qz8AUoC9D0FNrk8VSb9IcvCV7FB_i9bMe8UNn37HZqoVQVe6J8lFIWgP7bmXC82vsaOTu1TcVVr4CYy7epbcibzYP4BkGhe_GHSb3qL3-D9YSeHkpIdKSUf9urWLgwS8CFMntRao55m8n1360dEsHiPFilyGMab2tjYVvfAtbk9sL-QKCdWcyyZcAvNoFFl2ChS2Ya76hqsDp3-ayFkjERaQ8ydIAwRe1_9WJimwTF3jxQtD7We_tzdNOlzrEN73o696e7Ur7HnK_BsG9WLQS5rjEkQClfwxpT0BE1DdNpP5yrf5cGWUFfifw2bw2jLqNBIpbQRhOE5bH7Vlh4wYPcgJvkhtuxOfH4b-HYUqvOgEJi3By56ZOztyUwAENqV20ac1Z_4HhvUoU5hq147o3GBBCnjpmBmCSmqNPUw0OAsdsOPu_7xn5UqyJ_w1dJLToyb5F4UKq5dti_3o1dHvas7a19B_Py5smYEC8B_J-Rt8yKKckOJlos0XSwb2wi-JjY7thykP7aryLL-XkwCAPwbcl0CZmuM7yWl8A6gph6JQvpGvdBpIPe3fa7NLQ4a930dR-5aFo63tLh365_4P4PVTHX3NlhckCV97BX0TYmIhukTMJr0z5T7tSo2BDIKZO3dgcd4sU_6OPrqpc1JwENfGqZ5UWc32yOfm1y7Bk9ct0gzZzNs0AuRQPXjRwXfkhyf2d5wchOLbEoeOgkPfE_cazjgD8jdJ0-ANiomM7ogKW4Jze7mjPGlZ0ldUONIdPVZibFSVw3-PIg8i9-uA7wrL2PvcAJXqqwIAkvWGoqnuoEbKD3CEjhGxSRcY1tEVSEkoDQiCpkwmd7tVfWiKH3ntVSUqQeniUNrfqXsBHNBCJLoSKFnTgJnyQqPvUnD8-sCjSnYj7X9T5uGzG1lerjyGxvZ6lYLkYrmQScCW996lt7t7OfzPNM3vt781JdgcjGf5iqHzh9S0W2wwG_YH2YB0NOHHf8neNIoCd9dn1cFW_3aX9GH-jvfwu-OcZ-YWiylbjO2o9aYIVqZszuFbOgxjeQDAnWjpb9tjTYL0w7LlTEvktKl25r9pKTWL7UyUpqr1P6jtulk6gbrgxmXy3DW7f06fVl0Cki6ZM4P5Ggo4bYb3_woCD8ovIwiMUQ6UWC8PGSR93G3j8mWRIApRsTtOuk8oMJv1liHesuMOZSw3OO7mEOLDlSFerVMnxmk3v6J3ffdobXva6S8fXT2qqs4F3A44C3Srh1X4yQu0TwG1cQmF_o1NUBXBYcmbB1ljySMGlrRrtTA7BmEL-FIsopk83qg51KuimBub2Yg-7dfGskx0sFHU29scb5c5V-r2vhjQ6eom3rsqEQiwcyr-ISe4nnA&sai=AMfl-YT-BNVoOJfOyBkH-EWDfxffKT-yRYR2J5BnGpJ4GvdKjQq8Xb9Z2vHeDqw7pNxVUEd0G2dCB0Z_LZ79dGIsprQbhYSBPFiUf_jGA3RvPYj9hsFEPBgEpdT1dGhjUkp_UFlIrTc8LR5GwzPMF8G_OpHAzK6gInmnJO5yPMr0Dcha3_MAj4ZsJJ9f2IshYNH243lh4EGIgSxIjuRXOuZi9bRu-4bzrfb10fEiaU1WFgGlCprAfHJd-o0GMyyeG2LfHJ1BW_ys0e3ChILgVcyM0oLbODqfc8apBporhq2F_wgmh4QkRpuWFhvL-89ZZz7wd1Jm8o9e-_NSS8h6R6L7CG0UTDBKmvvzZ_qCfziXB2qVM2N2jUPLu3eOSe9OJrisLEoorqLO-k8M1AkCa3lcMfr6I3brHm6Zhm4zySzBhmOENrftCiPleA&sig=Cg0ArKJSzFGMx-p0qV1pEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=161&cbvp=1&cstd=155&cisv=r20231207.32811&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 879A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d09ff1ebfae30ab7d45be32471a248805ff0e1a5c45080e41908325619ebbddd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6A21
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1&google_push=AXcoOmQLu3NDkoadVgs3xDKmgRJ0YQMYkqP0HYYYoUdpu8zRIkYyr2gPlCRx9XtHfLDqONpCHCROPXrL0jCZNWyvRO5npq8hyTXutA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc4NTA2NTA0OTAyNTExODMyNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 6A21 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFsdPqeH1J_3WcpDaV-3fGM&google_cver=1&google_push=AXcoOmR86QL5ugEOlIQtnujJ2_Xk3_OBl23P72JCdcMDy9Ihy2DvEXcnLeV3dcGSFkIRcmCE_cLfI3awZy_logZxV-DyWKONNn28qA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 6A21
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELqZqZUurLkH6rzKz0T_L58&google_cver=1&google_push=AXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqZqZUurLkH6rzKz0T_L58&google_cver=1&google_push=AXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17...
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqZqZUurLkH6rzKz0T_L58&google_cver=1&google_push=AXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83965a8cf8de1e56-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
151
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELqZqZUurLkH6rzKz0T_L58&google_cver=1&google_push=AXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR3KNiyFeZHDdqhUpwINv535MgQ3iD0_yowl-Xhk9UkQhz8yi-l7aBmeJzjD3lk0deBxT7bj0ITMOFIYHIPYl-vvp0OO17G4GM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83965a8bcfca1e56-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 6A21 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJPnGDnrAL-oj_m1huXCvH4&google_cver=1&google_push=AXcoOmQCZLH-6VFIOawq82Jh-1k5STcJkM0KNxWeuwPlMyRiTnfe-qJ790Z5-H9-Btt-PozHlYM1DOURSxwbMfo5B2gEcv3WAQ2pcp4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6A21
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKuVuMd0zb4oA1FoX8ylrEw&google_cver=1&google_push=AXcoOmSJr7TLVRaXYQUjJqKS3GZYexpdZg72N60A9DgV4p23JBUM8xBigFrCFnwWhfzCrcTgqXcAK-Z1eItIVO...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTMwNDM0ODU2NzU5OTI2MA%3D%3D&google_push=AXcoOmSJr7TLVRaXYQUjJqKS3GZYexpdZg72N60A9DgV4p23JBUM8xBigFrCFnwWhfzCrcTgqXcAK-Z1eItIVOYle3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTMwNDM0ODU2NzU5OTI2MA%3D%3D&google_push=AXcoOmSJr7TLVRaXYQUjJqKS3GZYexpdZg72N60A9DgV4p23JBUM8xBigFrCFnwWhfzCrcTgqXcAK-Z1eItIVOYle3vlrWZ4Ni59yyM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTMwNDM0ODU2NzU5OTI2MA%3D%3D&google_push=AXcoOmSJr7TLVRaXYQUjJqKS3GZYexpdZg72N60A9DgV4p23JBUM8xBigFrCFnwWhfzCrcTgqXcAK-Z1eItIVOYle3vlrWZ4Ni59yyM
Date
Fri, 22 Dec 2023 06:37:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 6A21
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPq2YaFmcjBJyffmu1Io3qE&google_cver=1&google_push=AXcoOmSd_bqFxZMbVxlisRrjvXULSK-n-8WG2TXvHnhyNXGDAAVxFim3R1r4Un7KgJ8inRZHiPfLNTWa7baQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSd_bqFxZMbVxlisRrjvXULSK-n-8WG2TXvHnhyNXGDAAVxFim3R1r4Un7KgJ8inRZHiPfLNTWa7baQogaRhL9eL-XIdHuOog
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSd_bqFxZMbVxlisRrjvXULSK-n-8WG2TXvHnhyNXGDAAVxFim3R1r4Un7KgJ8inRZHiPfLNTWa7baQogaRhL9eL-XIdHuOog
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSd_bqFxZMbVxlisRrjvXULSK-n-8WG2TXvHnhyNXGDAAVxFim3R1r4Un7KgJ8inRZHiPfLNTWa7baQogaRhL9eL-XIdHuOog
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame 6A21
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFs7iugjFS_n...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSMiFjQabAP1l5VPe986iCZmYl8vUBYWGxL-KwGK6jHZ7pGBJIIap146tSAff6iXIxCIj5Fy0RlOTLFqCmFr0GWRDy4Z0HBJsmH
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 06:37:00 GMT
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6A21 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqgeCzLdpN1me4q09TbYQmdCnny70n_FrIWEtW-lSxKqRSyFv8ceXMMLWSOJbfmHzLB7BloA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F8BD 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 21:01:51 GMT
x-content-type-options
nosniff
age
120909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 21:01:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 879A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CW7lYiy6FZYqtFZrb1fAPnI-E0A2F4LuRdM7BpaaPEtrZHhABILbX6XtglfrwgYwHoAHh7uq3A8gBAqkC1hwwsmp0sj6oAwHIA8kEqgS3Ak_QpG20rwZOYD2WWO2qnVtegTNFbbrC5rb8LJ1...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221211633888372464737%22,%22debug_reporting%22:true,%22destination%22:%22https://panamajack.de%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221211633888372464737%22,%22debug_reporting%22:true,%22destination%22:%22https://panamajack.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22922400609%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217894314157762470001%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1211633888372464737","debug_reporting":true,"destination":"https://panamajack.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["922400609"],"22":["true"],"4":["12-22"],"6":["true"]},"priority":"500","source_event_id":"17894314157762470001"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 06:37:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1211633888372464737","debug_reporting":true,"destination":"https://panamajack.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["922400609"],"22":["true"],"4":["12-22"],"6":["true"]},"priority":"500","source_event_id":"17894314157762470001"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224551542255278086650%22,%22debug_reporting%22:true,%22destination%22:%22https://medi-now.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210924837721%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221880415376222698657%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 22 Dec 2023 06:37:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223933460002173876980%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217619157673903130097%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 22 Dec 2023 06:37:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F0C3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 08:54:58 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 08:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame EDA2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 08:54:58 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 08:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8BFE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
78122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 08:54:58 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 08:54:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C032
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
expires
Fri, 22 Dec 2023 06:37:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7292 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 21:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 21:54:48 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7292 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:37:00 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame DED9 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=1815900770&adk=471421629&adf=3153423549&pi=t.ma~as.1815900770&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=188&idt=250&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
323154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 12:51:06 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame B704 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=9812672228&adk=3541318952&adf=1004996698&pi=t.ma~as.9812672228&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018949&bpp=1&bdt=189&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C749x280%2C749x280&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=3402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
323154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 12:51:06 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221211633888372464737%22,%22debug_reporting%22:true,%22destination%22:%22https://panamajack.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22922400609%22],%2222%22:[%22true%22],%224%22:[%2212-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217894314157762470001%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 22 Dec 2023 06:37:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame F0C3 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 05:52:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Dec 2023 06:37:00 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0C3 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 14:24:49 GMT
x-content-type-options
nosniff
age
231131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 18 Dec 2024 14:24:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0C3 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 16:42:53 GMT
x-content-type-options
nosniff
age
222847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 18 Dec 2024 16:42:53 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F0C3 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
16937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F0C3 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:16:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 02:16:55 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 811B 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJbTh_8BMAE&v=APEucNXoXUslK4qIc1jqzzG0efTWjAz-EKCVHFxqfz31SMPep-aqp0yjOE_fDr8MwHzt3HHaY8YBxwfQUaP835-qdxzAmqka-208F2AxvYht2nfNARmB8415-h14FJP8dh29MZoCLof_p2p0QXga7tDXM60UI8QpyFw6kgakitRKy3-icBLF1IU
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 402A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:37:00 GMT
skeleton.gif
static.adsafeprotected.com/ Frame 402A
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1676726/76805677/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1014932963&ias_pubId=pub-5928161074779380&ias_chanId=1&ias_place...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:9000:20ab:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 8be6e843d0ee8ff03a0a07d811ce5bf8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
911237
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
9UF4yyTcvaHbfnj4zWj-KnKtHfddPjnn8inmvSzWLklCR_88R8JXHQ==

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
nginx
x-server-name
app26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_xappb=
cache-control
no-cache
content-length
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 402A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:48:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 402A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 402A 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:37:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 402A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkiRmqFFHotpmT6mb3LfNijnvi9YTtpNyymArhsqojvpsK2iE1P5NtaK8T40jCJcZfTeNd415Qf89EYqRbi4P4QUYssMPMWrWJEWZQ6bJzq2bIjHc
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8B0A 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNUi8sng0JZYF9oNUTSTQ7O7_eEIIO3sVSVH68-fFMfD6YfSw-a_FzeBsEvFHO-oRbvtUlqTzVNHP4QRRcLwXJl0GoMN-kF5VDZWwuT3NTxAk399b1d6f9kDALRBXHqx66bRmPPspppJspwCQPN7tNVM6Lbgif-i7-t4DQJ1aQZVrwPxFnY
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 98BB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:37:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 98BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:48:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 98BB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 98BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjkr2HEtuad0Rl50oLgbYVTQVBB4b7TiVy5jTDd5_aWJumW5j21MTvhPVrKeUSS_VUTpiM2kFhBaGOyDb5g_NpbdcNSg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 98BB 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:37:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bnh4qjVMVNc4VcWdX5Wi_FYA7bIftkzgWx6U0EM3UH8y3XSiqT-tPxEKyxNUoDWORUdtCnarXwGVne1Ll8u_B8ahBPLl_ICLHkbJckqktvQ_dOHFw
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame AD91 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 509F 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5928161074779380&output=html&h=280&slotname=2732825802&adk=652042997&adf=2125223602&pi=t.ma~as.2732825802&w=749&fwrn=4&fwrnh=100&lmt=1703010214&rafmt=1&format=749x280&url=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703227018947&bpp=2&bdt=186&idt=246&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1050833028883&frm=20&pv=1&ga_vid=678660438.1703227018&ga_sid=1703227019&ga_hid=1057412394&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C44807405%2C95320868%2C95320884&oid=2&pvsid=3619052773082774&tmod=130453297&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
323154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 12:51:06 GMT
view
