urlscan.io logo urlscan.io
SecurityTrails logo

www.gizchina.com Open in urlscan Pro
151.101.130.207  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Submission: On November 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 17 countries across 103 domains to perform 474 HTTP transactions. The main IP is 151.101.130.207, located in United States and belongs to FASTLY, US. The main domain is www.gizchina.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on July 16th 2021. Valid for: a year.
This is the only time www.gizchina.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
76 151.101.130.207 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 37.9.170.217 51013 (WEBSUPPOR...)
8 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.98 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
1 1 2600:9000:215... 16509 (AMAZON-02)
2 143.204.98.14 16509 (AMAZON-02)
35 194.146.38.23 41436 (CLOUDWEBM...)
8 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
3 35.201.98.64 15169 (GOOGLE)
1 34 151.101.1.44 54113 (FASTLY)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 151.101.192.217 54113 (FASTLY)
1 3 143.204.98.87 16509 (AMAZON-02)
3 143.204.98.106 16509 (AMAZON-02)
2 143.204.98.7 16509 (AMAZON-02)
5 2600:9000:215... 16509 (AMAZON-02)
4 2606:2800:234... 15133 (EDGECAST)
4 188.40.92.96 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 143.204.98.11 16509 (AMAZON-02)
1 18.232.8.41 14618 (AMAZON-AES)
7 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2.18.233.180 16625 (AKAMAI-AS)
2 3 185.94.180.126 35220 (SPOTX-AMS)
1 35.244.174.68 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 143.204.95.188 16509 (AMAZON-02)
2 2 23.37.42.132 16625 (AKAMAI-AS)
6 23.79.143.124 16625 (AKAMAI-AS)
6 35.244.159.8 15169 (GOOGLE)
1 2a0c:5c81:513... 55081 (24SHELLS)
17 194.146.38.187 41436 (CLOUDWEBM...)
16 18 18.157.198.157 16509 (AMAZON-02)
2 2 23.88.75.189 24940 (HETZNER-AS)
2 3 2.21.141.232 16625 (AKAMAI-AS)
2 2 37.252.173.62 29990 (ASN-APPNEX)
6 2a00:1450:400... 15169 (GOOGLE)
5 151.101.14.109 54113 (FASTLY)
4 185.86.137.114 201081 (SMARTADSE...)
4 185.64.189.112 62713 (AS-PUBMATIC)
1 9 37.157.4.25 198622 (ADFORM)
4 185.94.180.123 35220 (SPOTX-AMS)
4 35.156.156.223 16509 (AMAZON-02)
4 18.195.15.213 16509 (AMAZON-02)
4 2.18.234.233 16625 (AKAMAI-AS)
2 198.47.127.19 3257 (GTT-BACKB...)
2 104.244.42.72 13414 (TWITTER)
1 2 5.178.65.246 50673 (SERVERIUS-AS)
3 2600:9000:215... 16509 (AMAZON-02)
1 37.157.4.23 198622 (ADFORM)
2 89.187.190.167 60068 (CDN77 ^_^)
4 5 37.157.2.234 198622 (ADFORM)
2 2 213.155.156.168 1299 (TWELVE99 ...)
7 185.64.189.110 62713 (AS-PUBMATIC)
1 2 178.250.0.163 44788 (ASN-CRITE...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
11 185.64.190.80 62713 (AS-PUBMATIC)
3 4 151.101.130.49 54113 (FASTLY)
4 4 54.77.6.213 16509 (AMAZON-02)
12 12 216.58.212.130 15169 (GOOGLE)
1 185.86.137.133 201081 (SMARTADSE...)
2 2 87.98.228.78 16276 (OVH)
3 3 213.19.147.45 3356 (LEVEL3)
7 9 35.71.131.137 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 72.251.245.179 29791 (VOXEL-DOT...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 185.29.134.244 30419 (MEDIAMATH...)
3 198.47.127.20 3257 (GTT-BACKB...)
3 3 51.210.112.63 16276 (OVH)
3 5 52.208.103.128 16509 (AMAZON-02)
1 20 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.184 36351 (SOFTLAYER)
2 3 37.252.172.250 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 4 18.156.0.31 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 52.17.151.21 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
1 34.254.122.11 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
3 46.249.52.248 50673 (SERVERIUS-AS)
3 5.178.65.253 50673 (SERVERIUS-AS)
1 35.186.253.211 15169 (GOOGLE)
1 34.192.120.237 14618 (AMAZON-AES)
1 3 162.55.236.225 24940 (HETZNER-AS)
1 12 35.157.138.20 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 6 2.18.234.21 16625 (AKAMAI-AS)
1 51.89.9.251 16276 (OVH)
6 14 188.132.147.227 42910 (PREMIERDC...)
2 69.173.144.139 26667 (RUBICONPR...)
1 2 52.46.154.242 16509 (AMAZON-02)
1 1 52.205.58.132 14618 (AMAZON-AES)
3 4 35.227.248.159 15169 (GOOGLE)
1 37.157.3.28 198622 (ADFORM)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.50.27.147 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.104 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.120.154.132 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
2 34.255.77.76 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 52.206.55.189 14618 (AMAZON-AES)
1 2 52.95.125.22 16509 (AMAZON-02)
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 1 63.33.178.28 16509 (AMAZON-02)
1 143.204.98.104 16509 (AMAZON-02)
1 51.15.145.116 12876 (Online SAS)
1 1 37.252.173.213 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 54.36.109.48 16276 (OVH)
2 2 18.157.131.22 16509 (AMAZON-02)
2 2 96.46.183.20 7979 (SERVERS-COM)
1 1 146.0.227.109 29066 (VELIANET-...)
2 2 52.214.119.250 16509 (AMAZON-02)
1 1 51.75.146.162 16276 (OVH)
474 110
76    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
www.gizchina.com
bc.marfeelcache.com
sdk.mrf.io
flowcards.mrf.io
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    37.9.170.217 (Slovakia)