ad.doubleclick.net/pcs/ Frame 55B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsus_1r2CO8FxpcOLS-2DqRLU2SsofL36YU3OJFE6jVMFw4kHRWjy1Gn2N3pPZb-PRbocrrUt0vUbfC5TYuJHUljocwZ0C_PbStoAUn9Mi_sS3HX4vE2-SAhP7z5nlSypEnDKtjv_L3GBSefLU8_3JYoPYjLt0GWheMvh88qz8AUoC9D0FNrk8VSb9IcvCV7FB_i9bMe8UNn37HZqoVQVe6J8lFIWgP7bmXC82vsaOTu1TcVVr4CYy7epbcibzYP4BkGhe_GHSb3qL3-D9YSeHkpIdKSUf9urWLgwS8CFMntRao55m8n1360dEsHiPFilyGMab2tjYVvfAtbk9sL-QKCdWcyyZcAvNoFFl2ChS2Ya76hqsDp3-ayFkjERaQ8ydIAwRe1_9WJimwTF3jxQtD7We_tzdNOlzrEN73o696e7Ur7HnK_BsG9WLQS5rjEkQClfwxpT0BE1DdNpP5yrf5cGWUFfifw2bw2jLqNBIpbQRhOE5bH7Vlh4wYPcgJvkhtuxOfH4b-HYUqvOgEJi3By56ZOztyUwAENqV20ac1Z_4HhvUoU5hq147o3GBBCnjpmBmCSmqNPUw0OAsdsOPu_7xn5UqyJ_w1dJLToyb5F4UKq5dti_3o1dHvas7a19B_Py5smYEC8B_J-Rt8yKKckOJlos0XSwb2wi-JjY7thykP7aryLL-XkwCAPwbcl0CZmuM7yWl8A6gph6JQvpGvdBpIPe3fa7NLQ4a930dR-5aFo63tLh365_4P4PVTHX3NlhckCV97BX0TYmIhukTMJr0z5T7tSo2BDIKZO3dgcd4sU_6OPrqpc1JwENfGqZ5UWc32yOfm1y7Bk9ct0gzZzNs0AuRQPXjRwXfkhyf2d5wchOLbEoeOgkPfE_cazjgD8jdJ0-ANiomM7ogKW4Jze7mjPGlZ0ldUONIdPVZibFSVw3-PIg8i9-uA7wrL2PvcAJXqqwIAkvWGoqnuoEbKD3CEjhGxSRcY1tEVSEkoDQiCpkwmd7tVfWiKH3ntVSUqQeniUNrfqXsBHNBCJLoSKFnTgJnyQqPvUnD8-sCjSnYj7X9T5uGzG1lerjyGxvZ6lYLkYrmQScCW996lt7t7OfzPNM3vt781JdgcjGf5iqHzh9S0W2wwG_YH2YB0NOHHf8neNIoCd9dn1cFW_3aX9GH-jvfwu-OcZ-YWiylbjO2o9aYIVqZszuFbOgxjeQDAnWjpb9tjTYL0w7LlTEvktKl25r9pKTWL7UyUpqr1P6jtulk6gbrgxmXy3DW7f06fVl0Cki6ZM4P5Ggo4bYb3_woCD8ovIwiMUQ6UWC8PGSR93G3j8mWRIApRsTtOuk8oMJv1liHesuMOZSw3OO7mEOLDlSFerVMnxmk3v6J3ffdobXva6S8fXT2qqs4F3A44C3Srh1X4yQu0TwG1cQmF_o1NUBXBYcmbB1ljySMGlrRrtTA7BmEL-FIsopk83qg51KuimBub2Yg-7dfGskx0sFHU29scb5c5V-r2vhjQ6eom3rsqEQiwcyr-ISe4nnA&sai=AMfl-YT-BNVoOJfOyBkH-EWDfxffKT-yRYR2J5BnGpJ4GvdKjQq8Xb9Z2vHeDqw7pNxVUEd0G2dCB0Z_LZ79dGIsprQbhYSBPFiUf_jGA3RvPYj9hsFEPBgEpdT1dGhjUkp_UFlIrTc8LR5GwzPMF8G_OpHAzK6gInmnJO5yPMr0Dcha3_MAj4ZsJJ9f2IshYNH243lh4EGIgSxIjuRXOuZi9bRu-4bzrfb10fEiaU1WFgGlCprAfHJd-o0GMyyeG2LfHJ1BW_ys0e3ChILgVcyM0oLbODqfc8apBporhq2F_wgmh4QkRpuWFhvL-89ZZz7wd1Jm8o9e-_NSS8h6R6L7CG0UTDBKmvvzZ_qCfziXB2qVM2N2jUPLu3eOSe9OJrisLEoorqLO-k8M1AkCa3lcMfr6I3brHm6Zhm4zySzBhmOENrftCiPleA&sig=Cg0ArKJSzFGMx-p0qV1pEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=298&vt=11&dtpt=137&dett=3&cstd=155&cisv=r20231207.32811&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
node.php
node.setupad.com/node/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
css
fonts.googleapis.com/ Frame D622 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Dec 2023 05:04:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Dec 2023 06:37:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D622 		2 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame D622 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
27403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D622 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:48:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D5CC 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D622 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
16961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame D622 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwEqC3F5-fTGj75kU1-79J0dzPWYMIFYg1D12_6pryFBdMq2tQfeQsyiliNnAie2J751BIJslLWQxnY-wqXGc0aCrOuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D622 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 06:37:00 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame D622 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 09:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 09:13:33 GMT
rum
dsum-sec.casalemedia.com/ Frame 811B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJbTh_8BMAE&v=APEucNXoXUslK4qIc1jqzzG0efTWjAz-EKCVHFxqfz31SMPep-aqp0yjOE_fDr8MwHzt3HHaY8YBxwfQUaP835-qdxzAmqka-208F2AxvYht2nfNARmB8415-h14FJP8dh29MZoCLof_p2p0QXga7tDXM60UI8QpyFw6kgakitRKy3-icBLF1IU
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6xxUTAFckXxyilXINqUpGFQIG79qOAQ05%2BinHDjqewyacTxBgD7TV7k5UG00wrSEfZHg%2F6bZ%2BmAjR1HhLGkJX7oCJKNwjZfuVikLmiYDaNmib4jMWraY%2BczCM%2FVAGfWVF6QoNUiXcjbZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83965a8d38b2381c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 811B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYUujMri9xnlFnmch24.kAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJbTh_8BMAE&v=APEucNXoXUslK4qIc1jqzzG0efTWjAz-EKCVHFxqfz31SMPep-aqp0yjOE_fDr8MwHzt3HHaY8YBxwfQUaP835-qdxzAmqka-208F2AxvYht2nfNARmB8415-h14FJP8dh29MZoCLof_p2p0QXga7tDXM60UI8QpyFw6kgakitRKy3-icBLF1IU
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zQ4TqspJKLQZfUOyirehhEqo%2BaYhgWpDB3P0J36YXkX3eBBvGkhAvX03UXT6YonixyPCSVNVdFEOA6Go13Tkzd8Z2eQ7evYlb5ACieMvplqO8VVarD97uSeeerqmgSMdyM%2FoUZaip51jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83965a8d58d0381c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPlg6XFlOq63b6CVQaYpPIg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 811B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJbTh_8BMAE&v=APEucNXoXUslK4qIc1jqzzG0efTWjAz-EKCVHFxqfz31SMPep-aqp0yjOE_fDr8MwHzt3HHaY8YBxwfQUaP835-qdxzAmqka-208F2AxvYht2nfNARmB8415-h14FJP8dh29MZoCLof_p2p0QXga7tDXM60UI8QpyFw6kgakitRKy3-icBLF1IU
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
an-x-request-uuid
6181dd85-c6d0-4f7e-b4a8-125eae4fdea1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENZ5KO_0__95HsrAUW6W_t8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 811B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJbTh_8BMAE&v=APEucNXoXUslK4qIc1jqzzG0efTWjAz-EKCVHFxqfz31SMPep-aqp0yjOE_fDr8MwHzt3HHaY8YBxwfQUaP835-qdxzAmqka-208F2AxvYht2nfNARmB8415-h14FJP8dh29MZoCLof_p2p0QXga7tDXM60UI8QpyFw6kgakitRKy3-icBLF1IU
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
an-x-request-uuid
91af2df9-6858-46c9-81d9-6fffcfc5fa20
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkxODYxMTUxNjc5MTUzNzA5MA%3D%3D
x-proxy-origin
80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8B0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdIw0YWb6Flj79VFfz_XWc&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdIw0YWb6Flj79VFfz_XWc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNUi8sng0JZYF9oNUTSTQ7O7_eEIIO3sVSVH68-fFMfD6YfSw-a_FzeBsEvFHO-oRbvtUlqTzVNHP4QRRcLwXJl0GoMN-kF5VDZWwuT3NTxAk399b1d6f9kDALRBXHqx66bRmPPspppJspwCQPN7tNVM6Lbgif-i7-t4DQJ1aQZVrwPxFnY
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMdIw0YWb6Flj79VFfz_XWc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 8B0A 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNUi8sng0JZYF9oNUTSTQ7O7_eEIIO3sVSVH68-fFMfD6YfSw-a_FzeBsEvFHO-oRbvtUlqTzVNHP4QRRcLwXJl0GoMN-kF5VDZWwuT3NTxAk399b1d6f9kDALRBXHqx66bRmPPspppJspwCQPN7tNVM6Lbgif-i7-t4DQJ1aQZVrwPxFnY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 8B0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECsetf4xJX0Uq01E4CichA0&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECsetf4xJX0Uq01E4CichA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNUi8sng0JZYF9oNUTSTQ7O7_eEIIO3sVSVH68-fFMfD6YfSw-a_FzeBsEvFHO-oRbvtUlqTzVNHP4QRRcLwXJl0GoMN-kF5VDZWwuT3NTxAk399b1d6f9kDALRBXHqx66bRmPPspppJspwCQPN7tNVM6Lbgif-i7-t4DQJ1aQZVrwPxFnY
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 06:37:00 GMT
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESECsetf4xJX0Uq01E4CichA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 8B0A 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNUi8sng0JZYF9oNUTSTQ7O7_eEIIO3sVSVH68-fFMfD6YfSw-a_FzeBsEvFHO-oRbvtUlqTzVNHP4QRRcLwXJl0GoMN-kF5VDZWwuT3NTxAk399b1d6f9kDALRBXHqx66bRmPPspppJspwCQPN7tNVM6Lbgif-i7-t4DQJ1aQZVrwPxFnY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 06:37:00 GMT
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 7292 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:34:01 GMT
x-content-type-options
nosniff
age
179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:49:01 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 7292 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:32:39 GMT
x-content-type-options
nosniff
age
261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:47:39 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7292 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2058bf2d2637804387e59993489725dd2ccfe3600bdafd28b50af6fe645efa3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5808
x-xss-protection
0
60005582_20231129105816367_SAM_Galaxy-S23Ultra_Watch6_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7292 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231129105816367_SAM_Galaxy-S23Ultra_Watch6_Asset.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45c10852e0b745c06995f7eff923015cb92059c7c25f3d7ad6287a6f7dedadce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:38:18 GMT
x-content-type-options
nosniff
age
43122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43455
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 18:58:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 18:38:18 GMT
60005582_20220825085151068_300x600_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7292 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085151068_300x600_BG.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 21:40:24 GMT
x-content-type-options
nosniff
age
32196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62713
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 21:40:24 GMT
60005582_20221129094447318_300x600_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7292 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221129094447318_300x600_INTRO.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4be6aea8905bf51917add01a1faa698f725b6b21c86f8cc1effb69f94c74179f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 14:09:47 GMT
x-content-type-options
nosniff
age
59233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78928
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 17:44:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 14:09:47 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 7292 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_PEF_HAV_14121_PV&mediacode=30943251_4307561_379896937_145353403_PO4504A20231130&ref=30943251_4307561_379896937_145353403_PO4504A20231130
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 varnish-live-1-1
CF-Cache-Status
HIT
age
3371698
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Mon, 16 Oct 2023 12:55:26 GMT
Server
cloudflare
etag
"2b-607d4eb83ab80"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
276057792
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
83965a8d88624db3-FRA
Expires
Sat, 21 Dec 2024 06:37:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 402A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9351310580763&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 402A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9351310580763&version=m202309260101&ct=76&x=1&cor=2669550462956345300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 402A 		93 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTIXoXk3YtcWbfYhRcgRZgOneIjIK9Rc-2YdRVu74yozwrxnWJm7s3O1NJaUybjWHuPe0nBPDnekyvqnZYybTl9x0_0iwZE7uaid4CWFbnFxGVG0S0uHFi6ogO3KDjZyNMR4XLHzUXoLbnbc7CyCJv-H9YI8UdZdPI5PBCH14iMyytxvw&dbm_d=AKAmf-B4Rpxj1TlkapyoUzSqmrGgTeshArW8EEHOqE1d1pDLlcfZbUaN-TVpYeEgN2UMir2J3NRILuhVR_msohfAg77A7kLo1JLsDmQNY2Fg7ml0tYnOVTfxbzkMQwB1yKpuoQSsRngHmJCXg2SW7_4nJAyYgNNfLJG2cHses6E74pwkbYK2Uh3Gfnf-Q4qJnabkJjS014mQswb1yLhp-KQsjwL2-C--U4yBTmtG5nk_6Yyx-sDz15Mr1PetDWR50pjAdfAvwE9wYyC9HXFYddTmIZf179GRgXKIFyf8YhikL9HvFWRs1qd7wGlXnVQ5ACUFZBluD3C29uVp_9ut146Hi6MzOz_Tt8AfiiwruHHZOJBXN7n-tir-MSOhKlxqlHXdHu7ESPBDXygA8IzuzKHaoaN_f5FkmGgJh2-wAY24-xpxAzvFyoh1NGiLWVyHUdvKzTFvCNVJQwMfrrFwSV3Q10T5AyS6mSadzvz-yQtxk9DeBfqBNQhMldb7tG5Wcs8upj-S4sPA3Lvx1MUw-A86IkO3HTexqO4UYQo4heIJX0M-lYxYasv_ui4rKYUHQ9JakU9J8-cxQhJ2Fquv-sfqLH9SHl5r6xAgFviiTUNKlZPGI8cYK4glr5xgLrEJvH_mqa2iaRfl58DClAUlgzPeJ5Gzbyqn_Hg18kU5tDA4boRxQrmNd1KQB8nXoNXx7J-1KqJ_6JK8Ln5dV6eFNvnY7Dqqn0fVU2OQfZxTjNIZpEajlCJUOQeBphlEc1Ci8-nJvs12wK3xsquFfgadKi7RsUIdujns6V3EjALTkuPNt10QreFjSpVS8S83DY2MX8uXOFaRfNn8vNbMZp5wrz7YCFC2MsETzZalvwk-lsooFMsbevTOSshxEpMWC6yIHTi5tTU3dkEMw1qnjuHuylYtKpIxlpIm8GsP-UTmEMgVFx_tJXiHq4o83_9qA4T8UqhbuJbYylh85PO8cV8NZnhorZia9SMoVb6EsraLivk3O42XYaqACkWFRC1S1EpoGsGOw9V_onmXul5SwpucJBKtyLnd2KwUEhnDDCXl1DgoIQ-5i-ha0jUohH6eBYN7hXxbDQHWsv8FWKJnGqI1pwc7PPDf7y4i37I4QfZjv9DshvnmI9-9plPJGR2EzYKF3DsqeyULIO5udhMb1ptDoLjR0dyhrMAfJ3KyHnunHKQTLHFrTf6Vpvu89byY91zkn-g4Iincesp3WPE6--gPu5MvlajWyuTtWNkEQlzOpeGHYPpG6VY9850oMhCJh6WUomvHX6VepY_-vmAgGnCw_g6StFecBj569cFYoKM1VjWqnbVW8nCOVj0vj-ShG_ER4rhzf9_vux-zk-A72oA0RW_HhaTWTi39I8l1R4kiNrJAKxNsvrSFSWJDMkmMc_bcy4KGvE-niFhWKhIqOKCHLvUMhKyRsxh8Z-NRbWrHktYl2cG85JkukHrOm6zYsCX_n3IC14sP56Yge9i2zNRVPu9wvGez-zVS_4owbiXMRon5HLCY5KgKpAurhBEFYAfBXJpca_7KiS65LHQBpHuhuMtoa7XBSAuDzdKlMkmzaFcNSERmZeMghBfXcTDeI07TPxPpbu6VJrO5zZdLruMZlmtL4dqQdptBlBYReIfWTuSS0cYK6Vcz-Avg08dGQpW0HoFGg3-DP5rlc55SpqurKYMXiDrihH6xOgwKY1Tq_fB8IS9YAyIU-co5I6f8J9kcVmS6OxLcTQbByFr3Stn9ebU78EJNvPHQdu8zOQKq04B1rp3xi38KKlLCJ7ZJL6UR16mVsUvJUflrn5I3qKwgnf6VFLgNGOc1lVQG_Lt_w8VMr-LrySgBQ4pFmJravyVWG6XXusl2N6-1MoxLbq8KlRf6TL9zyzrxO4RqReN8NVWVPMO7bJky2tO4Mx4mv8Qrpyg5SKUFDGz-rnZyxeYXcupqNp17zBOoLrsf315HIC6L04xNCR2Cx-U5Scb6aNIH3D-D_ylo5-lgTzksXrDvUAq29SGVIUoI7fP-BbSPMiqiabHNhQY9ekWvSf758p2tJsYo-WpdbtNPNJZwH3VeXdZw9t68F9kEMEn7_o7K9HJdtM8oQuBe3eweeDcHHnH85stuMWAdBBYXjgUh8uly6W56pNG70oWL-kyket2kS5dr8UXT6QFlPoUdCH8nUKtzoLFlg9EEVa-3wxTt8j3EdJ7dgez0245DgvwCMwqv68tsneEiY8-KUSZSqg4YguxWp3PTdxXnntrJZSsuLHBIG3rPTI-w2nLvTguoLSLiGRv-eJEVJno808FDCQ32bBDB-x-zC8kuqrSQBU54YBG8rSvJYsJv-b_pbhs_KAGjZLRV5CLZ_AakH1R31oyp3--FSC8YJlaI8NarCQOz8KMbBATSbchfWFHzqux-Ljf-piyptqAtJ_1NCSNrUNe9Ef9cW7cwpbon8I3ZZsIBd6ScBkBAGqdaHkQjT4ghOhO45cZggMff2d_nxURgN6_tnx58OGjBxRt1U0TtJTjdP_qRqVedu6_64CZ5EBJcePZ0nwFCZLy197nbnoDCCmei_vpDRN-iDV29O8KbOHA0zWdAYlxYXGpD5ndehfCqFZQbdE9XbXke7q3B0Hiu7fhvqXDEAD_67nj5NZ2Te0xtiSba6oLHxi4a-r1Z5tMu6OrwOGFfDwuYl2MknuHOLxGT8HQ9mW3Jftu-45BIxD2F5MyNWf7vouxncM5KL9yy7iyYik0uD-gRLAvIO1T8QKNCRqomLQtSzVBJkkW-QJQYbsxen9KqJfA9CDN7cCPJAjNhfXiWWecgTjBf_Li6QWujyyjFvh_MKvbAsNWyNnq2WcDuUYh-VAbYHAwiz5Sg9QoREEVxTbG4ODeBxPxB9ArmyiEWWxWKaYKHc88hVkr4Mlk-kiDXqtx-hGkxsOZdAO-wJnrZOWFdJehNo6RZG-V732nj-Et7yhjfCwIQl83vPKqCoYAwru7NWQciP-jvO_H5lsbym3RGGYCRO8Ais5NuJi9u5JV13EUJ-gv1rp5uTLPWCJef1xh5bQzUlomCO5w6w-HBi5EGUZRdtqHOoU2VE1lDZgW6SvZ5qEetitKKYDLNyjw0sR4mFS3Sw16cxOoKzzZP82t09JP4QnUK76uTJi4slFkoVwMa16TWdaczQBDnd-SEX1DpSZd24MWtWevtGOMQykhNwrLerbfDMIg1RRLTKh4GOg3TpqOvqyJx7uI5EGM0M_BE2v9P04bhpoEHc4v3VqJlKV748afVtY8oRjpWArqePYMzUs1ZpT01_rrTL4hIdjyyBLJ8vPicr3HgIv2w-mTh-eTX9SWvYeeLsgBb3mbTXtuPuUKeC9dQBEMNBe1ifYlfvW1To6M-YTKlpV_hXKT0yJMfkmdM54sPUoGBddqe1WP2aeBVCq5pAxz6dxDCqe_51cIWeomkZg9r8lW43qPeaJcrgTQwE1YgPoe54sQ6qScOxB9xzcWuuL8qnwPncrruHQcaJ4MAY006tlZghEz3M6L_uzfnQXWYNdU5luqRZHLFIcKGeBokvuoqG1B-C8HGmTfwdYeereRjVwvrHMVDIBuWxxil8XH9v--hKQDzJoJ3bIyKsCTf24NAQc_FWduD4dvejoc9dAQ4NwrpWbMGuIlih1xOwheOz4M-fgsxGBQk1sc_EAfzd2Z1iDnjFaWdfHJgjpUAc5deqLmzLeyo1GsXat7Rz2yodJdvQmAe2pYtRW4hu007GpkXoKx2uD4S6Ke8_wSK5CbwDlUziX9cMRwqfSuFMI7I4PXBoyH6f6VG-NLJfDesgn4GpY1L-vgm6Gl3IoSkkIWK34F9cV2UheKQbD-tbfW2JFVMUObyinwBgBPS&cid=CAQSOwAvHhf_gZtnocjds7AIxNYJaojR8Mk3FaPYvN5NOums92CAb_DdmkCuwJDuxQvuJI0jWW2nEFsnWhGQGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=2669550462956345300&adk=2515327513&idt=99&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2797af31e1a1cb6b652595a0a95198e3e04982d6aa7bb50f375e5b9ac28bd80e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39241
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98BB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7924586371924&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98BB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7924586371924&version=m202309260101&ct=76&x=1&cor=6820350250234463000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 98BB 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUeT-2Cz6bULZxP11mG91JRiM3-3oWncXyUpQ1DYmItXJck3tdHBFQcQKo7GDPMC6CR5HvzpZZzZx-DyxzoofIlOEAAyZHkioGP7S8vjTKEcG-CaEQn4ZJ6NqLZ6KPV2kXeRmlEd5uhqSDk5F31rV5lpGVsk_lqilRNT2tOi4orncoFYg&dbm_d=AKAmf-BPuwcJoOLNLNfdvGa08fVaaPk0wLL1lbmj83_T0rWiZa28k5cW8IGvbyExW7KGNyENPtgNd5Y3Ialyod6WhhQVkgzWwJsK33o7NYDVjHMAZwJPgOjEBHzbN5fNpWUL9kWpIbliQykAQudd2pup9u-tsjpqVFkZg-aPnwdVBTWfgp0-VdzCQQavg5ldaPhrO6QktJm6yOYzWyMPhd0ZjrzcwtaSL7RzpG5pbH54PD6xZpBS2z5TTd-PgvLVjh3uq1n2kHcnjHpad6fYVG_Usc1zVk8btN5jGFbn16Y3rt1aqZf9upoqw5zMEkK4yiwNUygjr42TjHg9jtHlH-BrFD2rQFwyb3wuuviRw7ZxAH2Y7UOqnzAaPXeF29CZsTVB4vXEwn1Fu16R59J7v6C96L5wX3Nw4rRnD9FyyOoHbxmRRb9CNuaqdMpXb1I-AI08vFWxilxVUOQ_HVJcnCyR87QyFmc8cYs5HkHNT8UnP-pn_JpV1ID4JRl0XeR6P7RYqAdDDUAf5xuXkDhkaj3haSq1uNCcGOspHWe4kPlU3FhhFzp42M7RA0zhQZ-p077V-qB_kF7SZ3ndbAPxrDP7nT6wzGhiQuf_GjMt4FF2I30ntRgFXiXsywDyORaoBFM7lTYigfM9mtZ8YkbvcliRDFIb8whrk2pwblCb1gignTkBKmFZ8Xm42cZEiZJlB2A46X_qWcXbPIk3AMGKbbMs5kxj5hmodpvZlSASv7sLfGeKt16YPAgtkI6TtZ2K64Y5Zjtl-cs8VEqtgRW3_pT0u5b7xO5IfHBCU9mOqKPfcmJcrYSvMvS_A2cIngE6fNeBZjeKiqyG0E807kWTOMZO5YrMEcNc3yO13s26a0A9AjQ5scQTrNtlRQi3W2vuCmmoeAo67Ux_gK14KgdQ1wNNRF_DI_v1EPL2DppQ3ZpR8C8-zbDAJPbZW2HRbDw2NYPa4PeEQUbI6-pQyoTXFJCy9eI-FTCSgZAM4I5PH-OzVft3bd8j83hqlNp1wb4jdVbwLVXtFyFV7SX9dMMjsF2bSnpLCbrlBTR-Xbb01Y8jvs4QDyJo4fD8oi4OqADkhHQxg2WpGmx1QMMoXy_ADqkVds2E6TWKE7PlYts-I1b7i8Ra2udd1ELaxlxLa-W7nHnk7BVOrg645fm3SSp8rV1W25F6hoEaama7U6V5Iloyjr9imLynFQclnR7hhcSIA1Ta38CE9MXk8jYCB7I8TC3YapoX9c5B-vB24G1LgMba2yI6IJrGN20aHn4N-ygeRZtf2nFE0HD-mNoGBWMzoCXXMJom1D3ScsdAzNeTAQEjLqx75CaTEZw-vPWTeJFJpwVZCTaQB3xbP1RqjjhmricYY9iL-6qYtP4H6mPai4J83wSGtjEMFLBfN3_kQSkKB8zmsMwLMG4bHCmJMeZLtyjdQZ7r1LK-LzHMiXYSD0neEVDdgWWzIKcEaLQVFGudvNN3kxTxt3E3_2zPgn2FHBPERxVCPTb7-Gm45jkI8_HUsxW77m1iPZLjeTfkUek19g9lBsKCKz9tiwNCfw1t9iu7Fe_zjyz9Zty-GzlWSbh7lE4SrGSxkCLPby8iSW_6ixYV9AgnVdIYdycdpc1opvleqGPzhelGTCIeWttmVJVEtX5pU-PGpDCL6EkxZMIxwN2k4jFZ0wYvUZ-pmPpmu2acDsyJJbNk3PSltPxbS3dAKt3WloQwPx1CgTPnaH_zL6ueShmxqUxn8azOP-R91HE_-GylqHpgjENuhRF8wtEBVpbamVl59I5oaWBtngDD279UaZCGm7Ryd7bpb37pgO2O1W1h-04dUxDYy-SEVfYPpiQbm50Kf7igxEez2W2tafCe-tQ3MGYqZgIZq_GNfoQydSewWYusNb15s8-I6cxxLY6iuCAj5FHuq-Diw-ZWasXsH7X1pdjZrOQaSu0TLGBkrQC00EYYT2y-GztVqcRJbHvRteFrynCJSSYS0-hUGvxYhA_gSSGojD-VreSsGAcMAetEZECre2OSSg_YpTFWJRnwGyqn4-rcls1qgyDVWcIlPn1gTON0czAS8sbrxyRdmz17zIEh3SfyU7nfeWEUeq31pLnCH1xGNuICKgIEOOoUeyZ2OebqX8ZVe52JhkAqeAhpkN0nNGRtmNmqcNIcpKVU1Sx_vtkAX6c7eSWSrvzMn5S3hVNJ1pzWVhEVVFDb3mcsmpuci2PpMWgwvN3qYP5GBtlS-9WIxKYqsbKbUcKKnvo8lSqGh0h3NpCALpptvf7USHVs30vSK9Y58ClscIuwYKG7cHnN4BU5jHMOVKxlzirz5XyvFl-tmBvLL3o_VVvOcT_E9pKAZuHVWaZC8cUWUw1MIDXH7OLyZWzyr5m6s-gjFVTdFDjIcHrA7aDW7AKsK92cmrtF1G78b5M2aEBJbrS6lcE8ZI3vWSv8Uu13WwEEVe_-YoED3cdQNVZ1kF07_F-S5ra1oLj8p9OFEwHpdZSEzQ8lTjdQu91ZSLTSVbCfbbD1yIxzukfV8KS9OLJnrGgryiRfgTI-FPvV0StIFQkDEHSpscIT1qEreO59dJbkNy31iX8n_IFW3wHGW5P_lX2cExgzABc4_cH5kXefYBOeGqaTc5SLFcxjw4mGxAVQlQEHoD_uocz8o0016pWm22bRTbiNfApLdTfVmpZ7YMrSimjJKuUqg7BYEdRbFCognKka_Y2jG2zrUFTASngHxdXeepTsQ4Lrxx8mBrM99uEnQbNcNxn6GSwfnJusQbGHKRq-dE0XTIXzpAl_8s-SIq7Ub94u-Z7c7yiUNqJvA5l83az8HJtbK95jSNFWbzo5JhmaYnrodyyMP5ZHryj1YWvfPhXEAf7etl7TFszKSQDWQOJzgpTcgbCTDVTMPJZR-kbEtJnTM3ttnF4aAMV81Re6Y2EqApfpuoYMmhuVV4NOZmTcCyFIFyyw6wQVNE17WGRBsS2OJNhoM41PIvhniMQzty5e062ku5oL0nYCUwVrn37blgTGNVgDdc6if4KUqPmRVthU9PVyLFbUYUoQe7MG-2s7KWkATQmYhm5uOJGCEb8ntpPeuAdYX9T89rgw08KI4frEUyDs6JgoUDK2A--XtVu3QIkQ9lyzc9WDx8fUVYOrVO2xjg1iNHT9GJrhGZEmMFMoEEaFofS9TPokpf7w4UVdhceAS-z7VBR_eH_h9E2H1o5d9cPYvkb2gUBpFCMClRvaSFzQoAIvDj5KKVjf0NDbqWhtoPt2hbS5YmCcd7-fRzWLQKbmUHp12BMGEpFEXRSL7BGFOHvHigwhL3yLVo-ehyRu1Z8yC8V7FCTbYdagHslCOLuHhVFIhZ4aGZTPGkGROTVOx0jRo-uoNi3d5LvUWOBI7lLjUczX6okPX4fDoTlFKe5b8VcB7LFLfSWUNmJCY8Sk4AW99D08iUadfeCGw28fCIIqyCvp3glqVS-qf-CLa_498kpeyv9vLrjUDK3a6V6cI3bINmFRVzI6O6yGYSyjcPP1q_UAu0ilgla7j52v6CARWYOT09bbi7ccBzjYgHDJqDVh2X4Rl7VJP5Y6XFSns9rkQCeWSGG11H_xSInb7MoVf6tHuU6iJsETU6O4hAO_HT2NWUBAGVkyAX4Fq8OLBO-yC1N4tznVUsq3xA-3kNhPsBlnutvosgxr4UihBF90CchHxvcwoHrFqiblrisK_7uSzyyLjylmbV9B7b9etAsULhV9CrbnS3s5s-XuHzeMLquUm6dgYPRuzUs6ikEumKKEHuD6SpzGZTCdkx9fDxXAokP2-7loSHBGGibgXEQzjT8OMaWmgr-g1ksTGqLt78T0bR0hwNzDmq3K-21cFd9-kuGnjrH1dGTREcRTpwU_MNlfyqbaDTS6SU6GfE_4-aPFnnBIjT9CY2Y2eFpI-QhIcffk8d85S5aI&cid=CAQSOwAvHhf_gZtnocjds7AIxNYJaojR8Mk3FaPYvN5NOums92CAb_DdmkCuwJDuxQvuJI0jWW2nEFsnWhGQGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=6820350250234463000&adk=3062569611&idt=134&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18acd6ec91576c11303665951bcaf34f9aebbed1510f44c6c0ff63b8eeae0bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40230
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7292 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 06:37:00 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 7292 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11698040626992906240/300x600.html?e=69&leftOffset=0&topOffset=0&c=50Mo73frW7&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:30:28 GMT
x-content-type-options
nosniff
age
392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:45:28 GMT
i.match
a.tribalfusion.com/ Frame D5CC 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESELx_Zs5dGuJ5Q868IQV52M0&google_cver=1&google_push=AXcoOmSs5gETZPGOremFnJWTga-8tw6iOFSwop0rbLNHQbC-UC45wajakuqYyQLWPvDfi9tgowwRzIByTDwXQdHPUH-461-A7prG8_c&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSs5gETZPGOremFnJWTga-8tw6iOFSwop0rbLNHQbC-UC45wajakuqYyQLWPvDfi9tgowwRzIByTDwXQdHPUH-461-A7prG8_c%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83965a8dd99d1e56-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllVdWpBQUlxMnNKZXdBTQ==&google_gid=CAESEDjUgmBKWEXnWdPwHZFcr2Q&google_cver=1&google_push=AXcoOmRescde3N3f9W_tjxxD7PqLnMqhdh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllVdWpBQUlxMnNKZXdBTQ==&google_gid=CAESEDjUgmBKWEXnWdPwHZFcr2Q&google_cver=1&google_push=AXcoOmRescde3N3f9W_tjxxD7PqLnMqhdhpZHM0Z3YKwVWAOivQHAxyN0UaPpOjl8oUHmtiJwWYO7kuJim5XDFwEFsa53cUgoY8_ZFA
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220099-FRA
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703227020.458163,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WllVdWpBQUlxMnNKZXdBTQ==&google_gid=CAESEDjUgmBKWEXnWdPwHZFcr2Q&google_cver=1&google_push=AXcoOmRescde3N3f9W_tjxxD7PqLnMqhdhpZHM0Z3YKwVWAOivQHAxyN0UaPpOjl8oUHmtiJwWYO7kuJim5XDFwEFsa53cUgoY8_ZFA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEN6YCRHeVe45VGqXPaShqkg&google_cver=1&google_push=AXcoOmSCTMGyOuAPScgGh-5ZD8isrL1xgSN6uGRm0-Y-xh8-zSDn1CuICyor6-gzmH_Znndx24fESroMrCoxBKXxrm0H5ILBwUlaDkU
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmSCTMGyOuAPScgGh-5ZD8isrL1xgSN6uGRm0-Y-xh8-zSDn1CuICyor6-gzmH_Znndx24fESroMrCoxBKX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmSCTMGyOuAPScgGh-5ZD8isrL1xgSN6uGRm0-Y-xh8-zSDn1CuICyor6-gzmH_Znndx24fESroMrCoxBKXxrm0H5ILBwUlaDkU
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmSCTMGyOuAPScgGh-5ZD8isrL1xgSN6uGRm0-Y-xh8-zSDn1CuICyor6-gzmH_Znndx24fESroMrCoxBKXxrm0H5ILBwUlaDkU
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Dec 2023 06:37:00 GMT
pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECzaPWd92SaFafCfx8UYYqQ&google_cver=1&google_push=AXcoOmQIRuJZ3z_TVN9Zy0qF4va4nDi36zOJS5UZCvjSsk0-Mk80GdRZNEnbIWbl9oo4AkLTL1z-oDXxwfN...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQIRuJZ3z_TVN9Zy0qF4va4nDi36zOJS5UZCvjSsk0-Mk80GdRZNEnbIWbl9oo4AkLTL1z-oDXxwfN47twKF8I2k5PUUAn4Hg&google_hm=MVEZ7jiUQ4GlM1g4HS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQIRuJZ3z_TVN9Zy0qF4va4nDi36zOJS5UZCvjSsk0-Mk80GdRZNEnbIWbl9oo4AkLTL1z-oDXxwfN47twKF8I2k5PUUAn4Hg&google_hm=MVEZ7jiUQ4GlM1g4HS2wt8g
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQIRuJZ3z_TVN9Zy0qF4va4nDi36zOJS5UZCvjSsk0-Mk80GdRZNEnbIWbl9oo4AkLTL1z-oDXxwfN47twKF8I2k5PUUAn4Hg&google_hm=MVEZ7jiUQ4GlM1g4HS2wt8g
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJV-JVEHPUDbB9CmcfAmy4c&google_cver=1&google_push=AXcoOmQ0Pknk2zI8quyRfx5cSTMNm_fESloaypwP5N7h4vfLavH7LHnTjmfeNdRBoHdG2EGZooLE6Yi3H6li-nFJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQ0Pknk2zI8quyRfx5cSTMNm_fESloaypwP5N7h4vfLavH7LHnTjmfeNdRBoHdG2EGZooLE6Yi3H6li-nFJBtdk3Kga1_7WCNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQ0Pknk2zI8quyRfx5cSTMNm_fESloaypwP5N7h4vfLavH7LHnTjmfeNdRBoHdG2EGZooLE6Yi3H6li-nFJBtdk3Kga1_7WCNw
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmQ0Pknk2zI8quyRfx5cSTMNm_fESloaypwP5N7h4vfLavH7LHnTjmfeNdRBoHdG2EGZooLE6Yi3H6li-nFJBtdk3Kga1_7WCNw
x-host
tde-deliveryengine-production-59dc4ccdb-kwg7w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame D5CC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECwl_NO8XFXWH8UudGo9PfU&google_cver=1&google_push=AXcoOmRCTftHd-zCHojirJYcmoLr-YJP8UtVFqNbttAE4krkz6Qr6y9XEVKYUM7mv7lz2jUdJypTb6ysm_uJRFfdWrEty4DrC_9CgX4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
trk
ag.innovid.com/ Frame D5CC 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOSaE8Xiktrb-GfonmgRl_U&google_cver=1&google_push=AXcoOmSSlISyWhO1Fg-AWVF9JRoB3yUG52Gn7MNslWXKZmnJUtT7WkYq7CTwMClMuK_wxthJ9ePMWHgCoG_tkzns62_Kcb2GQ4Xh7Xw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:ecdd:a035:7b09:ae7f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame D5CC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8pXFNe-2efuxmumj9bsUhUnFGX74nmm_Yj3FbF2OqGTSN7EU2NBPOx4zrllQvqhup4fK-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 402A 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:30:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Dec 2023 06:30:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 402A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTIXoXk3YtcWbfYhRcgRZgOneIjIK9Rc-2YdRVu74yozwrxnWJm7s3O1NJaUybjWHuPe0nBPDnekyvqnZYybTl9x0_0iwZE7uaid4CWFbnFxGVG0S0uHFi6ogO3KDjZyNMR4XLHzUXoLbnbc7CyCJv-H9YI8UdZdPI5PBCH14iMyytxvw&dbm_d=AKAmf-B4Rpxj1TlkapyoUzSqmrGgTeshArW8EEHOqE1d1pDLlcfZbUaN-TVpYeEgN2UMir2J3NRILuhVR_msohfAg77A7kLo1JLsDmQNY2Fg7ml0tYnOVTfxbzkMQwB1yKpuoQSsRngHmJCXg2SW7_4nJAyYgNNfLJG2cHses6E74pwkbYK2Uh3Gfnf-Q4qJnabkJjS014mQswb1yLhp-KQsjwL2-C--U4yBTmtG5nk_6Yyx-sDz15Mr1PetDWR50pjAdfAvwE9wYyC9HXFYddTmIZf179GRgXKIFyf8YhikL9HvFWRs1qd7wGlXnVQ5ACUFZBluD3C29uVp_9ut146Hi6MzOz_Tt8AfiiwruHHZOJBXN7n-tir-MSOhKlxqlHXdHu7ESPBDXygA8IzuzKHaoaN_f5FkmGgJh2-wAY24-xpxAzvFyoh1NGiLWVyHUdvKzTFvCNVJQwMfrrFwSV3Q10T5AyS6mSadzvz-yQtxk9DeBfqBNQhMldb7tG5Wcs8upj-S4sPA3Lvx1MUw-A86IkO3HTexqO4UYQo4heIJX0M-lYxYasv_ui4rKYUHQ9JakU9J8-cxQhJ2Fquv-sfqLH9SHl5r6xAgFviiTUNKlZPGI8cYK4glr5xgLrEJvH_mqa2iaRfl58DClAUlgzPeJ5Gzbyqn_Hg18kU5tDA4boRxQrmNd1KQB8nXoNXx7J-1KqJ_6JK8Ln5dV6eFNvnY7Dqqn0fVU2OQfZxTjNIZpEajlCJUOQeBphlEc1Ci8-nJvs12wK3xsquFfgadKi7RsUIdujns6V3EjALTkuPNt10QreFjSpVS8S83DY2MX8uXOFaRfNn8vNbMZp5wrz7YCFC2MsETzZalvwk-lsooFMsbevTOSshxEpMWC6yIHTi5tTU3dkEMw1qnjuHuylYtKpIxlpIm8GsP-UTmEMgVFx_tJXiHq4o83_9qA4T8UqhbuJbYylh85PO8cV8NZnhorZia9SMoVb6EsraLivk3O42XYaqACkWFRC1S1EpoGsGOw9V_onmXul5SwpucJBKtyLnd2KwUEhnDDCXl1DgoIQ-5i-ha0jUohH6eBYN7hXxbDQHWsv8FWKJnGqI1pwc7PPDf7y4i37I4QfZjv9DshvnmI9-9plPJGR2EzYKF3DsqeyULIO5udhMb1ptDoLjR0dyhrMAfJ3KyHnunHKQTLHFrTf6Vpvu89byY91zkn-g4Iincesp3WPE6--gPu5MvlajWyuTtWNkEQlzOpeGHYPpG6VY9850oMhCJh6WUomvHX6VepY_-vmAgGnCw_g6StFecBj569cFYoKM1VjWqnbVW8nCOVj0vj-ShG_ER4rhzf9_vux-zk-A72oA0RW_HhaTWTi39I8l1R4kiNrJAKxNsvrSFSWJDMkmMc_bcy4KGvE-niFhWKhIqOKCHLvUMhKyRsxh8Z-NRbWrHktYl2cG85JkukHrOm6zYsCX_n3IC14sP56Yge9i2zNRVPu9wvGez-zVS_4owbiXMRon5HLCY5KgKpAurhBEFYAfBXJpca_7KiS65LHQBpHuhuMtoa7XBSAuDzdKlMkmzaFcNSERmZeMghBfXcTDeI07TPxPpbu6VJrO5zZdLruMZlmtL4dqQdptBlBYReIfWTuSS0cYK6Vcz-Avg08dGQpW0HoFGg3-DP5rlc55SpqurKYMXiDrihH6xOgwKY1Tq_fB8IS9YAyIU-co5I6f8J9kcVmS6OxLcTQbByFr3Stn9ebU78EJNvPHQdu8zOQKq04B1rp3xi38KKlLCJ7ZJL6UR16mVsUvJUflrn5I3qKwgnf6VFLgNGOc1lVQG_Lt_w8VMr-LrySgBQ4pFmJravyVWG6XXusl2N6-1MoxLbq8KlRf6TL9zyzrxO4RqReN8NVWVPMO7bJky2tO4Mx4mv8Qrpyg5SKUFDGz-rnZyxeYXcupqNp17zBOoLrsf315HIC6L04xNCR2Cx-U5Scb6aNIH3D-D_ylo5-lgTzksXrDvUAq29SGVIUoI7fP-BbSPMiqiabHNhQY9ekWvSf758p2tJsYo-WpdbtNPNJZwH3VeXdZw9t68F9kEMEn7_o7K9HJdtM8oQuBe3eweeDcHHnH85stuMWAdBBYXjgUh8uly6W56pNG70oWL-kyket2kS5dr8UXT6QFlPoUdCH8nUKtzoLFlg9EEVa-3wxTt8j3EdJ7dgez0245DgvwCMwqv68tsneEiY8-KUSZSqg4YguxWp3PTdxXnntrJZSsuLHBIG3rPTI-w2nLvTguoLSLiGRv-eJEVJno808FDCQ32bBDB-x-zC8kuqrSQBU54YBG8rSvJYsJv-b_pbhs_KAGjZLRV5CLZ_AakH1R31oyp3--FSC8YJlaI8NarCQOz8KMbBATSbchfWFHzqux-Ljf-piyptqAtJ_1NCSNrUNe9Ef9cW7cwpbon8I3ZZsIBd6ScBkBAGqdaHkQjT4ghOhO45cZggMff2d_nxURgN6_tnx58OGjBxRt1U0TtJTjdP_qRqVedu6_64CZ5EBJcePZ0nwFCZLy197nbnoDCCmei_vpDRN-iDV29O8KbOHA0zWdAYlxYXGpD5ndehfCqFZQbdE9XbXke7q3B0Hiu7fhvqXDEAD_67nj5NZ2Te0xtiSba6oLHxi4a-r1Z5tMu6OrwOGFfDwuYl2MknuHOLxGT8HQ9mW3Jftu-45BIxD2F5MyNWf7vouxncM5KL9yy7iyYik0uD-gRLAvIO1T8QKNCRqomLQtSzVBJkkW-QJQYbsxen9KqJfA9CDN7cCPJAjNhfXiWWecgTjBf_Li6QWujyyjFvh_MKvbAsNWyNnq2WcDuUYh-VAbYHAwiz5Sg9QoREEVxTbG4ODeBxPxB9ArmyiEWWxWKaYKHc88hVkr4Mlk-kiDXqtx-hGkxsOZdAO-wJnrZOWFdJehNo6RZG-V732nj-Et7yhjfCwIQl83vPKqCoYAwru7NWQciP-jvO_H5lsbym3RGGYCRO8Ais5NuJi9u5JV13EUJ-gv1rp5uTLPWCJef1xh5bQzUlomCO5w6w-HBi5EGUZRdtqHOoU2VE1lDZgW6SvZ5qEetitKKYDLNyjw0sR4mFS3Sw16cxOoKzzZP82t09JP4QnUK76uTJi4slFkoVwMa16TWdaczQBDnd-SEX1DpSZd24MWtWevtGOMQykhNwrLerbfDMIg1RRLTKh4GOg3TpqOvqyJx7uI5EGM0M_BE2v9P04bhpoEHc4v3VqJlKV748afVtY8oRjpWArqePYMzUs1ZpT01_rrTL4hIdjyyBLJ8vPicr3HgIv2w-mTh-eTX9SWvYeeLsgBb3mbTXtuPuUKeC9dQBEMNBe1ifYlfvW1To6M-YTKlpV_hXKT0yJMfkmdM54sPUoGBddqe1WP2aeBVCq5pAxz6dxDCqe_51cIWeomkZg9r8lW43qPeaJcrgTQwE1YgPoe54sQ6qScOxB9xzcWuuL8qnwPncrruHQcaJ4MAY006tlZghEz3M6L_uzfnQXWYNdU5luqRZHLFIcKGeBokvuoqG1B-C8HGmTfwdYeereRjVwvrHMVDIBuWxxil8XH9v--hKQDzJoJ3bIyKsCTf24NAQc_FWduD4dvejoc9dAQ4NwrpWbMGuIlih1xOwheOz4M-fgsxGBQk1sc_EAfzd2Z1iDnjFaWdfHJgjpUAc5deqLmzLeyo1GsXat7Rz2yodJdvQmAe2pYtRW4hu007GpkXoKx2uD4S6Ke8_wSK5CbwDlUziX9cMRwqfSuFMI7I4PXBoyH6f6VG-NLJfDesgn4GpY1L-vgm6Gl3IoSkkIWK34F9cV2UheKQbD-tbfW2JFVMUObyinwBgBPS&cid=CAQSOwAvHhf_gZtnocjds7AIxNYJaojR8Mk3FaPYvN5NOums92CAb_DdmkCuwJDuxQvuJI0jWW2nEFsnWhGQGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=2669550462956345300&adk=2515327513&idt=99&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:57:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 402A 