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)
PTR: shinyhousecore.vps.wbsprt.com
static.fatchilli.media
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
1    2606:4700:20::681a:78e (United States)

ASN13335 (CLOUDFLARENET, US)
protagcdn.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cmp-cdn.cookielaw.org
cdn.cookielaw.org
1    2600:9000:2156:800:c:1f1:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
launcher.spot.im
1    2600:9000:2156:d600:19:ea68:d100:93a1 (United States)

ASN16509 (AMAZON-02, US)
recirculation.spot.im
2    143.204.98.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-14.fra50.r.cloudfront.net
recirculation-cf.spot.im
static-cdn.spot.im
35    194.146.38.23 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
8    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com
scientificshirt.com
34    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
match.taboola.com
15.taboola.com
vidstat.taboola.com
images.taboola.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    151.101.192.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
3    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
sb.scorecardresearch.com
3    143.204.98.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-106.fra50.r.cloudfront.net
direct-events-collector.spot.im
pix.spot.im
2    143.204.98.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net
publisher-assets.spot.im
5    2600:9000:2156:3800:1d:6a6f:6d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
api-2-0.spot.im
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    188.40.92.96 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.96.92.40.188.clients.your-server.de
events.newsroom.bi
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    143.204.98.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-11.fra50.r.cloudfront.net
pix.spot.im
1    18.232.8.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-8-41.compute-1.amazonaws.com
metrics-logger.spot.im
7    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2600:9000:2156:2400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
6    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
primis-d.openx.net
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
17    194.146.38.187 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
18    18.157.198.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-198-157.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
3    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
2    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
5    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
4    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
4    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
4    35.156.156.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
4    18.195.15.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-15-213.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
4    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
3    2600:9000:2156:ee00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    89.187.190.167 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-528.bunnyinfra.net
cdn.admatic.com.tr
5    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    54.77.6.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
12    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    87.98.228.78 (Spain)

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu
green.erne.co
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    72.251.245.179 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
5    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
20    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ads.avct.cloud
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    46.249.52.248 (Huissen, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
3    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    34.192.120.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-120-237.compute-1.amazonaws.com
a.audrte.com
3    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
12    35.157.138.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
14    188.132.147.227 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-227-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.205.58.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-58-132.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2600:1f18:6593:f601:6e36:3d7b:dfb5:1567 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:bc48:7748:582:a849 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.50.27.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-27-147.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.104 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.120.154.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-154-132.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    34.255.77.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-77-76.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    52.206.55.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-55-189.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    63.33.178.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-178-28.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    143.204.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-104.fra50.r.cloudfront.net
tags.crwdcntrl.net
1    51.15.145.116 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu
js.cookieless-data.com
1    37.252.173.213 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com
id5-sync.com
2    18.157.131.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-131-22.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    52.214.119.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com
r.scoota.co
1    51.75.146.162 (France)