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTIXoXk3YtcWbfYhRcgRZgOneIjIK9Rc-2YdRVu74yozwrxnWJm7s3O1NJaUybjWHuPe0nBPDnekyvqnZYybTl9x0_0iwZE7uaid4CWFbnFxGVG0S0uHFi6ogO3KDjZyNMR4XLHzUXoLbnbc7CyCJv-H9YI8UdZdPI5PBCH14iMyytxvw&dbm_d=AKAmf-B4Rpxj1TlkapyoUzSqmrGgTeshArW8EEHOqE1d1pDLlcfZbUaN-TVpYeEgN2UMir2J3NRILuhVR_msohfAg77A7kLo1JLsDmQNY2Fg7ml0tYnOVTfxbzkMQwB1yKpuoQSsRngHmJCXg2SW7_4nJAyYgNNfLJG2cHses6E74pwkbYK2Uh3Gfnf-Q4qJnabkJjS014mQswb1yLhp-KQsjwL2-C--U4yBTmtG5nk_6Yyx-sDz15Mr1PetDWR50pjAdfAvwE9wYyC9HXFYddTmIZf179GRgXKIFyf8YhikL9HvFWRs1qd7wGlXnVQ5ACUFZBluD3C29uVp_9ut146Hi6MzOz_Tt8AfiiwruHHZOJBXN7n-tir-MSOhKlxqlHXdHu7ESPBDXygA8IzuzKHaoaN_f5FkmGgJh2-wAY24-xpxAzvFyoh1NGiLWVyHUdvKzTFvCNVJQwMfrrFwSV3Q10T5AyS6mSadzvz-yQtxk9DeBfqBNQhMldb7tG5Wcs8upj-S4sPA3Lvx1MUw-A86IkO3HTexqO4UYQo4heIJX0M-lYxYasv_ui4rKYUHQ9JakU9J8-cxQhJ2Fquv-sfqLH9SHl5r6xAgFviiTUNKlZPGI8cYK4glr5xgLrEJvH_mqa2iaRfl58DClAUlgzPeJ5Gzbyqn_Hg18kU5tDA4boRxQrmNd1KQB8nXoNXx7J-1KqJ_6JK8Ln5dV6eFNvnY7Dqqn0fVU2OQfZxTjNIZpEajlCJUOQeBphlEc1Ci8-nJvs12wK3xsquFfgadKi7RsUIdujns6V3EjALTkuPNt10QreFjSpVS8S83DY2MX8uXOFaRfNn8vNbMZp5wrz7YCFC2MsETzZalvwk-lsooFMsbevTOSshxEpMWC6yIHTi5tTU3dkEMw1qnjuHuylYtKpIxlpIm8GsP-UTmEMgVFx_tJXiHq4o83_9qA4T8UqhbuJbYylh85PO8cV8NZnhorZia9SMoVb6EsraLivk3O42XYaqACkWFRC1S1EpoGsGOw9V_onmXul5SwpucJBKtyLnd2KwUEhnDDCXl1DgoIQ-5i-ha0jUohH6eBYN7hXxbDQHWsv8FWKJnGqI1pwc7PPDf7y4i37I4QfZjv9DshvnmI9-9plPJGR2EzYKF3DsqeyULIO5udhMb1ptDoLjR0dyhrMAfJ3KyHnunHKQTLHFrTf6Vpvu89byY91zkn-g4Iincesp3WPE6--gPu5MvlajWyuTtWNkEQlzOpeGHYPpG6VY9850oMhCJh6WUomvHX6VepY_-vmAgGnCw_g6StFecBj569cFYoKM1VjWqnbVW8nCOVj0vj-ShG_ER4rhzf9_vux-zk-A72oA0RW_HhaTWTi39I8l1R4kiNrJAKxNsvrSFSWJDMkmMc_bcy4KGvE-niFhWKhIqOKCHLvUMhKyRsxh8Z-NRbWrHktYl2cG85JkukHrOm6zYsCX_n3IC14sP56Yge9i2zNRVPu9wvGez-zVS_4owbiXMRon5HLCY5KgKpAurhBEFYAfBXJpca_7KiS65LHQBpHuhuMtoa7XBSAuDzdKlMkmzaFcNSERmZeMghBfXcTDeI07TPxPpbu6VJrO5zZdLruMZlmtL4dqQdptBlBYReIfWTuSS0cYK6Vcz-Avg08dGQpW0HoFGg3-DP5rlc55SpqurKYMXiDrihH6xOgwKY1Tq_fB8IS9YAyIU-co5I6f8J9kcVmS6OxLcTQbByFr3Stn9ebU78EJNvPHQdu8zOQKq04B1rp3xi38KKlLCJ7ZJL6UR16mVsUvJUflrn5I3qKwgnf6VFLgNGOc1lVQG_Lt_w8VMr-LrySgBQ4pFmJravyVWG6XXusl2N6-1MoxLbq8KlRf6TL9zyzrxO4RqReN8NVWVPMO7bJky2tO4Mx4mv8Qrpyg5SKUFDGz-rnZyxeYXcupqNp17zBOoLrsf315HIC6L04xNCR2Cx-U5Scb6aNIH3D-D_ylo5-lgTzksXrDvUAq29SGVIUoI7fP-BbSPMiqiabHNhQY9ekWvSf758p2tJsYo-WpdbtNPNJZwH3VeXdZw9t68F9kEMEn7_o7K9HJdtM8oQuBe3eweeDcHHnH85stuMWAdBBYXjgUh8uly6W56pNG70oWL-kyket2kS5dr8UXT6QFlPoUdCH8nUKtzoLFlg9EEVa-3wxTt8j3EdJ7dgez0245DgvwCMwqv68tsneEiY8-KUSZSqg4YguxWp3PTdxXnntrJZSsuLHBIG3rPTI-w2nLvTguoLSLiGRv-eJEVJno808FDCQ32bBDB-x-zC8kuqrSQBU54YBG8rSvJYsJv-b_pbhs_KAGjZLRV5CLZ_AakH1R31oyp3--FSC8YJlaI8NarCQOz8KMbBATSbchfWFHzqux-Ljf-piyptqAtJ_1NCSNrUNe9Ef9cW7cwpbon8I3ZZsIBd6ScBkBAGqdaHkQjT4ghOhO45cZggMff2d_nxURgN6_tnx58OGjBxRt1U0TtJTjdP_qRqVedu6_64CZ5EBJcePZ0nwFCZLy197nbnoDCCmei_vpDRN-iDV29O8KbOHA0zWdAYlxYXGpD5ndehfCqFZQbdE9XbXke7q3B0Hiu7fhvqXDEAD_67nj5NZ2Te0xtiSba6oLHxi4a-r1Z5tMu6OrwOGFfDwuYl2MknuHOLxGT8HQ9mW3Jftu-45BIxD2F5MyNWf7vouxncM5KL9yy7iyYik0uD-gRLAvIO1T8QKNCRqomLQtSzVBJkkW-QJQYbsxen9KqJfA9CDN7cCPJAjNhfXiWWecgTjBf_Li6QWujyyjFvh_MKvbAsNWyNnq2WcDuUYh-VAbYHAwiz5Sg9QoREEVxTbG4ODeBxPxB9ArmyiEWWxWKaYKHc88hVkr4Mlk-kiDXqtx-hGkxsOZdAO-wJnrZOWFdJehNo6RZG-V732nj-Et7yhjfCwIQl83vPKqCoYAwru7NWQciP-jvO_H5lsbym3RGGYCRO8Ais5NuJi9u5JV13EUJ-gv1rp5uTLPWCJef1xh5bQzUlomCO5w6w-HBi5EGUZRdtqHOoU2VE1lDZgW6SvZ5qEetitKKYDLNyjw0sR4mFS3Sw16cxOoKzzZP82t09JP4QnUK76uTJi4slFkoVwMa16TWdaczQBDnd-SEX1DpSZd24MWtWevtGOMQykhNwrLerbfDMIg1RRLTKh4GOg3TpqOvqyJx7uI5EGM0M_BE2v9P04bhpoEHc4v3VqJlKV748afVtY8oRjpWArqePYMzUs1ZpT01_rrTL4hIdjyyBLJ8vPicr3HgIv2w-mTh-eTX9SWvYeeLsgBb3mbTXtuPuUKeC9dQBEMNBe1ifYlfvW1To6M-YTKlpV_hXKT0yJMfkmdM54sPUoGBddqe1WP2aeBVCq5pAxz6dxDCqe_51cIWeomkZg9r8lW43qPeaJcrgTQwE1YgPoe54sQ6qScOxB9xzcWuuL8qnwPncrruHQcaJ4MAY006tlZghEz3M6L_uzfnQXWYNdU5luqRZHLFIcKGeBokvuoqG1B-C8HGmTfwdYeereRjVwvrHMVDIBuWxxil8XH9v--hKQDzJoJ3bIyKsCTf24NAQc_FWduD4dvejoc9dAQ4NwrpWbMGuIlih1xOwheOz4M-fgsxGBQk1sc_EAfzd2Z1iDnjFaWdfHJgjpUAc5deqLmzLeyo1GsXat7Rz2yodJdvQmAe2pYtRW4hu007GpkXoKx2uD4S6Ke8_wSK5CbwDlUziX9cMRwqfSuFMI7I4PXBoyH6f6VG-NLJfDesgn4GpY1L-vgm6Gl3IoSkkIWK34F9cV2UheKQbD-tbfW2JFVMUObyinwBgBPS&cid=CAQSOwAvHhf_gZtnocjds7AIxNYJaojR8Mk3FaPYvN5NOums92CAb_DdmkCuwJDuxQvuJI0jWW2nEFsnWhGQGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=2669550462956345300&adk=2515327513&idt=99&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
35673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:42:27 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 402A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
563512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6837 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 298E 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
323154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 12:51:06 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D4CD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92753
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 22 Dec 2023 06:37:00 GMT
expires
Sat, 23 Dec 2023 08:22:53 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 882B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 98BB 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 11:58:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 11:58:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 98BB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUeT-2Cz6bULZxP11mG91JRiM3-3oWncXyUpQ1DYmItXJck3tdHBFQcQKo7GDPMC6CR5HvzpZZzZx-DyxzoofIlOEAAyZHkioGP7S8vjTKEcG-CaEQn4ZJ6NqLZ6KPV2kXeRmlEd5uhqSDk5F31rV5lpGVsk_lqilRNT2tOi4orncoFYg&dbm_d=AKAmf-BPuwcJoOLNLNfdvGa08fVaaPk0wLL1lbmj83_T0rWiZa28k5cW8IGvbyExW7KGNyENPtgNd5Y3Ialyod6WhhQVkgzWwJsK33o7NYDVjHMAZwJPgOjEBHzbN5fNpWUL9kWpIbliQykAQudd2pup9u-tsjpqVFkZg-aPnwdVBTWfgp0-VdzCQQavg5ldaPhrO6QktJm6yOYzWyMPhd0ZjrzcwtaSL7RzpG5pbH54PD6xZpBS2z5TTd-PgvLVjh3uq1n2kHcnjHpad6fYVG_Usc1zVk8btN5jGFbn16Y3rt1aqZf9upoqw5zMEkK4yiwNUygjr42TjHg9jtHlH-BrFD2rQFwyb3wuuviRw7ZxAH2Y7UOqnzAaPXeF29CZsTVB4vXEwn1Fu16R59J7v6C96L5wX3Nw4rRnD9FyyOoHbxmRRb9CNuaqdMpXb1I-AI08vFWxilxVUOQ_HVJcnCyR87QyFmc8cYs5HkHNT8UnP-pn_JpV1ID4JRl0XeR6P7RYqAdDDUAf5xuXkDhkaj3haSq1uNCcGOspHWe4kPlU3FhhFzp42M7RA0zhQZ-p077V-qB_kF7SZ3ndbAPxrDP7nT6wzGhiQuf_GjMt4FF2I30ntRgFXiXsywDyORaoBFM7lTYigfM9mtZ8YkbvcliRDFIb8whrk2pwblCb1gignTkBKmFZ8Xm42cZEiZJlB2A46X_qWcXbPIk3AMGKbbMs5kxj5hmodpvZlSASv7sLfGeKt16YPAgtkI6TtZ2K64Y5Zjtl-cs8VEqtgRW3_pT0u5b7xO5IfHBCU9mOqKPfcmJcrYSvMvS_A2cIngE6fNeBZjeKiqyG0E807kWTOMZO5YrMEcNc3yO13s26a0A9AjQ5scQTrNtlRQi3W2vuCmmoeAo67Ux_gK14KgdQ1wNNRF_DI_v1EPL2DppQ3ZpR8C8-zbDAJPbZW2HRbDw2NYPa4PeEQUbI6-pQyoTXFJCy9eI-FTCSgZAM4I5PH-OzVft3bd8j83hqlNp1wb4jdVbwLVXtFyFV7SX9dMMjsF2bSnpLCbrlBTR-Xbb01Y8jvs4QDyJo4fD8oi4OqADkhHQxg2WpGmx1QMMoXy_ADqkVds2E6TWKE7PlYts-I1b7i8Ra2udd1ELaxlxLa-W7nHnk7BVOrg645fm3SSp8rV1W25F6hoEaama7U6V5Iloyjr9imLynFQclnR7hhcSIA1Ta38CE9MXk8jYCB7I8TC3YapoX9c5B-vB24G1LgMba2yI6IJrGN20aHn4N-ygeRZtf2nFE0HD-mNoGBWMzoCXXMJom1D3ScsdAzNeTAQEjLqx75CaTEZw-vPWTeJFJpwVZCTaQB3xbP1RqjjhmricYY9iL-6qYtP4H6mPai4J83wSGtjEMFLBfN3_kQSkKB8zmsMwLMG4bHCmJMeZLtyjdQZ7r1LK-LzHMiXYSD0neEVDdgWWzIKcEaLQVFGudvNN3kxTxt3E3_2zPgn2FHBPERxVCPTb7-Gm45jkI8_HUsxW77m1iPZLjeTfkUek19g9lBsKCKz9tiwNCfw1t9iu7Fe_zjyz9Zty-GzlWSbh7lE4SrGSxkCLPby8iSW_6ixYV9AgnVdIYdycdpc1opvleqGPzhelGTCIeWttmVJVEtX5pU-PGpDCL6EkxZMIxwN2k4jFZ0wYvUZ-pmPpmu2acDsyJJbNk3PSltPxbS3dAKt3WloQwPx1CgTPnaH_zL6ueShmxqUxn8azOP-R91HE_-GylqHpgjENuhRF8wtEBVpbamVl59I5oaWBtngDD279UaZCGm7Ryd7bpb37pgO2O1W1h-04dUxDYy-SEVfYPpiQbm50Kf7igxEez2W2tafCe-tQ3MGYqZgIZq_GNfoQydSewWYusNb15s8-I6cxxLY6iuCAj5FHuq-Diw-ZWasXsH7X1pdjZrOQaSu0TLGBkrQC00EYYT2y-GztVqcRJbHvRteFrynCJSSYS0-hUGvxYhA_gSSGojD-VreSsGAcMAetEZECre2OSSg_YpTFWJRnwGyqn4-rcls1qgyDVWcIlPn1gTON0czAS8sbrxyRdmz17zIEh3SfyU7nfeWEUeq31pLnCH1xGNuICKgIEOOoUeyZ2OebqX8ZVe52JhkAqeAhpkN0nNGRtmNmqcNIcpKVU1Sx_vtkAX6c7eSWSrvzMn5S3hVNJ1pzWVhEVVFDb3mcsmpuci2PpMWgwvN3qYP5GBtlS-9WIxKYqsbKbUcKKnvo8lSqGh0h3NpCALpptvf7USHVs30vSK9Y58ClscIuwYKG7cHnN4BU5jHMOVKxlzirz5XyvFl-tmBvLL3o_VVvOcT_E9pKAZuHVWaZC8cUWUw1MIDXH7OLyZWzyr5m6s-gjFVTdFDjIcHrA7aDW7AKsK92cmrtF1G78b5M2aEBJbrS6lcE8ZI3vWSv8Uu13WwEEVe_-YoED3cdQNVZ1kF07_F-S5ra1oLj8p9OFEwHpdZSEzQ8lTjdQu91ZSLTSVbCfbbD1yIxzukfV8KS9OLJnrGgryiRfgTI-FPvV0StIFQkDEHSpscIT1qEreO59dJbkNy31iX8n_IFW3wHGW5P_lX2cExgzABc4_cH5kXefYBOeGqaTc5SLFcxjw4mGxAVQlQEHoD_uocz8o0016pWm22bRTbiNfApLdTfVmpZ7YMrSimjJKuUqg7BYEdRbFCognKka_Y2jG2zrUFTASngHxdXeepTsQ4Lrxx8mBrM99uEnQbNcNxn6GSwfnJusQbGHKRq-dE0XTIXzpAl_8s-SIq7Ub94u-Z7c7yiUNqJvA5l83az8HJtbK95jSNFWbzo5JhmaYnrodyyMP5ZHryj1YWvfPhXEAf7etl7TFszKSQDWQOJzgpTcgbCTDVTMPJZR-kbEtJnTM3ttnF4aAMV81Re6Y2EqApfpuoYMmhuVV4NOZmTcCyFIFyyw6wQVNE17WGRBsS2OJNhoM41PIvhniMQzty5e062ku5oL0nYCUwVrn37blgTGNVgDdc6if4KUqPmRVthU9PVyLFbUYUoQe7MG-2s7KWkATQmYhm5uOJGCEb8ntpPeuAdYX9T89rgw08KI4frEUyDs6JgoUDK2A--XtVu3QIkQ9lyzc9WDx8fUVYOrVO2xjg1iNHT9GJrhGZEmMFMoEEaFofS9TPokpf7w4UVdhceAS-z7VBR_eH_h9E2H1o5d9cPYvkb2gUBpFCMClRvaSFzQoAIvDj5KKVjf0NDbqWhtoPt2hbS5YmCcd7-fRzWLQKbmUHp12BMGEpFEXRSL7BGFOHvHigwhL3yLVo-ehyRu1Z8yC8V7FCTbYdagHslCOLuHhVFIhZ4aGZTPGkGROTVOx0jRo-uoNi3d5LvUWOBI7lLjUczX6okPX4fDoTlFKe5b8VcB7LFLfSWUNmJCY8Sk4AW99D08iUadfeCGw28fCIIqyCvp3glqVS-qf-CLa_498kpeyv9vLrjUDK3a6V6cI3bINmFRVzI6O6yGYSyjcPP1q_UAu0ilgla7j52v6CARWYOT09bbi7ccBzjYgHDJqDVh2X4Rl7VJP5Y6XFSns9rkQCeWSGG11H_xSInb7MoVf6tHuU6iJsETU6O4hAO_HT2NWUBAGVkyAX4Fq8OLBO-yC1N4tznVUsq3xA-3kNhPsBlnutvosgxr4UihBF90CchHxvcwoHrFqiblrisK_7uSzyyLjylmbV9B7b9etAsULhV9CrbnS3s5s-XuHzeMLquUm6dgYPRuzUs6ikEumKKEHuD6SpzGZTCdkx9fDxXAokP2-7loSHBGGibgXEQzjT8OMaWmgr-g1ksTGqLt78T0bR0hwNzDmq3K-21cFd9-kuGnjrH1dGTREcRTpwU_MNlfyqbaDTS6SU6GfE_4-aPFnnBIjT9CY2Y2eFpI-QhIcffk8d85S5aI&cid=CAQSOwAvHhf_gZtnocjds7AIxNYJaojR8Mk3FaPYvN5NOums92CAb_DdmkCuwJDuxQvuJI0jWW2nEFsnWhGQGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=6820350250234463000&adk=3062569611&idt=134&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:57:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 98BB 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUeT-2Cz6bULZxP11mG91JRiM3-3oWncXyUpQ1DYmItXJck3tdHBFQcQKo7GDPMC6CR5HvzpZZzZx-DyxzoofIlOEAAyZHkioGP7S8vjTKEcG-CaEQn4ZJ6NqLZ6KPV2kXeRmlEd5uhqSDk5F31rV5lpGVsk_lqilRNT2tOi4orncoFYg&dbm_d=AKAmf-BPuwcJoOLNLNfdvGa08fVaaPk0wLL1lbmj83_T0rWiZa28k5cW8IGvbyExW7KGNyENPtgNd5Y3Ialyod6WhhQVkgzWwJsK33o7NYDVjHMAZwJPgOjEBHzbN5fNpWUL9kWpIbliQykAQudd2pup9u-tsjpqVFkZg-aPnwdVBTWfgp0-VdzCQQavg5ldaPhrO6QktJm6yOYzWyMPhd0ZjrzcwtaSL7RzpG5pbH54PD6xZpBS2z5TTd-PgvLVjh3uq1n2kHcnjHpad6fYVG_Usc1zVk8btN5jGFbn16Y3rt1aqZf9upoqw5zMEkK4yiwNUygjr42TjHg9jtHlH-BrFD2rQFwyb3wuuviRw7ZxAH2Y7UOqnzAaPXeF29CZsTVB4vXEwn1Fu16R59J7v6C96L5wX3Nw4rRnD9FyyOoHbxmRRb9CNuaqdMpXb1I-AI08vFWxilxVUOQ_HVJcnCyR87QyFmc8cYs5HkHNT8UnP-pn_JpV1ID4JRl0XeR6P7RYqAdDDUAf5xuXkDhkaj3haSq1uNCcGOspHWe4kPlU3FhhFzp42M7RA0zhQZ-p077V-qB_kF7SZ3ndbAPxrDP7nT6wzGhiQuf_GjMt4FF2I30ntRgFXiXsywDyORaoBFM7lTYigfM9mtZ8YkbvcliRDFIb8whrk2pwblCb1gignTkBKmFZ8Xm42cZEiZJlB2A46X_qWcXbPIk3AMGKbbMs5kxj5hmodpvZlSASv7sLfGeKt16YPAgtkI6TtZ2K64Y5Zjtl-cs8VEqtgRW3_pT0u5b7xO5IfHBCU9mOqKPfcmJcrYSvMvS_A2cIngE6fNeBZjeKiqyG0E807kWTOMZO5YrMEcNc3yO13s26a0A9AjQ5scQTrNtlRQi3W2vuCmmoeAo67Ux_gK14KgdQ1wNNRF_DI_v1EPL2DppQ3ZpR8C8-zbDAJPbZW2HRbDw2NYPa4PeEQUbI6-pQyoTXFJCy9eI-FTCSgZAM4I5PH-OzVft3bd8j83hqlNp1wb4jdVbwLVXtFyFV7SX9dMMjsF2bSnpLCbrlBTR-Xbb01Y8jvs4QDyJo4fD8oi4OqADkhHQxg2WpGmx1QMMoXy_ADqkVds2E6TWKE7PlYts-I1b7i8Ra2udd1ELaxlxLa-W7nHnk7BVOrg645fm3SSp8rV1W25F6hoEaama7U6V5Iloyjr9imLynFQclnR7hhcSIA1Ta38CE9MXk8jYCB7I8TC3YapoX9c5B-vB24G1LgMba2yI6IJrGN20aHn4N-ygeRZtf2nFE0HD-mNoGBWMzoCXXMJom1D3ScsdAzNeTAQEjLqx75CaTEZw-vPWTeJFJpwVZCTaQB3xbP1RqjjhmricYY9iL-6qYtP4H6mPai4J83wSGtjEMFLBfN3_kQSkKB8zmsMwLMG4bHCmJMeZLtyjdQZ7r1LK-LzHMiXYSD0neEVDdgWWzIKcEaLQVFGudvNN3kxTxt3E3_2zPgn2FHBPERxVCPTb7-Gm45jkI8_HUsxW77m1iPZLjeTfkUek19g9lBsKCKz9tiwNCfw1t9iu7Fe_zjyz9Zty-GzlWSbh7lE4SrGSxkCLPby8iSW_6ixYV9AgnVdIYdycdpc1opvleqGPzhelGTCIeWttmVJVEtX5pU-PGpDCL6EkxZMIxwN2k4jFZ0wYvUZ-pmPpmu2acDsyJJbNk3PSltPxbS3dAKt3WloQwPx1CgTPnaH_zL6ueShmxqUxn8azOP-R91HE_-GylqHpgjENuhRF8wtEBVpbamVl59I5oaWBtngDD279UaZCGm7Ryd7bpb37pgO2O1W1h-04dUxDYy-SEVfYPpiQbm50Kf7igxEez2W2tafCe-tQ3MGYqZgIZq_GNfoQydSewWYusNb15s8-I6cxxLY6iuCAj5FHuq-Diw-ZWasXsH7X1pdjZrOQaSu0TLGBkrQC00EYYT2y-GztVqcRJbHvRteFrynCJSSYS0-hUGvxYhA_gSSGojD-VreSsGAcMAetEZECre2OSSg_YpTFWJRnwGyqn4-rcls1qgyDVWcIlPn1gTON0czAS8sbrxyRdmz17zIEh3SfyU7nfeWEUeq31pLnCH1xGNuICKgIEOOoUeyZ2OebqX8ZVe52JhkAqeAhpkN0nNGRtmNmqcNIcpKVU1Sx_vtkAX6c7eSWSrvzMn5S3hVNJ1pzWVhEVVFDb3mcsmpuci2PpMWgwvN3qYP5GBtlS-9WIxKYqsbKbUcKKnvo8lSqGh0h3NpCALpptvf7USHVs30vSK9Y58ClscIuwYKG7cHnN4BU5jHMOVKxlzirz5XyvFl-tmBvLL3o_VVvOcT_E9pKAZuHVWaZC8cUWUw1MIDXH7OLyZWzyr5m6s-gjFVTdFDjIcHrA7aDW7AKsK92cmrtF1G78b5M2aEBJbrS6lcE8ZI3vWSv8Uu13WwEEVe_-YoED3cdQNVZ1kF07_F-S5ra1oLj8p9OFEwHpdZSEzQ8lTjdQu91ZSLTSVbCfbbD1yIxzukfV8KS9OLJnrGgryiRfgTI-FPvV0StIFQkDEHSpscIT1qEreO59dJbkNy31iX8n_IFW3wHGW5P_lX2cExgzABc4_cH5kXefYBOeGqaTc5SLFcxjw4mGxAVQlQEHoD_uocz8o0016pWm22bRTbiNfApLdTfVmpZ7YMrSimjJKuUqg7BYEdRbFCognKka_Y2jG2zrUFTASngHxdXeepTsQ4Lrxx8mBrM99uEnQbNcNxn6GSwfnJusQbGHKRq-dE0XTIXzpAl_8s-SIq7Ub94u-Z7c7yiUNqJvA5l83az8HJtbK95jSNFWbzo5JhmaYnrodyyMP5ZHryj1YWvfPhXEAf7etl7TFszKSQDWQOJzgpTcgbCTDVTMPJZR-kbEtJnTM3ttnF4aAMV81Re6Y2EqApfpuoYMmhuVV4NOZmTcCyFIFyyw6wQVNE17WGRBsS2OJNhoM41PIvhniMQzty5e062ku5oL0nYCUwVrn37blgTGNVgDdc6if4KUqPmRVthU9PVyLFbUYUoQe7MG-2s7KWkATQmYhm5uOJGCEb8ntpPeuAdYX9T89rgw08KI4frEUyDs6JgoUDK2A--XtVu3QIkQ9lyzc9WDx8fUVYOrVO2xjg1iNHT9GJrhGZEmMFMoEEaFofS9TPokpf7w4UVdhceAS-z7VBR_eH_h9E2H1o5d9cPYvkb2gUBpFCMClRvaSFzQoAIvDj5KKVjf0NDbqWhtoPt2hbS5YmCcd7-fRzWLQKbmUHp12BMGEpFEXRSL7BGFOHvHigwhL3yLVo-ehyRu1Z8yC8V7FCTbYdagHslCOLuHhVFIhZ4aGZTPGkGROTVOx0jRo-uoNi3d5LvUWOBI7lLjUczX6okPX4fDoTlFKe5b8VcB7LFLfSWUNmJCY8Sk4AW99D08iUadfeCGw28fCIIqyCvp3glqVS-qf-CLa_498kpeyv9vLrjUDK3a6V6cI3bINmFRVzI6O6yGYSyjcPP1q_UAu0ilgla7j52v6CARWYOT09bbi7ccBzjYgHDJqDVh2X4Rl7VJP5Y6XFSns9rkQCeWSGG11H_xSInb7MoVf6tHuU6iJsETU6O4hAO_HT2NWUBAGVkyAX4Fq8OLBO-yC1N4tznVUsq3xA-3kNhPsBlnutvosgxr4UihBF90CchHxvcwoHrFqiblrisK_7uSzyyLjylmbV9B7b9etAsULhV9CrbnS3s5s-XuHzeMLquUm6dgYPRuzUs6ikEumKKEHuD6SpzGZTCdkx9fDxXAokP2-7loSHBGGibgXEQzjT8OMaWmgr-g1ksTGqLt78T0bR0hwNzDmq3K-21cFd9-kuGnjrH1dGTREcRTpwU_MNlfyqbaDTS6SU6GfE_4-aPFnnBIjT9CY2Y2eFpI-QhIcffk8d85S5aI&cid=CAQSOwAvHhf_gZtnocjds7AIxNYJaojR8Mk3FaPYvN5NOums92CAb_DdmkCuwJDuxQvuJI0jWW2nEFsnWhGQGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcybernews.com&ds=l&xdt=1&iif=1&cor=6820350250234463000&adk=3062569611&idt=134&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
35673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:42:27 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 98BB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
563512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3A2B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6837
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAsC_b_4DT0jB4oRjwDNuSY&google_cver=1&google_push=AXcoOmRxZAh4N7D9mDGVZa8pJumqWb6XdSdVyHMKkdZbByZF624amakG1MHq7eF9SvCrQo0eqRZ7uqWWnZhxi9iLfYIErmQog6CDqXA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc4NTA2NTA0OTAyNTExODMyNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Dec 2023 06:36:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE_KhSbyehQywOAycK3uZFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 6837 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEESKxvTDZeYCpMRs7P5XB8w&google_cver=1&google_push=AXcoOmTWLkdHw-yodV7p213ZgWJN4uE8u83NuTjQ1XsjP-PPTao7C3AiMUAajlADxrwRE5LVdUAkRiVG3CYrMJfzDSPhLfC3CUX-Ow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6837
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEN6YCRHeVe45VGqXPaShqkg&google_cver=1&google_push=AXcoOmRiE7D7MUCW-B2yPN3u9BJVPv1Bw-5xDKTm-6jxakZNwnpaiFuY9E3Zu0K_xBXDNoeZbdgAgFASJA5-qLeY8d6cXOVE8DZGuOY
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRiE7D7MUCW-B2yPN3u9BJVPv1Bw-5xDKTm-6jxakZNwnpaiFuY9E3Zu0K_xBXDNoeZbdgAgFASJA5-qLe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRiE7D7MUCW-B2yPN3u9BJVPv1Bw-5xDKTm-6jxakZNwnpaiFuY9E3Zu0K_xBXDNoeZbdgAgFASJA5-qLeY8d6cXOVE8DZGuOY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmRiE7D7MUCW-B2yPN3u9BJVPv1Bw-5xDKTm-6jxakZNwnpaiFuY9E3Zu0K_xBXDNoeZbdgAgFASJA5-qLeY8d6cXOVE8DZGuOY
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Dec 2023 06:37:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6837
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJV-JVEHPUDbB9CmcfAmy4c&google_cver=1&google_push=AXcoOmTIQKkusL1Yim5PagFzuzLLmKWV9JDVRTfcW7sheeCPxH61IAjJyLnymQ5qiXRwM1a2ohnpAO-nlTWhZl4C...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmTIQKkusL1Yim5PagFzuzLLmKWV9JDVRTfcW7sheeCPxH61IAjJyLnymQ5qiXRwM1a2ohnpAO-nlTWhZl4CPQxEK04Enj90mJI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmTIQKkusL1Yim5PagFzuzLLmKWV9JDVRTfcW7sheeCPxH61IAjJyLnymQ5qiXRwM1a2ohnpAO-nlTWhZl4CPQxEK04Enj90mJI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BL6ghd88TxM_jM8i2oXctw&google_push=AXcoOmTIQKkusL1Yim5PagFzuzLLmKWV9JDVRTfcW7sheeCPxH61IAjJyLnymQ5qiXRwM1a2ohnpAO-nlTWhZl4CPQxEK04Enj90mJI
x-host
tde-deliveryengine-production-59dc4ccdb-kwg7w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6837
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENxGf0zVIwHBNb8fwRz1VOI&google_cver=1&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiVHF...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENxGf0zVIwHBNb8fwRz1VOI&google_cver=1&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiV...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiVHFYM8FfWhU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiVHFYM8FfWhU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTUSf-s6KhOIpSUVYbERIWW-mGZzkW5J9UJ3OwLabv4KyvvUGaP5ie3FUuBfjvqY3Vk1j_qECGTqUMOGUPuWyZiVHFYM8FfWhU
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
trk
ag.innovid.com/ Frame 6837 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOSaE8Xiktrb-GfonmgRl_U&google_cver=1&google_push=AXcoOmS72hNGOrff7OBytTYTinFRhDmB5fKvHlGi_0t8RsV-RJAzz3xBq49PmbmhtqrpnEE2D5shgYyKp46S341upv4LUkL3xtnEtw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:ecdd:a035:7b09:ae7f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame 6837 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6837 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiIwF688NMq1jKfMjSFmyQKJ_3h45i7bD_A-cx9atV21GUd0PdT6w1wFjWQpLz6LthuKxMDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E84F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
249813
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:13:27 GMT
expires
Wed, 18 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16530502095010416759/ Frame E219 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4498ca1278367e6346a6b5b6a4fdc4a537b27d81f29295ce1cddbfb9ba2f1d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
296634
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5114
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Dec 2023 20:13:06 GMT
expires
Tue, 17 Dec 2024 20:13:06 GMT
last-modified
Mon, 27 Nov 2023 12:28:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 402A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssfwGz_MxGrJX4C4BaGSVg_iwH5mYC2-EUE9wNFeogad6jaLUAv-ySx5klo2V5ZaChzsVMnkHtFS6BAelEo6kCiQUWipmIjLzaL5a8JLAIx9XGuDspSy7nHPPaFN88S41NNXEdUwIbfqnHYqHGHlQ2nFFXEkwywjPKZLm4k8OOw8btRx-WMh6vTgMabjZzuuErd27h5R_2USE2A1ctk_H37jrgBmgLn8SCKe--Kh-OUMZy7VErVjpyzv-iZAuEDPSm2gFjU3gl61aqxdVprs-JMP_1hdd113bYmatgvroZruk7YXl8i8TgrP5i3oMHTdssebPrCJCkQ4Clner7P7Ju5cfIp7YzSos8uvWURaiwza2uj57-w1XE8zlXtr9DhqDEsTqHWoh2a4sPY284RUbk384i65jcXWEBdjs9Tua7X61A7x8YkB4RAujXp_m2ZeOeejDjPaAl9YqrlwGYqfnmhKTRyqZR-EMQiZ6FvDOZHnz92LNIPiK2ekIAqRq--uvOKkdCTif436RH_qqnx6HTZNV3tdQ15dVLglDvR_KlHNcEGWrz9qixXh1BxviSmYWVGrDKEG520UFvV8k9tRhRnMyCA3JfMEBMV_eArPnALP2SLuVaefjJMObQQD18X6TUUmndrOtIMKbdmaSGzTsCv6vf_MwpzMuXcUEcSKymqovHOrsBL5sCeaQI9aPQAC7QA8zJDH7y9gIg5389WB7zAJvoZd-FpG248PZ6SAlvZcXJyCudwc9WAGYkbHF5L-W71_Tms4i94Cty3GJLX1rhUY-xoqIGcR2Lym7IcHOEoMahImOOn6u7mE8VLFQIzows14JdnufY05jeYbWNkcd1EJTzcRbXPYfq20Fq7KQ5VGmORys9lRZpYk1VNqwM7p5os1KJDG1dPH1ThCWMVqAYfEgKPXW3DskDAWgUVzfbNgGr8CcEAcEiXlt4laDp1Iv6qqaVrZ5mZmYh9yxwb_aCYI2Kxp09x6aKdYiHScnJXuKlhigmyXrBWq1vCV7WIdgm7E7eVtbZmQxnx1aLljiPXjMGu27P0gg8oqt8qlp83z89NwSGgTDVJ1bcpwEcdUk1VnWI222IJTph3rNHAskCf9wVAvIC3snPv2q6b81O8LJ8dv89eG2SDQwEut_yw1cJXmAWAl0aoOHLWt6idZti9DZSrRe17MWZgd5t6olYBrMIMgnftCHie87FoWuSu0Cud8An2qxpYEDitJCIFwptH6AOT024D9qkMSIYATHsMNett6ayivc6Gj8vqYfgH--pkiDILMdWij4z_rXvggcw3ULhnLGd1zQxqxYZRt7u1HdN0LiyDmQ5LWo5RhbB3K_te4vH821qOPOcMP5fYDFOMd8P_jTPxH56CZQsFNbTb2Y-umRjDjr2oFT74Xdgr4A&sai=AMfl-YRTSwAo58WWtSeaXdAttBxKF4CrU468C8HSiizMqmJnayhhGNaNaUWxwMmo03quW4RnelyQlwpYDHNxRokCGYjuWmIwmJ53i53dy4e0h_VxtIeecEfgEFcqFiBbdHsZW_Z4rg9xvRf-BhQM18cPAcL71WiLO5sPcahma4m4BstCPYZApAqdgN1lg4fr1SwZPODgCPqZz3ATI9JicH-Xc4c-3yepX1ZTy9G-qKtj549Gw1iDO8hh2uM4SmTloER_AyP2&sig=Cg0ArKJSzN4Zb7c63BWUEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=124&cbvp=1&cstd=123&cisv=r20231207.29925&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame 402A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1014932963&extPm=534899094&extCr=20797590123&gdpr=&gdpr_consent=&rnd=3570349223
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 22 Dec 2023 06:37:00 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Fr, 22 Dez 2023 06:37:00 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
923
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
firstevent
skydeutschland.demdex.net/ Frame 402A
Redirect Chain
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=206088858&d_placement=381661316&d_campaign=31095477&d_bust=3570349223&gdpr=&gdpr_con...
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=206088858&d_placement=381661316&d_campaign=31095477&d_bust=3570349223&gdpr=&gdp...
42 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=206088858&d_placement=381661316&d_campaign=31095477&d_bust=3570349223&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
52.49.242.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-242-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-03f694e4f.edge-irl1.demdex.com 5 ms
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
cFoDSzQPSUU=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-01a4861f9.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Ohf/yimcS6E=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=206088858&d_placement=381661316&d_campaign=31095477&d_bust=3570349223&gdpr=&gdpr_consent=
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
PugMaster
image6.pubmatic.com/AdServer/ Frame D4CD 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76956501&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-length
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E219 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:37:00 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ Frame E219 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1160373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25150
last-modified
Tue, 04 Oct 2022 19:36:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"633c8b2b-623e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cz16%2BSyzcB4EQnZMWniqE69w1gUjxbJUNutycgbDDltU2ZziRDLqESGfnICXLyje8G%2Fwpby0NAF0YXduK9nMyfstVJZHD1WCGP9j%2BUK9tPxOYHjnvYi8UiT%2BcPOYhxQX5AhRLwAs5yPDk7SOBE14d7l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83965a8f1b7e39ee-FRA
expires
Wed, 11 Dec 2024 06:37:00 GMT
snow.js
s0.2mdn.net/sadbundle/16530502095010416759/js/ Frame E219 		2 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16530502095010416759/js/snow.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af937ad852768902bbdb3918052da1553ad921cf5aaab2c9170f8ccb46c5e014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 15:48:26 GMT
date
Mon, 18 Dec 2023 15:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312514
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 12:28:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index.html
s0.2mdn.net/sadbundle/8317705942888151156/ Frame A911 		673 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8578b8b75718eea5c893f802369281a62f86c6cf6c4fe9d8ea124315cf13f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
expires
Sat, 21 Dec 2024 06:37:00 GMT
last-modified
Fri, 01 Sep 2023 16:31:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 98BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsud7QVVe9a_bmwH42X4gLDulykyiLv8EGBOkI1PcxO7un2uj9UTr61yqGnB6_MIh3v_cRvtrlNno9UcnJADzwQWLDH8PWsJkiFj8sNseKqOpEUpWCBf5uNRKXNJ4eykb36LM9YoF0x_SOyL-iX7uDMIezeRN89woXF0qwb0SrMbJ9iCny75DJpMH_Wt6K6bEApwaTln0zOTz4mdCYXuV29gA0ERt6MfbTkeT87yMIkavlDylE-9lm-1MMdK6uY-vkPc4MpRwiNdduMKy93tFih5_eTAMkPX-0aXkfg72Mt_V_2xjbx7nd66Ju_UXyOrB4AAOs7uhLSHNxuljU7oi-EN444ccHHYAowOCzPoggnQtyp-hKyd4Wi0iDQB05ICN6U4POY4mgRkqbs5CxNmDvsAYxTq9qUAwQhrFVMkZLY58YiaEOasW5_T17CBEqk73pljJwUwqpSRHV65CN5kBqYMhkQSuWDJhGERHAjPIipZ6-rv9_IU-mcss9ruWPdE_79eZICbQlt5gV6V9_yK6TGLAR10NcpsnPxipqk2WLTifxHAOYP44cmxVGDvVE0RcJo1BE1j8dk9zXNbsE6tl5U3xy0Ag8GaUTT5gD0GagzJobhiPorGoF5pG9VKqQqf50iNUHvpJTmxZ_X_-cmhReLaq7kKogByAiunu9-2fLOG4eLQY1vYNohWt1Y8CGf0e2xYrJWA5EkDsrv_CwstQWTxqzVMyizkP-a74QGI2CSPcMH-G6rvY5o8fUvOV8qCwK5PWJgBH-1Mlk8PmTIBsiohfj2huRqO0Ojks4Hqy4mH83Hmz1YARPFIAeK_DBZfWlasWFkAQgSsv_qu6_IQQqo6F1-U7bMPQ1fciyBrwqVwDYjuwRjvjKl8MUv4WMfUYbl6lzSCO6XnXkmhZU_aFTfS4OKhluv2c5NJd1chSkq4YhIXNfwlEyOFf0l1cAA0cPyybwlIYQq-UwaUhSDVJfdkHQHf6_1wieDsu2Rs20TpGf7M0jS5CBcLMKK6ERzoShVxWeGaYcefEhDUPUnRE4cdR7WW6eKBk1uR0VVP4qJie4CDnDaSxa3kY9JkVeP_cKS_9Q4RRqoA10PKsC85F0D0siypzKHm2xV6fdp_0TsFSeUcnjIz4uM9_Kg5B4W8aEd-t2r8IACK9MCYmbGv5gDC8rOCIfn-AvCBpKCWuH4OxZ0UHWJPcD-q03FU17Z3ZX4FxuYFVzZDetQugAlm0TEod4IuqAr64jF7YFKpCJ10HQrR-wExc6dE87PtXifBW0IgRGA39tWGSHLUacyTvCcBZ5EYZ5RpqWAXnWWzG-nVRL3dzfK85dqMsi0n11DcvTpjzpT_BXS77g28Qh2LuawZ3-iznGQWMrPoJJSzqpW8OPV1kNXizmstVaUxaDCzhfz8wtGI7jTxvkPt&sai=AMfl-YRG9znPfI7wF_WSwK81NMFOCLiaZduV1KO5Nb0GQQ9dhOzE7l3yglP_57Fsq1Vz4ZwjQgjMwe7-tdkzuMiNgamt1oooF0VLzma_xAKwz4S7e6P5P38_Wqz6G1_3rUkarAYAAIv9rwGMA9P58_100_rxZDrTzOZdh7Kiby6RIDp7upb_bVsMrMfNDukBNQ6emNM9geWSQLj8QG7lVsRzl8nndGNv2I2xOa_J9uMYesqPt-khNLW04SETWPSDCcT8TNkR&sig=Cg0ArKJSzAH5p-SA9oVaEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=109&cisv=r20231207.68973&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 3A2B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECNIOSbsnbqm85OhDNb1xm4&google_cver=1&google_push=AXcoOmTKyy0q4UBALq4geSK6PCINX5qQBLFTiD1UxAMCxcgVv7KZ7eLAenNMv9zsutUbmMfxpwbQp6wCfuUS-ofE7ENVkgnvYdaeqA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 3A2B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEN6YCRHeVe45VGqXPaShqkg&google_cver=1&google_push=AXcoOmS7Kpi3Jq-mWHdWhjGszs2tI3wl3-JHzis3uq64JRiYoQC4lw95vyibevmXAf2K5Kvh3-2S3IUUxOTYSoCmTT0FHW2LGBtq1g
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmS7Kpi3Jq-mWHdWhjGszs2tI3wl3-JHzis3uq64JRiYoQC4lw95vyibevmXAf2K5Kvh3-2S3IUUxOTYSoC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmS7Kpi3Jq-mWHdWhjGszs2tI3wl3-JHzis3uq64JRiYoQC4lw95vyibevmXAf2K5Kvh3-2S3IUUxOTYSoCmTT0FHW2LGBtq1g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F07875F91D20420AA5FC5C70E204C368&google_push=AXcoOmS7Kpi3Jq-mWHdWhjGszs2tI3wl3-JHzis3uq64JRiYoQC4lw95vyibevmXAf2K5Kvh3-2S3IUUxOTYSoCmTT0FHW2LGBtq1g
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Dec 2023 06:37:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 3A2B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFYNXZ9urIEl5z52bZLrbDA&google_cver=1&google_push=AXcoOmQ8kNx_vhPVFrPPOYPR27l9FwqPihR8nBb_dIhujb0LxpgHzHJnuvLpKigoAPPQ1FNqc3Zc0F7Y6-BG1D10rqExHuiQ_A3C
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3A2B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJDQwsRB_-jAXfGXYvI44Pg&google_cver=1&google_push=AXcoOmTnATdwPNXH3ivZzysVXCmiHNQet4DhmablOsgDxDT0P_MqSbk7L9gePTdDbBZ1Bhi2-UPOsSSBCYm_WK76WLawpFB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnATdwPNXH3ivZzysVXCmiHNQet4DhmablOsgDxDT0P_MqSbk7L9gePTdDbBZ1Bhi2-UPOsSSBCYm_WK76WLawpFBE387dpg&google_hm=eS1TRVE5RGhSRTJwRlFI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnATdwPNXH3ivZzysVXCmiHNQet4DhmablOsgDxDT0P_MqSbk7L9gePTdDbBZ1Bhi2-UPOsSSBCYm_WK76WLawpFBE387dpg&google_hm=eS1TRVE5RGhSRTJwRlFINFdhMTFGRmxqMUFoY3dIalo4dH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTnATdwPNXH3ivZzysVXCmiHNQet4DhmablOsgDxDT0P_MqSbk7L9gePTdDbBZ1Bhi2-UPOsSSBCYm_WK76WLawpFBE387dpg&google_hm=eS1TRVE5RGhSRTJwRlFINFdhMTFGRmxqMUFoY3dIalo4dH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3A2B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELRCvi7odDGopjU31mdpNXc&google_cver=1&google_push=AXcoOmTDF9OL8r9YgjlYGZow5qVqo6BPJr0SJCBSAUqBHwpMz7iPqLizVPrA6JkC_F9XwhEFuK1Lyg6b...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmTDF9OL8r9YgjlYGZow5qVqo6BPJr0SJCBSAUqBHwpMz7iPqLizVPrA6JkC_F9XwhEFuK1Lyg6b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmTDF9OL8r9YgjlYGZow5qVqo6BPJr0SJCBSAUqBHwpMz7iPqLizVPrA6JkC_F9XwhEFuK1Lyg6bbHETLtLXDcRcN7GHJiGP5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4Nzc0NzkwNTU4MDUyMTI0&google_push=AXcoOmTDF9OL8r9YgjlYGZow5qVqo6BPJr0SJCBSAUqBHwpMz7iPqLizVPrA6JkC_F9XwhEFuK1Lyg6bbHETLtLXDcRcN7GHJiGP5w
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3A2B
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENxGf0zVIwHBNb8fwRz1VOI&google_cver=1&google_push=AXcoOmR6kpgtkUjz1_gV9NSCEnMsjtlfZFXE-xtpnkJkyb_6fzsPn_ORHTnf-KZ0h5NgdUwtBzjxw0t49ClPK6a2RED8-Dv...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR6kpgtkUjz1_gV9NSCEnMsjtlfZFXE-xtpnkJkyb_6fzsPn_ORHTnf-KZ0h5NgdUwtBzjxw0t49ClPK6a2RED8-DvFrDlMRg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR6kpgtkUjz1_gV9NSCEnMsjtlfZFXE-xtpnkJkyb_6fzsPn_ORHTnf-KZ0h5NgdUwtBzjxw0t49ClPK6a2RED8-DvFrDlMRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR6kpgtkUjz1_gV9NSCEnMsjtlfZFXE-xtpnkJkyb_6fzsPn_ORHTnf-KZ0h5NgdUwtBzjxw0t49ClPK6a2RED8-DvFrDlMRg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
trk
ag.innovid.com/ Frame 3A2B 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOSaE8Xiktrb-GfonmgRl_U&google_cver=1&google_push=AXcoOmQ8chbZbL4wVQfEbwIYTtOCJXXKdgpGW_R2xdiIdWGy5PmYCqLZI9RjsIK-eKVK0InjCtgQ-_TMm9c2bSqP9yXdSh9tnd2k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:ecdd:a035:7b09:ae7f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 3A2B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKzEfyBw_7AHzCHOW6HRjZQtL5qDGOIQ3L8sV7iJEGpn1pD7ouYNRM-Ohzakzi5TcgyPR7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D6C0 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
249813
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 09:13:27 GMT
expires
Wed, 18 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD91 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTNBaiy6FZfuVHKHn1PIP8dCM8AoAAAAAOAHgBAI&bg=!9vWl9brNAAY3kmNgF5I7ADQBe5WfOFYSnFfnmxUUS_BDiJ62AnHgHZemNV7cAtHz3XwJSwLy6lo53smQ9vioRa-UBh-XAgAAARBSAAAAAmgBB5kDVD-F85tatPJWJE_o_Jr8kSUHOHdoOKVSh_GGaIXz_oCtcVtRzDt_D21viQt3S7Id_eEVZ4_NrFSQSp-NporE-YdnnZYau_UUJ43T_N6PL6lZyDyFk_0qpyUdEGY5ZYdPiD05mEDqjcBy1-XmTubp1_fmE0ZY3enfgpDYQUsldZPtwf8vJI-SGO4saf6ABMPtgV-745NuXP6FzS8oUOukgY53mZxMuJZkpCzRGeU6_ILrnBHDLPmByX7E2eqQQ9accaxSCisvMypFmgQ1CYfn_Ef4173Ok2pfL_lBCgHRnDG03C7kmNmVBGtxZVHWb9B1mU561ApRJhY4A6HIsvHM80uM3mWyJNFkTm3ZgmfvfeZWYFuFSR3gcuWsu5q0PBH_CeLx7IpStBw912WFi4_O6FMQgawzq7Bjq5meI6S3e_sE9YF1RGipZc9Un7FkJ7QbcnEmtQHHW6VrrIrY0puBrxqgp-mpNIxyJrnoadY0E70OQgQizhQtqM8MdApAVGr60RvE67N5I2nybpfHHzhLZ6dnbBrFMbvpFS6HI4W5Af31_ScJhq9uHk472GHCSlO5UeABn1Med5uHy1zihwTtcerNbsyeIKBmaoA6aSCwQeTDE94dJHkXfekN71WXou7slK7QDxWzY9xC6VNj_wSXGUc3BtDI3rg8tplvwzg8o3ew7_h35Rp4n9nbwlxtLAGVqzaNe4lksH_QOP7qwgonjOgW1sQfnxyHbgA3dldGYAcMj-8lbh3Z23PtSKjE7P4dgel712hnwxTZWmGKB0-kzRxVbGcOsoRgYofViZXZ-PigwwEtKbyPL3AFHAzalx5F0j-8XTHDmmyqvHNae_gs8ykGuSmwj-orZYGPlsVMR8cp_j5wHHqnoq_kxF6CGndjWSxqM-1I5rEMbo3tU8bsUyztHI9aluoqQxCYetFvO4_bZVvG2CBWRIw2qciO4M4ZQymNGh3Kw9oIu-aBp-6IriqmKOnwYc7e1L7-UB8Vr2tL4ewAXxA1wlrgQr0QvBWHK_DbAjFiTL8GEnV7ot6erCrBe2udaKzosTrGCQaoZkCrRN7KsW7D8AeeTeQv20ijS9pqIAPxBrnUSEHMjiRXGpkM3fhQwJ_zWxkuC_Ylkl3BIuqAHw
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame A911 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 07:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 07:58:53 GMT
template-489be870.js
s0.2mdn.net/sadbundle/8317705942888151156/ Frame A911 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8317705942888151156/template-489be870.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 23:22:26 GMT
date
Mon, 18 Dec 2023 23:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285274
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14187
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:31:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index-be1f7599.css
s0.2mdn.net/sadbundle/8317705942888151156/ Frame A911 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8317705942888151156/index-be1f7599.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 09:03:59 GMT
date
Tue, 19 Dec 2023 09:03:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250381
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1385
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:31:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E84F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D6C0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=528774790558052124
86 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=528774790558052124
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Server
104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BlLmdwNKRmLArtfP2xiNwZGQNyAS7%2BE%2BJJY0DoT64KSnfAQmHgUQApQ5YMN4LFzlBCs02WgOnY3vMVyrJ69fFhYBM1t%2BKTBsuXQsfOt0GVcUnwya8pdhVGmdhjN24E7SytrZpFt5my3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
83965a9149764dc5-FRA
content-length
86
expires
0

Redirect headers

location
https://prebid-stag.setupad.net/setuid?bidder=adform&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=528774790558052124
date
Fri, 22 Dec 2023 06:37:00 GMT
server
nginx
content-length
0
content-type
text/plain
view
googleads4.g.doubleclick.net/pcs/ Frame 402A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssfwGz_MxGrJX4C4BaGSVg_iwH5mYC2-EUE9wNFeogad6jaLUAv-ySx5klo2V5ZaChzsVMnkHtFS6BAelEo6kCiQUWipmIjLzaL5a8JLAIx9XGuDspSy7nHPPaFN88S41NNXEdUwIbfqnHYqHGHlQ2nFFXEkwywjPKZLm4k8OOw8btRx-WMh6vTgMabjZzuuErd27h5R_2USE2A1ctk_H37jrgBmgLn8SCKe--Kh-OUMZy7VErVjpyzv-iZAuEDPSm2gFjU3gl61aqxdVprs-JMP_1hdd113bYmatgvroZruk7YXl8i8TgrP5i3oMHTdssebPrCJCkQ4Clner7P7Ju5cfIp7YzSos8uvWURaiwza2uj57-w1XE8zlXtr9DhqDEsTqHWoh2a4sPY284RUbk384i65jcXWEBdjs9Tua7X61A7x8YkB4RAujXp_m2ZeOeejDjPaAl9YqrlwGYqfnmhKTRyqZR-EMQiZ6FvDOZHnz92LNIPiK2ekIAqRq--uvOKkdCTif436RH_qqnx6HTZNV3tdQ15dVLglDvR_KlHNcEGWrz9qixXh1BxviSmYWVGrDKEG520UFvV8k9tRhRnMyCA3JfMEBMV_eArPnALP2SLuVaefjJMObQQD18X6TUUmndrOtIMKbdmaSGzTsCv6vf_MwpzMuXcUEcSKymqovHOrsBL5sCeaQI9aPQAC7QA8zJDH7y9gIg5389WB7zAJvoZd-FpG248PZ6SAlvZcXJyCudwc9WAGYkbHF5L-W71_Tms4i94Cty3GJLX1rhUY-xoqIGcR2Lym7IcHOEoMahImOOn6u7mE8VLFQIzows14JdnufY05jeYbWNkcd1EJTzcRbXPYfq20Fq7KQ5VGmORys9lRZpYk1VNqwM7p5os1KJDG1dPH1ThCWMVqAYfEgKPXW3DskDAWgUVzfbNgGr8CcEAcEiXlt4laDp1Iv6qqaVrZ5mZmYh9yxwb_aCYI2Kxp09x6aKdYiHScnJXuKlhigmyXrBWq1vCV7WIdgm7E7eVtbZmQxnx1aLljiPXjMGu27P0gg8oqt8qlp83z89NwSGgTDVJ1bcpwEcdUk1VnWI222IJTph3rNHAskCf9wVAvIC3snPv2q6b81O8LJ8dv89eG2SDQwEut_yw1cJXmAWAl0aoOHLWt6idZti9DZSrRe17MWZgd5t6olYBrMIMgnftCHie87FoWuSu0Cud8An2qxpYEDitJCIFwptH6AOT024D9qkMSIYATHsMNett6ayivc6Gj8vqYfgH--pkiDILMdWij4z_rXvggcw3ULhnLGd1zQxqxYZRt7u1HdN0LiyDmQ5LWo5RhbB3K_te4vH821qOPOcMP5fYDFOMd8P_jTPxH56CZQsFNbTb2Y-umRjDjr2oFT74Xdgr4A&sai=AMfl-YRTSwAo58WWtSeaXdAttBxKF4CrU468C8HSiizMqmJnayhhGNaNaUWxwMmo03quW4RnelyQlwpYDHNxRokCGYjuWmIwmJ53i53dy4e0h_VxtIeecEfgEFcqFiBbdHsZW_Z4rg9xvRf-BhQM18cPAcL71WiLO5sPcahma4m4BstCPYZApAqdgN1lg4fr1SwZPODgCPqZz3ATI9JicH-Xc4c-3yepX1ZTy9G-qKtj549Gw1iDO8hh2uM4SmTloER_AyP2&sig=Cg0ArKJSzN4Zb7c63BWUEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=239&vt=11&dtpt=115&dett=3&cstd=123&cisv=r20231207.29925&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 98BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsud7QVVe9a_bmwH42X4gLDulykyiLv8EGBOkI1PcxO7un2uj9UTr61yqGnB6_MIh3v_cRvtrlNno9UcnJADzwQWLDH8PWsJkiFj8sNseKqOpEUpWCBf5uNRKXNJ4eykb36LM9YoF0x_SOyL-iX7uDMIezeRN89woXF0qwb0SrMbJ9iCny75DJpMH_Wt6K6bEApwaTln0zOTz4mdCYXuV29gA0ERt6MfbTkeT87yMIkavlDylE-9lm-1MMdK6uY-vkPc4MpRwiNdduMKy93tFih5_eTAMkPX-0aXkfg72Mt_V_2xjbx7nd66Ju_UXyOrB4AAOs7uhLSHNxuljU7oi-EN444ccHHYAowOCzPoggnQtyp-hKyd4Wi0iDQB05ICN6U4POY4mgRkqbs5CxNmDvsAYxTq9qUAwQhrFVMkZLY58YiaEOasW5_T17CBEqk73pljJwUwqpSRHV65CN5kBqYMhkQSuWDJhGERHAjPIipZ6-rv9_IU-mcss9ruWPdE_79eZICbQlt5gV6V9_yK6TGLAR10NcpsnPxipqk2WLTifxHAOYP44cmxVGDvVE0RcJo1BE1j8dk9zXNbsE6tl5U3xy0Ag8GaUTT5gD0GagzJobhiPorGoF5pG9VKqQqf50iNUHvpJTmxZ_X_-cmhReLaq7kKogByAiunu9-2fLOG4eLQY1vYNohWt1Y8CGf0e2xYrJWA5EkDsrv_CwstQWTxqzVMyizkP-a74QGI2CSPcMH-G6rvY5o8fUvOV8qCwK5PWJgBH-1Mlk8PmTIBsiohfj2huRqO0Ojks4Hqy4mH83Hmz1YARPFIAeK_DBZfWlasWFkAQgSsv_qu6_IQQqo6F1-U7bMPQ1fciyBrwqVwDYjuwRjvjKl8MUv4WMfUYbl6lzSCO6XnXkmhZU_aFTfS4OKhluv2c5NJd1chSkq4YhIXNfwlEyOFf0l1cAA0cPyybwlIYQq-UwaUhSDVJfdkHQHf6_1wieDsu2Rs20TpGf7M0jS5CBcLMKK6ERzoShVxWeGaYcefEhDUPUnRE4cdR7WW6eKBk1uR0VVP4qJie4CDnDaSxa3kY9JkVeP_cKS_9Q4RRqoA10PKsC85F0D0siypzKHm2xV6fdp_0TsFSeUcnjIz4uM9_Kg5B4W8aEd-t2r8IACK9MCYmbGv5gDC8rOCIfn-AvCBpKCWuH4OxZ0UHWJPcD-q03FU17Z3ZX4FxuYFVzZDetQugAlm0TEod4IuqAr64jF7YFKpCJ10HQrR-wExc6dE87PtXifBW0IgRGA39tWGSHLUacyTvCcBZ5EYZ5RpqWAXnWWzG-nVRL3dzfK85dqMsi0n11DcvTpjzpT_BXS77g28Qh2LuawZ3-iznGQWMrPoJJSzqpW8OPV1kNXizmstVaUxaDCzhfz8wtGI7jTxvkPt&sai=AMfl-YRG9znPfI7wF_WSwK81NMFOCLiaZduV1KO5Nb0GQQ9dhOzE7l3yglP_57Fsq1Vz4ZwjQgjMwe7-tdkzuMiNgamt1oooF0VLzma_xAKwz4S7e6P5P38_Wqz6G1_3rUkarAYAAIv9rwGMA9P58_100_rxZDrTzOZdh7Kiby6RIDp7upb_bVsMrMfNDukBNQ6emNM9geWSQLj8QG7lVsRzl8nndGNv2I2xOa_J9uMYesqPt-khNLW04SETWPSDCcT8TNkR&sig=Cg0ArKJSzAH5p-SA9oVaEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=192&vt=11&dtpt=79&dett=3&cstd=109&cisv=r20231207.68973&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A911 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b2af9119ab6fef593e10d206101b8c86d4d6b56283af5bda95eb456141dad63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5810
x-xss-protection
0
0_noimage.gif
s0.2mdn.net/4528404/ Frame A911 		54 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/0_noimage.gif
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16c98584b72f73a64ee22a1d59be1b62571672811dfd34600cb0dda265f8f491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:40:47 GMT
x-content-type-options
nosniff
age
35773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 15:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 20:40:47 GMT
Agata_Mars_Motiv_1_Selfie.png
s0.2mdn.net/4528404/ Frame A911 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Agata_Mars_Motiv_1_Selfie.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ccbba7dd5aca9535deee804349133034d9e0e2172596287655fc0fb96ca737b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:00:03 GMT
x-content-type-options
nosniff
age
77817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4047585
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:00:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 09:00:03 GMT
congstar-stoerer_gb-plus_big_lila.svg
s0.2mdn.net/4528404/1688648407429/ Frame A911 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1688648407429/congstar-stoerer_gb-plus_big_lila.svg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2d84570d037eab308bcb515a7ba9ce502da0d072895c1ba7a3876f6d7910373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 08:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2211
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:00:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 08:57:13 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame A911 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 11:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 11:22:40 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame A911 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:40:52 GMT
congstar-stoerer_gb-plus_small_lila.svg
s0.2mdn.net/4528404/1688648402398/ Frame A911 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1688648402398/congstar-stoerer_gb-plus_small_lila.svg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21cc53e2b17047493e459e5fabde8f3efdd79de048e6fe885f77fcb070234e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1000
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:41:29 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/8317705942888151156/ Frame A911 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8317705942888151156/logo-d0d80991.svg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 20 Dec 2024 23:28:51 GMT
date
Thu, 21 Dec 2023 23:28:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 16:31:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 402A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59fb45c3c38cf66a1aa4373cf13b7b9f7f046fcbd710bafebb15a5b2bdd9fc8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A911 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 06:37:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E84F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMWmsjC6FZarKF9HW9u8P2YqH8AEAAAAAOAHgBAI&bg=!19Sl1JvNAAY3kmNgF5I7ADQBe5WfOCREC_U5JplifPlm_OCc501ocK-pJK6F8BSOPXTYrcsipqYKj4ok_7E0WDyS--0yAgAAAFhSAAAAAWgBB5kDKoBqu83zcAP8dZOs19lxq2s63RJLQsaYffiD1VqEYkZ3m7AlK1vOEGNsD7l8c4Pcxn4-7GSvKO9ZlfqqO2UEtH9DcfyP3lnbfTJThOq2EGPTK1rqxEYnWOIvZvlpYmK0zGcfjq4IiOBRzMfE6zOs_LrYIjP_lJ6Pp9lXBsw1Nx2Y3xVfD__HlAfHlc-_VNC-MUaSDEo1FPb4gQrHlLsNDSGr_w0BGraW0vLCC3gB95GFnFmy__WDLADqEnLgwSQ2pPJAXPQzdR6eIM5mcF4xhs_Wvw519lXM9m6VVtP9E02H5YFWLRrXGVoF_zUeguxtVfVQrUktOeztFFHBuahvc_AIarlVJJY9n0yjA440kA511ozHWtxefBDSAlTgMYEVfRcZFw-HDibaAObyR3rB3-EOoCc24oyJm94s8w02ygx0FAyREk-Ny6Qf9bqdVUGhB554zN76ySEZ3pOPJ4sRP679hSihKmYhj6B0fBUUwzXTe12sY2ACB_5mPBrhPpi9xi-aEw5c1xLxe-v2hvUmMVEFj03yW91F-Yrwa6jywEsJcSPiurrOqDnlFYIvrClrgzKo7_gOSDSxOUkS-r8-sqgme28MiPRRiXdmC-mf44XZUjv4Gz0g-hVNzZhnuxGR88UIqMqK4jCdJYzDeZdJEd9E2mF8R9B--92MVj78MWc_gNWoXRGuo-OocT3xNPM0G3xCFjg54lky5OTRAF3UbBrzNjdfG9LiVKl9AoB-249z8_ioAwJ_5kENcnORtK-cAYyV4kdGJBl9X5PjeCOJB-VnNXGaszg471m5r7HzKpD7gOlsNa9XAYDxuhOZhG7-hXqwpBJiM4rKtfhskl-sqaUM14i71iQNaHK5FZL61vzSX_W4jUsZlf5ZhNCR8Smj_HFucEytTDA9dEP9cs3uhJcM_7RKG3015-0zRxsHQb2Zwf6B07oqb3CVEy2-Tch5hAhIQad-YSvU6XxgEnQLQs25KeLQlP7NrxueBuDZTau02ce25fl3MbporOajEl8WGDHQURpLEJ8Q6BmdWgW68oFqGvE4HQpolcOXmEyK4LuBWGNgo66t1JYWgg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6C0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5699jC6FZYbcGtKl9u8Pr-uZsA4AAAAAOAHgBAI&bg=!hIelh8jNAAY3kmNgF5I7ADQBe5WfOL7T-h2-pdCI-PF3OzundS4nSCUyRbA8HcFNeKxLYSo5v5ae-Zw8-MQk64eZpttUAgAAAEpSAAAAAWgBB5kDR62y1hYKyJR9R5mZYBkTg-JzH4KmUf64G0p9-bgIUYw0-s3_H3mJMyueseGa5P2RXjCf6QfLyU8q3tzZ7SL2sKVL73ifRsihmzLNQkebyz5Hd2xWNV_1VBDvubFcIeqr5NLF6ANOMN7pg1BiOwJ5kkR7jPWLK5AyQi1D1u_wNajRXOrGh9uICusEJKrc6SpSp8_MElFEZfQb2tETHzhsb8biB8NgfPbHrmhhDV9jgyNruog5fLvzbIeqoXPdvrl-EFDNlpepjMYuixjG7Onvo3F_U6ebMjx0A6C0ZUWPoIrSxJX1uCtQ575t0yu1LXx9xA4hfmvfO7bazAefp2TX5ig3KOP3KrGkZlmwgMqVuRhgBVd25FsPloKaAINxn4GkETFWt3aJ-Dt-jmP9Un7s_jCCV5K_uCTXK8PT5Jy5SWEXSrs-AQDMc3vi6ykA7h9sRP3MxQpITrO2dso1XdSMABw7zOAAl4WCq-AkkbHhdt2a8vDl7E0fBE8WU2vAMENnY-NN1Zwny_5W6lRWaymFvUC-MnmucomwosnAYW4J4c4OaUSYWddGJONqHgz027YjwIptklfhDgwSTnmuq05v3ibo3rvQo0xZMFC92TYyoK7VFGx4C6Bt5wMIXoz35F5UroHCr4K2IWEgGYLcor_Vz-oGTOFYrDErzcsxuXsxi74BnpZyzJxAqR8LGIKHSGrEIfj6OA0pjQsU5eHfXPuRAeIoZEOrnyKyPwffEXRWAyv5ZRdNwky_FoNv446aT56tcIqc_rg3m3wCqg3p0541FiFn_jJy-yMgUWmOjWN-JT_iO-kuhbE5yWVtkKoLYNe1xKh59i3_i8X_jPjXfv8nGWZMR0CIsnSGZXEwvm06olby5X75a_W0hsyIOeZishQulpJw0rUF97ZYZcRfYU6dEyFiPfHw5le7xMj5ZjnFuWYl-Z_x2eeeXFv4oneDY7u20obVHb0dZwahnykthFA4J0K_WxEK1-Ur5pZuKMZg7Wza96JSOoAXc96BecsM_9c3xbBli5H-f1kzE3LvMbNaG2DdvRjGjvNKOf24vTTR9r7CxWdIozzihnKCqoeeduyzSpfD7LijVEL_tEdDfYCJq7A3hHKJjD5m
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3101 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
0_noimage.gif
s0.2mdn.net/4528404/ Frame A911 		54 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/0_noimage.gif
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16c98584b72f73a64ee22a1d59be1b62571672811dfd34600cb0dda265f8f491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:40:47 GMT
x-content-type-options
nosniff
age
35773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 15:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 20:40:47 GMT
Agata_Mars_Motiv_1_Selfie.png
s0.2mdn.net/4528404/ Frame A911 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Agata_Mars_Motiv_1_Selfie.png
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ccbba7dd5aca9535deee804349133034d9e0e2172596287655fc0fb96ca737b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:00:03 GMT
x-content-type-options
nosniff
age
77817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4047585
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:00:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 09:00:03 GMT
congstar-stoerer_gb-plus_big_lila.svg
s0.2mdn.net/4528404/1688648407429/ Frame A911 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1688648407429/congstar-stoerer_gb-plus_big_lila.svg
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2d84570d037eab308bcb515a7ba9ce502da0d072895c1ba7a3876f6d7910373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 08:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2211
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:00:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 08:57:13 GMT
dc_oe=ChMIhtKZjLeigwMV0pL9Bx2vdQbmEAAYACCe44NdQhMItZTXi7eigwMV3GsVCB0WeAex;dc_eps=AHas8cAcTJ6xPeiRO7MTSwQj8VOTCV0LFGB4jST-2kqZiKk8Khp5Jmplkcp6rbdD0uPY3aVGBdKLyns;stragg=1;&timestamp=1703227020890;s...
ade.googlesyndication.com/ddm/activity/ Frame 98BB 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhtKZjLeigwMV0pL9Bx2vdQbmEAAYACCe44NdQhMItZTXi7eigwMV3GsVCB0WeAex;dc_eps=AHas8cAcTJ6xPeiRO7MTSwQj8VOTCV0LFGB4jST-2kqZiKk8Khp5Jmplkcp6rbdD0uPY3aVGBdKLyns;stragg=1;&timestamp=1703227020890;str=nextSlide;strtype=1
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by
Host: cybernews.com
URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
web
onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/7bd8b78e-a560-4299-8e32-a71a9be1ded8/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a28fbc16ee4a23cf6b663b7e8327e3269e7aaba2f5466eabf4339aab7450bd3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2350
cf-polished
origSize=3367
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
aa6157f2-d9cf-4a81-84e1-87dd70e42cb0
x-runtime
0.028049
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"6d9a00e23faf3aa26e903e50ae007738"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83965a919f8b1c3e-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 22 Dec 2023 07:37:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8b19276861c3480050fe4a9f236400ece76b591e9467b3e700e3715c5c4f049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12339
x-xss-protection
0
syncframe
gum.criteo.com/ Frame D824 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cybernews.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:00 GMT
server
Kestrel
server-processing-duration-in-ticks
403648
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
search-f66abc99343feb5986aa.js
cybernews.com/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cybernews.com/js/search-f66abc99343feb5986aa.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/js/base-f66abc99343feb5986aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5715e6cd0ac2e82f3c996f6dfb3a45333cf8ce775933ba91ac613dedb2762b8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age
244183
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=7377
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 19 Dec 2023 10:24:25 GMT
cf-bgj
minify
server
cloudflare
etag
W/"65816f59-1cd1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=14400
permissions-policy
geolocation=(), camera=(), microphone=()
cf-ray
83965a919fbf4d64-FRA
expires
Fri, 22 Dec 2023 10:37:01 GMT
links-bar-f66abc99343feb5986aa.js
cybernews.com/js/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cybernews.com/js/links-bar-f66abc99343feb5986aa.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/js/base-f66abc99343feb5986aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6caa0ac78173985d1a73e7f3728f8d4aff713fd60ad3c8039ad3cc412dcb7b9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age
244578
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=6050
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 19 Dec 2023 10:24:25 GMT
cf-bgj
minify
server
cloudflare
etag
W/"65816f59-17a2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=14400
permissions-policy
geolocation=(), camera=(), microphone=()
cf-ray
83965a919fc24d64-FRA
expires
Fri, 22 Dec 2023 10:37:01 GMT
scroll-up-f66abc99343feb5986aa.js
cybernews.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cybernews.com/js/scroll-up-f66abc99343feb5986aa.js
Requested by
Host: cybernews.com
URL: https://cybernews.com/js/base-f66abc99343feb5986aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba039d9e9b08fc4c48d4d656f8dd20de7f96f0dc6d6d8c558b9aee51527408e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
age
243886
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=1509
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 19 Dec 2023 10:24:25 GMT
cf-bgj
minify
server
cloudflare
etag
W/"65816f59-5e5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=14400
permissions-policy
geolocation=(), camera=(), microphone=()
cf-ray
83965a919fc34d64-FRA
expires
Fri, 22 Dec 2023 10:37:01 GMT
sid
mug.criteo.com/ Frame D824
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=cybernews.com&sn=ChromeSyncframe&so=0&topUrl=cybernews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=YCKYR3x2VVZwNmZONkpxU2xzMDRpL3FMMkIvSHoxYmt2bGh1bmpCZnpLTGVaVnhlanBNYXgzVHZsbkZLQktuMXNHU0RKckxraUxid0VJVHZXVHJvbXBKekN5SVZsd0hVeG82cHc1YzNWS3Q0KzkzV2ZqUTZCOElPN1o4RD...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YCKYR3x2VVZwNmZONkpxU2xzMDRpL3FMMkIvSHoxYmt2bGh1bmpCZnpLTGVaVnhlanBNYXgzVHZsbkZLQktuMXNHU0RKckxraUxid0VJVHZXVHJvbXBKekN5SVZsd0hVeG82cHc1YzNWS3Q0KzkzV2ZqUTZCOElPN1o4RDlqME9aQW1haWJOeUxqckk4cHhwOXY1VzFrUmxMa3FzeGkzbFZVakZQN3o4MDN0VlJmcFM4UHpJSXJrQ0M4ZEVBTmozRzJzNDNNc051bk42M1NVUG5rTWphSTA3MTQvdnhUTEVvRlVFTmdMbk5TdXZEc2F6Z0IwLzMrZGRPdTFiMXRnZ3F4VlBQT1NDVkMyeldJbDRrNWp2T214N3k1SmdVTnIvSFdMVTh4S0ZWY1BoeTRlRT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b9693ec9faae9e7aaa8153db95a0bdd65cf0b41ebe6866d46ac089c17d17c94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
8063276
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=YCKYR3x2VVZwNmZONkpxU2xzMDRpL3FMMkIvSHoxYmt2bGh1bmpCZnpLTGVaVnhlanBNYXgzVHZsbkZLQktuMXNHU0RKckxraUxid0VJVHZXVHJvbXBKekN5SVZsd0hVeG82cHc1YzNWS3Q0KzkzV2ZqUTZCOElPN1o4RDlqME9aQW1haWJOeUxqckk4cHhwOXY1VzFrUmxMa3FzeGkzbFZVakZQN3o4MDN0VlJmcFM4UHpJSXJrQ0M4ZEVBTmozRzJzNDNNc051bk42M1NVUG5rTWphSTA3MTQvdnhUTEVvRlVFTmdMbk5TdXZEc2F6Z0IwLzMrZGRPdTFiMXRnZ3F4VlBQT1NDVkMyeldJbDRrNWp2T214N3k1SmdVTnIvSFdMVTh4S0ZWY1BoeTRlRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
252835
content-length
0
expires
0
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1833
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
83965a91bbab30d5-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 21 Jan 2024 06:37:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5928161074779380&plah=cybernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 06:37:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 879A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqwJx0kzq2WUztXIlPcJuar2uRfddLVopLU9EZiFayodFR4g-bbUZXys-jEwC3RICLQ7uvvWrVDEzrjhi85yr-zizqfMO8NXV7-7WCIz-J0u8G1gog6tzhcInIyVqfKDJnEd7bRAFike51C4GH9LxKg37M2vxMJAqANpr52X3N_prOK9hqLMdUU_TKTTx9jPTt1MzGYERsDzMA8U7RD6wVTYcmUU97kU6lT1L0JG3SkWdDAU7nuZmT0QxulNHwE6O_vyTTCplhLtvXSspPoBmc9ugnvONLe713TJyrHChwjG83HmJI0eWkGfjeiSGmWCszm2wv1P2J4WE3LBrgPEupM0Yboh_MTOR5KvbHuDdJJFPYsud3NNeFODHSRkzRUHVeZjYvAHHHiEOnprlK-FQk9eBHBwbfigQysy_Fye0O_KKqlj79xn1LBCqBcvAeWiqgXk0iZg__RePZIhuk1rReZJQbNgbiik5TdUthZTu9Ew1raAss7HbGroq4TaMaZWgdud-cnMIANI-J-Ko2RIF3QqUq98OfhRihm4EWBsIn1RmcPqVuedoipU2g7ShqYq-0Zogl5V-4GuXXg9v_Sma8iI_J2bs4ntYG_t0ODwX8TN_Ve-CFSDUTz7LwYuJ5T-nuvNxbQNkDCbH3_XPJt0iFgSGmIjT0BavFkGYnRQRIN-tWsvliGtGZbWFWBv9zJgH9wXi4OpLxZIMQrTexH1sh_P3-04kfrkXK6g5SIFYorG0MR2vtJ5EYGI7fPJ8C-najJgq79c2qPrwRaahrRqL146_MqTra3mI92DmI7t2m6woG3nb5mfi2kaUxkFdsxXfQ7HslKRonAdjjtTVWLuYgvM67TRUTOkOxxgCUvFT-iBzXJBNkSbyGfIG4o_eG43RC3PMs13CPd0eUxHAHYH3HLL2zAmYg0G_ajodTftUXNy0Q8x0K82bgnepamC3kevlZJCGsvm2GNNnXgaHpIe8ywrI8aTY0hJC7V-24a4TihnMLTjJIp6BfrgYXO6VGNmD4tdXU107mjjZFiJME-qdRWJ69ai2N48AY5BpmsaD7URnmWLn5pp4flQzxgCe1tK2DF_LkSYPPQWOjVJoG_9cqR38LcibbNPP7FMEdmH_5EILwYekqG7Yu6pq7IgAxyvN-XxR5xwDjoH36vaHgUnQillS8RODF61rEAA0qJs6cH9ImkM30PEiaCrl_CtROzVGqPOU5FAJQlqIaRE6Tnzppw3y1Ety87p-Ku7YqN1zRhF3OCrqaQMfuxMtLREktpomIiCYiqGNChjCfhFrwi2nmk8BgQQFIz-R7myIKSSqieUX-NcNaEpa8sg&sai=AMfl-YTG0A5gY1MDjBwjfMM9dnU_8w81qOf03ETZsswv_ZWD4cMyYENqJxDgLQaikHLAbcxaZPPMG9qxLucn9bMsSY6yrQCkXf5y7r3y9Wbr-rglXwjtybvqMLTvu_jL21FqmTlcyIhkwn8vCg&sig=Cg0ArKJSzNoWQF8z_K4ZEAE&cid=CAQSPAAvHhf_vWZQMCkKpSvK4Qb2YiA_vnse91I8kQOyOSvoSw_hNMMfcXllMrfvXGLJ51z8xXcetL2OstsICBgB&id=lidar2&mcvt=1024&p=0,0,193,749&mtos=0,1024,1024,1024,1024&tos=0,1024,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=4&adk=652042997&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703227019197&rpt=922&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A1C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 21:01:48 GMT
expires
Fri, 20 Dec 2024 21:01:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4BE5 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c870b3e719490f5df32c1b29f720a0995e95d3be787502bf2b219f8abd6ad813
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e6ivmFPNlAuHGouKGz_T0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-e6ivmFPNlAuHGouKGz_T0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 06:37:01 GMT
expires
Fri, 22 Dec 2023 06:37:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9A1C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
62780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4BE5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3619052773082774&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9A1C 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OF5_kA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
index.js
s0.2mdn.net/sadbundle/16530502095010416759/ Frame E219 		136 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16530502095010416759/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4909f91144f6db6372b00ebe8de8d4dc75b62a736df4e8c56a860e1c4983bd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 21:11:02 GMT
date
Mon, 18 Dec 2023 21:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27570
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 12:28:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98BB 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7924586371924&version=m202309260101&ct=76&x=1&cor=6820350250234463000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
s0.2mdn.net/sadbundle/16530502095010416759/ Frame E219 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16530502095010416759/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3fb334ce1b3a029ce3f3042be837cf090d62172e4c842e8b324ae1dafcc464f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 18:44:29 GMT
date
Mon, 18 Dec 2023 18:44:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301952
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2805
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 12:28:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3619052773082774&bg=!9fal9rnNAAY3kmNgF5I7ADQBe5WfODWe7PDnKgZZ256ey_7tMeifVy86mrjKazdTjA3QEBkv9f_Y_OaETg2RMXN-tJY_AgAAADNSAAAAA2gBB5kC63-xw6xCmBTTa2y-FTuTL6XEQWeVGwmowx45UkaTriUXmMQwWhWFdNtidDrnMtXWf04d_-Ih0ZmMfb20-_yA3Ikh5Wn3gVIDkBq5proSx1Kobm0jR1scoorJT1M1unH7ciwaiezi-Zuti9WbDtdR0WrBdS2ZButk1Uyh7rZsDpsDvHNMra91dqxXq2ObDg7cCZGLmLG2yJYjbQ5wdU1ZjATBgC6tukIkJpMHNYFE83xF-7_pap4UxoD94X7RBsdQ30FuUYGHrzvJj_x3_8Io8DKWWv_jgGMmIMyTxyrGjuQ6wf54HLDWI6SutZeLdYFiOLlENdgdf2aZaPfiPs26EyKXAZ8SDdZTPgF0ugZ9L_8Y6DDs1kyyWO2cfX15K_wP9hGMYaloMoFMaIOz63upuC2tv_riy8VQfXl-73JJ9T0JvJRwee33W4o64Pj5L3ssSg3CkGX1dp4QgzYGyF_NPnktP-M5uMUHzCvnFrleazVkgBe0pVklnore3mawza-zRcZm6pAjZOs4vRDVgIQeaPkA2J0e2Uy6lDe7un79sdeyZnQhAblKLKWbZAhy9LMENKhKTHeZ8F4-s2YFfu36eFS5-qzOpL5G-H7Rp0AL8MUdQeJAYki5YENje8hhaRC7LG3teDU7aIV6uzbcHHL_Xv0F8aFkFNAJjd3hyC74BEVp0HRXaMkjPB5Jzai6NGNS8MV_rv5NyEzgSnw5jcYK80uv0JzLdxTJUt0VR9r2ZDhsa79vwgtr51tojKKXhecQBoyYRDOV--7UTSTdWDssLcd1qRK0koJW-Z9W3gm1ks4Ji-BrxYdqVaYMYNtfn1sjRKzoA1XXBE9XskWmJuMLW80kK_uTOa0NUquDSF4h6mU1Ka09-1GszTeuObbeUw3EnDPTJF2WnMGiDttQVy0KDwBXk1M33NQnwBy98Un5sZSXhY4sAVkPxttMLMTVf-B0yxyLpxQPlZnxCpVD9RFxrkF5Aa7Q22QzzmWjUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
index_atlas_P_1.png
s0.2mdn.net/sadbundle/16530502095010416759/images/ Frame E219 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16530502095010416759/images/index_atlas_P_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0df7074b21c5276bed759e155d4f509f73ecba730be971d55798b034c7febc53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 19:42:08 GMT
date
Mon, 18 Dec 2023 19:42:08 GMT
x-content-type-options
nosniff
age
298493
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95170
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 12:28:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 402A 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9351310580763&version=m202309260101&ct=76&x=1&cor=2669550462956345300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/16530502095010416759/images/ Frame E219 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16530502095010416759/images/index_atlas_NP_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f19b825f749df8d22b6fc53256ba0edfda3dad7ed20c660011ea815bc670f95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16530502095010416759/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 17:02:20 GMT
date
Mon, 18 Dec 2023 17:02:20 GMT
x-content-type-options
nosniff
age
308081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84947
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 12:28:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 402A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlNxOvBzZcMjrThmnlaN6IPG7c-PTD11s9a_i0cqvsW5JI5G4LMU-xhRTcneZbT3OGAnncHi1_F_vi0ykwbQA3wZ7a9nF6AHV4t9XzyRfgH0YYqfvaLKATk3TN2JztzSymrcRRSnYY073pJKSRkvVH6ce3&sai=AMfl-YTTDEj3Gni7tIsF6aWYMYMMdXdnc4ko3DuBN1RGiG7Szsbf2hsQxKYr7Qz2KQfDu2-jfMDAmGzWHLzbObTOY54fTwFox4KNHxo3zzT_1XRln1of_TTzqpwnQSs&sig=Cg0ArKJSzNDjMIb8wFJ9EAE&cid=CAQSOwAvHhf_gZtnocjds7AIxNYJaojR8Mk3FaPYvN5NOums92CAb_DdmkCuwJDuxQvuJI0jWW2nEFsnWhGQGAE&id=lidar2&mcvt=1017&p=0,0,618,160&mtos=0,1017,1017,1017,1017&tos=0,1017,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703227020205&rpt=286&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
setupad-d.openx.net/w/1.0/ Frame 3649 		199 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Fri, 22 Dec 2023 06:37:02 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
eu-inap.vap.lijit.com/ Frame F015
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13401985
  • https://eu-inap.vap.lijit.com/beacon?informer=13401985
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-inap.vap.lijit.com/beacon?informer=13401985
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5774
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 22 Dec 2023 06:37:02 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

content-length
110
content-type
text/html
date
Fri, 22 Dec 2023 06:37:02 GMT
location
https://eu-inap.vap.lijit.com:443/beacon?informer=13401985
server
awselb/2.0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KT8DKCHF41&gtm=45je3bt0v882489589&_p=1703227018784&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=678660438.1703227018&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1703227018&sct=1&seg=0&dl=https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F&dt=MOVEit%20hack%3A%20credit%20union%20discloses%20100K%20victims%20%7C%20Cybernews&_s=2&tfd=6318
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT8DKCHF41&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cybernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame A911 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 11:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 11:22:40 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame A911 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:40:52 GMT
congstar-stoerer_gb-plus_small_lila.svg
s0.2mdn.net/4528404/1688648402398/ Frame A911 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1688648402398/congstar-stoerer_gb-plus_small_lila.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21cc53e2b17047493e459e5fabde8f3efdd79de048e6fe885f77fcb070234e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8317705942888151156/index.html?e=69&leftOffset=0&topOffset=0&c=AgWQUCjib8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 06:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1000
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Dec 2023 06:41:29 GMT
dc_oe=ChMIhtKZjLeigwMV0pL9Bx2vdQbmEAAYACCe44NdQhMItZTXi7eigwMV3GsVCB0WeAex;dc_eps=AHas8cAcTJ6xPeiRO7MTSwQj8VOTCV0LFGB4jST-2kqZiKk8Khp5Jmplkcp6rbdD0uPY3aVGBdKLyns;stragg=1;&timestamp=1703227025853;s...
ade.googlesyndication.com/ddm/activity/ Frame 98BB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhtKZjLeigwMV0pL9Bx2vdQbmEAAYACCe44NdQhMItZTXi7eigwMV3GsVCB0WeAex;dc_eps=AHas8cAcTJ6xPeiRO7MTSwQj8VOTCV0LFGB4jST-2kqZiKk8Khp5Jmplkcp6rbdD0uPY3aVGBdKLyns;stragg=1;&timestamp=1703227025853;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIhtKZjLeigwMV0pL9Bx2vdQbmEAAYACCe44NdQhMItZTXi7eigwMV3GsVCB0WeAex;dc_eps=AHas8cAcTJ6xPeiRO7MTSwQj8VOTCV0LFGB4jST-2kqZiKk8Khp5Jmplkcp6rbdD0uPY3aVGBdKLyns;stragg=1;&timestamp=1703227025855;s...
ade.googlesyndication.com/ddm/activity/ Frame 98BB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhtKZjLeigwMV0pL9Bx2vdQbmEAAYACCe44NdQhMItZTXi7eigwMV3GsVCB0WeAex;dc_eps=AHas8cAcTJ6xPeiRO7MTSwQj8VOTCV0LFGB4jST-2kqZiKk8Khp5Jmplkcp6rbdD0uPY3aVGBdKLyns;stragg=1;&timestamp=1703227025855;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 06:37:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon
onesignal.com/api/v1/apps/7bd8b78e-a560-4299-8e32-a71a9be1ded8/ 		192 B
760 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/7bd8b78e-a560-4299-8e32-a71a9be1ded8/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d2e35a25f0a5d950b8f860654e35080dea920222ffb8925ab556e6d7e0365ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:37:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
745fa79a-cb4b-4370-85f7-59a6057f54ad
x-runtime
0.015280
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1d2e35a25f0a5d950b8f860654e35080"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
83965ab12a334d7f-FRA
access-control-allow-headers
SDK-Version
4a34c6bc-5fe2-4e48-b2fc-87685a8cb722.png
img.onesignal.com/permanent/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/4a34c6bc-5fe2-4e48-b2fc-87685a8cb722.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631e2cbf53e5f55bf4422f786e227344dabc89d99ebd061df90afcff5c904188
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Fri, 22 Dec 2023 06:37:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
2450
x-guploader-uploadid
ABPtcPrLp6bS05YB_CtRx9Jgt9QqSK9Dvk-CO6uYokr6EdHvskDN3vNgz356qCWqbrQe4xszmwHi-CfJ5Q
x-goog-meta-x-goog-source-etag
"3d5249e83392bebac3131216f2ab757b"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2863
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:18:00 GMT
server
cloudflare
etag
"-CIPpucmGlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676344680150147
content-type
application/octet-stream
x-goog-hash
crc32c=Wgbnqg==, md5=PVJJ6DOSvrrDExIW8qt1ew==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
2863
accept-ranges
bytes
cf-ray
83965ab1aa0d1c3e-FRA
expires
Mon, 22 Jan 2024 06:37:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcybernews.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB-eS8yPC4F6Y2qUb6j_WWc&google_cver=1&google_push=AXcoOmRnlvihhAvbjNcKPOqe4t16g6zFzFvTRtB4RYQLGSJ1PyVyHfyTViu1xA3Hlm5EmOYAaxlh6194XPyQGYpr2-mJJe0XPsWgyo1x

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture object| dataLayer function| OneSignal function| openHeaderNavigation function| closeHeaderNavigation object| links-bar object| adsbygoogle object| commentsArea object| globalTranslations object| queriedObject object| googletag object| appWindowObject object| lazySizes object| MicroModal object| google_tag_manager object| google_tag_data function| twq object| GooglebQhCsO function| fbq function| _fbq number| __oneSignalSdkLoadCount function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| regeneratorRuntime object| twttr function| findCMP function| _defineProperty object| stpdChunk object| stpd object| _pbjsGlobals function| stpdPassback object| stpdSource string| clientContinent object| __stpdTags object| apstag object| aax function| stpdLog object| Criteo object| _aps boolean| apstagLOADED object| apscustom function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| google_llp function| __jp0 object| GoogleGcLKhOms object| google_image_requests

58 Cookies

Domain/Path Name / Value
.cybernews.com/ Name: cn_t_bs
Value: 91
.cybernews.com/ Name: cn_t_sess
Value: %7B%22cid%22%3A%22678660438.1703227018%22%2C%22clickId%22%3Anull%2C%22clickType%22%3Anull%2C%22landingPageUri%22%3A%22https%3A%2F%2Fcybernews.com%2Fnews%2Fmoveit-hack-credit-union-discloses-100k-victims%2F%22%2C%22sessionId%22%3A%22e0a718a9-30bc-43fd-9f57-aa1cbfc5a4c5%22%2C%22timeStamp%22%3A1703227018%7D
.cybernews.com/ Name: cn_t_gtc
Value: %7B%22clickId%22%3Anull%2C%22count%22%3A0%7D
.cybernews.com/ Name: cn_t_btc
Value: %7B%22clickId%22%3Anull%2C%22count%22%3A0%7D
.cybernews.com/ Name: cn_t_uid
Value: 7ae4f305-df1c-4c16-812c-275eb4ae62c0
.onesignal.com/ Name: __cf_bm
Value: LUBmSwTbZ7RylS.fjGuXC1_pDo1pVJUKgzJqPMLZFAU-1703227018-1-AftMTy0mZ/7cdyS0pQ1R2bl9BFGE1u4kJF3Wx3Rz4DDlvuxAAC0UPdg1E1zh3f6ZyeWyChIPLysQ0/e4/mpx5kg=
.cybernews.com/ Name: _gcl_au
Value: 1.1.2032324470.1703227019
.cybernews.com/ Name: _ga
Value: GA1.1.678660438.1703227018
cybernews.com/ Name: stpdOrigin
Value: {"origin":"direct"}
cybernews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.cybernews.com/ Name: _fbp
Value: fb.1.1703227019060.1027757816
.t.co/ Name: muc_ads
Value: d8097e75-967b-4809-8253-650c9c5ab7bb
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170322701906433341
.twitter.com/ Name: guest_id_ads
Value: v1%3A170322701906433341
.twitter.com/ Name: personalization_id
Value: "v1_cUetj4qpI2UIetCTxIjYlA=="
.twitter.com/ Name: guest_id
Value: v1%3A170322701906433341
.doubleclick.net/ Name: IDE
Value: AHWqTUnY1djCgkG2EiS-CbK4Fpx76Es1W_717dNx-LEqVi3o3K_0cRIkkNSCkZUoM2g
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2204BEA085-DF3C-4F13-3F8C-CF22DA85DCB7%22%7D
.w55c.net/ Name: wfivefivec
Value: gByrK2KO1Rgz9y5
.w55c.net/ Name: matchgoogle
Value: 5
.cybernews.com/ Name: __gads
Value: ID=61ac24cafb1135e0:T=1703227019:RT=1703227019:S=ALNI_MZt58q4FFJHqZvKYH2tWFrURSs5gQ
.cybernews.com/ Name: __gpi
Value: UID=00000d259e1cc35b:T=1703227019:RT=1703227019:S=ALNI_MaRP-vo9TX6kNdOaJ0l7bs3hh711Q
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.blismedia.com/ Name: b
Value: 65852E8CF462D70FDEC1499EBLIS
.adform.net/ Name: uid
Value: 528774790558052124
.yahoo.com/ Name: A3
Value: d=AQABBIwuhWUCEIQK71QBhS2zjzCMtiyecLQFEgEBAQGAhmWPZQAAAAAA_eMAAA&S=AQAAAg2siaaJQ8yyFTRl_hwLaf8
.adnxs.com/ Name: uuid2
Value: 5918611516791537090
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$IkC/%u!]tbPl1M>e)ZlrFUfJ+tGXxoLTh?0EbOuv]Z8_y+Scn*:Af8AROl@zC1?VUb*bpRz*qF1`*b^[8)nAw5
.casalemedia.com/ Name: CMID
Value: ZYUujMri9xnlFnmch24.kAAA
.casalemedia.com/ Name: CMPS
Value: 1198
.casalemedia.com/ Name: CMPRO
Value: 1198
.simpli.fi/ Name: suid
Value: F07875F91D20420AA5FC5C70E204C368
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYUujAAIq2sJewAM
.adfarm1.adition.com/ Name: UserID1
Value: 7315304348567599260
.googleadservices.com/ Name: ar_debug
Value: 1
.turn.com/ Name: uid
Value: 7785065049025118325
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2204BEA085-DF3C-4F13-3F8C-CF22DA85DCB7%22%7D
.doubleclick.net/ Name: APC
Value: AfxxVi5IZbgJQ654Cpb1QRIPZPR-MNAg9i2Lb9sR4w5e8Gipr4rrfQ
.ctnsnet.com/ Name: cid_315119ee38944381a53358381d2db0b7
Value: 1
.ctnsnet.com/ Name: gid_CAESECzaPWd92SaFafCfx8UYYqQ
Value: 1
.quantserve.com/ Name: d
Value: EG4BCQHcKoEA
.quantserve.com/ Name: mc
Value: 65852e8c-8d57d-ecb32-48bc3
.cybernews.com/ Name: _ga_KT8DKCHF41
Value: GS1.1.1703227018.1.0.1703227020.58.0.0
.tribalfusion.com/ Name: ANON_ID
Value: a0ntuJS3n0gryoxDmDmSVZclpyTtHYL9cowiAPiTZcABwWYELqgk4dFZcRM3Meiv2TFSkT58o7Ct9yThg0H90enaIuN
.de17a.com/ Name: guid
Value: 1.3764909659746418679
.innovid.com/ Name: uuid
Value: 03090cf9-4c86-4dbc-ac16-785eea94b23e-20231222 01:37:00
m.exactag.com/ Name: exactag_new_gk
Value: cd637c18bc2c4d008adf726df5e51b37%7C20.02.2024%2006%3A37%3A00
m.exactag.com/ Name: exactag_new_uk
Value: e0d3e2331e9f4a15a94394b0253d39f3%7c
m.exactag.com/ Name: session_session
Value: 29003eb700d74b67ae2ae87d
.demdex.net/ Name: demdex
Value: 55591179807707141142138140420870297933
.skydeutschland.demdex.net/ Name: skydeutschland
Value: 55591179807707141142138140420870297933
prebid-stag.setupad.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNTI4Nzc0NzkwNTU4MDUyMTI0IiwiZXhwaXJlcyI6IjIwMjQtMDEtMDVUMDY6Mzc6MDEuMDEyMDM4MDUyWiJ9fX0=
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 099ba45e-9ab4-47be-940b-d57144560046
.cybernews.com/ Name: __cf_bm
Value: hqF_b4oR5ypO7Kv9xFHwVWlxpPAZtvYI20y5LV2bNeY-1703227021-1-AVYIS2sOP+Jssn17u7uxiwetfLxXWqf6QFPLYF0NlbDAFHUTogifAAAQJB6FVGCcnCs2r2RmAJGqY5AcuxTKkyNlItjDX1EXEyxGOI3xYJVm
.cybernews.com/ Name: cto_bundle
Value: RGDMuV9KZjlSQWk3QXJuMXhodWY5N3R4Z2x1b01xVzdWaDdueVJnUjdYd1EzOG5USyUyRjU4aTdaSHlSYWV1UGdlYXolMkI5a0JCRHNDQ3FMamdRano2cHlvdCUyQmI0MklSVjdlZTI3YWFpakp3JTJCYmYxMzh2djFCY0JvR2NKeW51bnI5QmJMakdqSnN4OW52WlI1ckhaZzJCUkhqQ1RyQSUzRCUzRA

5 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (403) was received when fetching the script.
other warning URL: https://connect.facebook.net/signals/config/1031670724691978?v=2.9.138&r=stable&domain=cybernews.com(Line 132)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcybernews.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac' from origin 'https://cybernews.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcybernews.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Message:
Failed to load resource: net::ERR_FAILED
deprecation warning URL: https://cybernews.com/news/moveit-hack-credit-union-discloses-100k-victims/
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: data: blob: wss://*.hotjar.com;style-src data: blob: https: 'unsafe-inline';script-src https: data: blob: 'unsafe-inline' 'unsafe-eval';img-src 'self' https: data: blob:;worker-src 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.travelaudience.com
ag.innovid.com
analytics.twitter.com
ap.lijit.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.jsdelivr.net
cdn.onesignal.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
cybernews.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e364fdd550025a72fd68e8d585551c3a.safeframe.googlesyndication.com
eu-inap.vap.lijit.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
img.onesignal.com
img.youtube.com
lb.eu-1-id5-sync.com
m.exactag.com
match.adsrvr.org
media.cybernews.com
mts0.google.com
mug.criteo.com
node.setupad.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prg.smartadserver.com
r.turn.com
region1.analytics.google.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
setupad-d.openx.net
skydeutschland.demdex.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
stpd.cloud
sync-tm.everesttech.net
sync.teads.tv
t.co
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
c.amazon-adsystem.com
googlecm.hit.gemius.pl
104.244.42.197
104.244.42.3
104.26.8.178
104.75.89.75
13.227.219.102
141.101.90.97
142.250.184.194
142.250.185.134
146.75.120.157
151.101.130.49
159.89.25.223
162.19.138.118
162.19.138.82
172.217.16.130
172.217.16.194
172.217.18.2
172.64.151.101
178.250.1.9
18.239.64.29
18.239.69.131
184.30.16.195
185.184.8.90
185.86.138.124
198.47.127.19
2001:4860:4802:32::36
213.155.156.167
216.52.2.6
2600:9000:20ab:fc00:8:48e:53c0:93a1
2606:4700:3108::ac42:2bc5
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:19ad
2606:4700::6812:1e31
2606:4700::6812:d63b
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:4005:801::2003
2a00:1450:400c:c0c::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:12::1370
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3601:aac8:1b9f:b7f8:fd94
2a05:d01c:1d8:8101:ecdd:a035:7b09:ae7f
3.230.95.185
3.69.190.202
34.91.62.186
34.96.105.8
34.98.64.218
35.186.193.173
35.190.0.66
35.227.252.103
37.157.3.26
37.157.6.232
37.252.171.52
46.228.164.11
51.75.86.98
52.223.40.198
52.49.242.154
52.58.114.78
54.220.88.163
69.173.144.165
81.17.55.171
85.114.159.118
85.14.248.91
044ba774801c7b26b94a5dca716a592c42f8e08a06a81acffc49ad42951893f0
05a200593a66e505b5894efac3b5601a8c0017aaddbf7aed37c014b50516086b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
089f3882ca8ed99068f5221bbed0c0177e41121ade3abd7ab03b3257b2a7f1b6
09a0ccfc2387313b67e685adc7ad3eee63e5e21524f871e7bdf299cd5c80cf9a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba039d9e9b08fc4c48d4d656f8dd20de7f96f0dc6d6d8c558b9aee51527408e
0df7074b21c5276bed759e155d4f509f73ecba730be971d55798b034c7febc53
0e5389d4ff8aa7414543574acab723071581bde8808b8ab852e2b3b774fd3a99
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16c98584b72f73a64ee22a1d59be1b62571672811dfd34600cb0dda265f8f491
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18acd6ec91576c11303665951bcaf34f9aebbed1510f44c6c0ff63b8eeae0bee
19431b4d7cdf3bee1ed045a136b23de439d74858c8e7aa687bd8783931fb1252
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1d2e35a25f0a5d950b8f860654e35080dea920222ffb8925ab556e6d7e0365ba
1f19b825f749df8d22b6fc53256ba0edfda3dad7ed20c660011ea815bc670f95
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2058bf2d2637804387e59993489725dd2ccfe3600bdafd28b50af6fe645efa3f
21cc53e2b17047493e459e5fabde8f3efdd79de048e6fe885f77fcb070234e1e
237598b9c97a28387b4f3f4a8c30581a8afc8502aee6de938ade46d8656efe89
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2797af31e1a1cb6b652595a0a95198e3e04982d6aa7bb50f375e5b9ac28bd80e
2c7405d17b5e748c2a6fceb47d65449c72a1a3560747f46d8cd6163627a09561
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e1c51ef6da4c217279fdac6b80139496600f84769dcb607f6b741ecb607462f
311667b03aae33e4f2fc1ccdd76730c6f16b0f97d17efb743fb038eb9fcaa277
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
378016d88f416b5a4569e86246b803ab5902836f0e10a4c5fee5192776b15817
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b2af9119ab6fef593e10d206101b8c86d4d6b56283af5bda95eb456141dad63
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e64066de59e77553d65d9e36c6044055c5c70b03cad844aafd19e0122f48317
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4498ca1278367e6346a6b5b6a4fdc4a537b27d81f29295ce1cddbfb9ba2f1d8e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45c10852e0b745c06995f7eff923015cb92059c7c25f3d7ad6287a6f7dedadce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4909f91144f6db6372b00ebe8de8d4dc75b62a736df4e8c56a860e1c4983bd60
4a28fbc16ee4a23cf6b663b7e8327e3269e7aaba2f5466eabf4339aab7450bd3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be6aea8905bf51917add01a1faa698f725b6b21c86f8cc1effb69f94c74179f
4ccbba7dd5aca9535deee804349133034d9e0e2172596287655fc0fb96ca737b
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d69f285b5333f6da188599d48732888dc2aa05e4253e47c5d7897773f433bc1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51bbbd8f8a33f915a47dd67ffddc207a7e01d0f9d3f57b832699e884ce27a409
5480cc2b32b1f52f2b7be7b836904e1e4f3741bb0e25f739140bc49709ef584b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5715e6cd0ac2e82f3c996f6dfb3a45333cf8ce775933ba91ac613dedb2762b8c
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
59fb45c3c38cf66a1aa4373cf13b7b9f7f046fcbd710bafebb15a5b2bdd9fc8a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4f43b8974037d45c4ee9199d9e325143c2a511388811d70571d049312a8fb1
615a434f22ecb50cf449f3fa17c7f50a174fbc0ca950d7d54da48be5103b5507
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d428927ee939648e75ce295d112ec2870e7683922741f123c0c2c97b717bfa
631e2cbf53e5f55bf4422f786e227344dabc89d99ebd061df90afcff5c904188
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68f5b212006bb81ae4bc5be6ae9cbbbf06d491eb05e18b97d10f3f40514a2332
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6fa3f31317cf74cb391b4c94fa4f19b32e0e2d23e25a1a8f1b2695b38249269c
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e5c3b4d29b6140fd7818de05328b2c711ddc050651a729b08db3cba2b58af6
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
7c2e64b247a66f17881bd8228c65d96ba68fd2c26693389d3a4dcf5e2d07a373
7fbbe4eaff77586b1e509b3646e2669492a37c113b7f95714b81fbf12c1a2cea
831f91e3f3ac2958442ebada25709910b04fd1dfedc5adbd6715c6e5ea55bd6e
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ff0230dc015e049efef926dd235dd94335813c7ac47c53d5e7b045f05f23ae4
9067b6611b0b53bb66dfdc76b7a79e59528af028c54ad7983e6d40f6fb630db4
91a3628cb871ccafc5d22f14103f6dca7fd89f6326037ea57628c60478948f10
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dcdd4dff6dab5e556d07cf571e17a19ce4c7dba8a9b657bee0b9e68b6d5b018
9f36d0521480a2b88d4428ba420d0e52741e487c450cdaa07b5f790d9347664f
9fca9ae04b4bca7ef7d4f2c43505769b1f03fd173ecf3871dd7b7ee0f115dd48
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3fb334ce1b3a029ce3f3042be837cf090d62172e4c842e8b324ae1dafcc464f
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab8f0b6cec3eb6cd02efd0a9324053b868cac7dcda99fc89871b4e87141bdf14
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad150b4f6e6c794e080dd0f2a345a49cb346323efc8c293529ce9dca21f03b4a
af937ad852768902bbdb3918052da1553ad921cf5aaab2c9170f8ccb46c5e014
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d84570d037eab308bcb515a7ba9ce502da0d072895c1ba7a3876f6d7910373
b539cd755cf9c00024fd5804cb186b530d8902b493646e35ce1ced515c1c22c7
b6caa0ac78173985d1a73e7f3728f8d4aff713fd60ad3c8039ad3cc412dcb7b9
b7defd058aac902313a0610f1f1ab42179e79f22d7f1eca61e73fd58bbfd8c79
b9693ec9faae9e7aaa8153db95a0bdd65cf0b41ebe6866d46ac089c17d17c94f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
c215817ac6590a446d8b5f6d8df74c797a9d492083377a2442d4b0a3a40d0782
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c384e161dd9d69bfc6e872774aadc81b3bd7534a97c5541d20a83c120704dbec
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c870b3e719490f5df32c1b29f720a0995e95d3be787502bf2b219f8abd6ad813
cde3e52a9e5c2f94addacc0ac45357918f5601929dad17a1dfb0cf4c08d23677
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
d09ff1ebfae30ab7d45be32471a248805ff0e1a5c45080e41908325619ebbddd
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2b9f58893d69d4bc0b114dec514772f290b205b13f46f12dc7dae83080f365c
d45c66c1648f7220aca8d5e6d6acc2d668070fd1926c2c29e0500ecd073c07f8
d5d959f0e60cf01a041df2583fe38ab79a5f0418f513b3512c3f6aa17aec8986
d8b19276861c3480050fe4a9f236400ece76b591e9467b3e700e3715c5c4f049
d974c42a2c4f0b058fefe374a7d1fe52e05d6fa1e202268d9767d33ed6ba6453
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e138d129f38769d7080ed6ac6519dce8a4d546b7da5709b12aedff39673fa021
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8578b8b75718eea5c893f802369281a62f86c6cf6c4fe9d8ea124315cf13f4a
e8ae78c695711b688c2a8fdbfd3f6f04acb78b9bea7cb6ebc698ca37859caeeb
eb648ad4ba45cf6d7a36b9bee5cae2432244d8b6c4008cbd607182c94e5b0a82
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcbe29ddadf674b264c84fb8dbe9f5d5e796d1e0c5c239273ff6245e6dda0f69