ASN16276 (OVH, FR)
PTR: de02.roqad.pl
ws.rqtrk.eu
Apex Domain
Subdomains		 Transfer
72 gizchina.com
www.gizchina.com
715 KB
52 primis.tech
live.primis.tech
video.primis.tech
4 MB
34 taboola.com
cdn.taboola.com
trc.taboola.com
match.taboola.com
15.taboola.com
vidstat.taboola.com
images.taboola.com
518 KB
33 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
53 KB
20 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
6 KB
18 bidswitch.net
x.bidswitch.net
8 KB
18 spot.im
launcher.spot.im
recirculation.spot.im
recirculation-cf.spot.im
direct-events-collector.spot.im
publisher-assets.spot.im
api-2-0.spot.im
pix.spot.im
metrics-logger.spot.im
static-cdn.spot.im
125 KB
17 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
149 KB
16 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
22 KB
16 adform.net
adx.adform.net
cm.adform.net
c1.adform.net
dmp.adform.net
track.adform.net
5 KB
15 adscale.de
js.adscale.de
ih.adscale.de
16 KB
14 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
prebid-server.rubiconproject.com
token.rubiconproject.com
34 KB
10 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
95 KB
10 cookielaw.org
cmp-cdn.cookielaw.org
cdn.cookielaw.org
169 KB
9 adsrvr.org
match.adsrvr.org
4 KB
9 casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
10 KB
9 google.com
apis.google.com
accounts.google.com
219 KB
8 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
17 KB
8 googlesyndication.com
pagead2.googlesyndication.com
186 KB
7 openx.net
u.openx.net
primis-d.openx.net
rtb.openx.net
1 KB
7 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
6 KB
7 youtube.com
www.youtube.com
127 KB
7 gravatar.com
secure.gravatar.com
19 KB
7 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
696 KB
6 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
3 KB
6 crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
id.crwdcntrl.net
13 KB
6 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
2 KB
6 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
6 adnxs.com
secure.adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
5 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
42 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
150 KB
5 mathtag.com
sync.mathtag.com
pixel.mathtag.com
3 KB
5 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
2 KB
5 vimeocdn.com
i.vimeocdn.com
f.vimeocdn.com
190 KB
5 onesignal.com
cdn.onesignal.com
onesignal.com
83 KB
4 tapad.com
pixel.tapad.com
2 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 stickyadstv.com
ads.stickyadstv.com
3 KB
4 newsroom.bi
events.newsroom.bi
3 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
942 B
3 richaudience.com
sync.richaudience.com
744 B
3 onaudience.com
pixel.onaudience.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 scientificshirt.com
scientificshirt.com
30 KB
2 scoota.co
r.scoota.co
1 KB
2 betweendigital.com
ads.betweendigital.com
1 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 mookie1.com
odr.mookie1.com
430 B
2 weborama.fr
idsync.frontend.weborama.fr
673 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
791 B
2 sitescout.com
pixel-sync.sitescout.com
pixel.sitescout.com
625 B
2 avct.cloud
ads.avct.cloud
894 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 erne.co
green.erne.co
498 B
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 loopme.me
csync.loopme.me
427 B
2 vimeo.com
player.vimeo.com
15 KB
2 facebook.net
connect.facebook.net
83 KB
2 mrf.io
sdk.mrf.io
flowcards.mrf.io
54 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 marfeelcache.com
bc.marfeelcache.com
5 KB
1 rqtrk.eu
ws.rqtrk.eu
515 B
1 admixer.net
inv-nets.admixer.net
582 B
1 id5-sync.com
id5-sync.com
534 B
1 cookieless-data.com
js.cookieless-data.com
535 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
214 B
1 bluekai.com
tags.bluekai.com
346 B
1 agkn.com
aa.agkn.com
380 B
1 theadex.com
dmp.theadex.com
334 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
379 B
1 onetag-sys.com
onetag-sys.com
814 B
1 2mdn.net
s0.2mdn.net
17 KB
1 audrte.com
a.audrte.com
2 KB
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
462 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 quantserve.com
pixel.quantserve.com
541 B
1 simpli.fi
um.simpli.fi
616 B
1 iprom.net
core.iprom.net
279 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
916 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
1 KB
1 facebook.com
www.facebook.com
407 B
1 rlcdn.com
di.rlcdn.com
66 B
1 ggpht.com
yt3.ggpht.com
2 KB
1 adsafeprotected.com
static.adsafeprotected.com
481 B
1 onetrust.com
geolocation.onetrust.com
398 B
1 protagcdn.com
protagcdn.com
92 KB
1 fatchilli.media
static.fatchilli.media
1 KB
1 googletagservices.com
www.googletagservices.com
27 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
0 spotim.market Failed
sync.spotim.market Failed
474 103
Domain Requested by
72 www.gizchina.com www.gizchina.com
35 live.primis.tech www.gizchina.com
live.primis.tech
18 images.taboola.com www.gizchina.com
18 x.bidswitch.net 16 redirects www.gizchina.com
ssum.casalemedia.com
17 video.primis.tech live.primis.tech
www.gizchina.com
16 mwzeom.zeotap.com ads.pubmatic.com
spl.zeotap.com
ads.us.e-planning.net
12 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
12 cm.g.doubleclick.net 12 redirects
11 simage2.pubmatic.com ads.pubmatic.com
9 match.adsrvr.org 7 redirects ssum.casalemedia.com
live.primis.tech
9 cmp-cdn.cookielaw.org www.gizchina.com
cmp-cdn.cookielaw.org
8 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
8 adx.adform.net live.primis.tech
8 cdn.taboola.com www.gizchina.com
cdn.taboola.com
8 apis.google.com www.gizchina.com
apis.google.com
accounts.google.com
www.youtube.com
8 pagead2.googlesyndication.com www.gizchina.com
pagead2.googlesyndication.com
srcdoc
imasdk.googleapis.com
7 image2.pubmatic.com ads.pubmatic.com
7 www.youtube.com apis.google.com
www.youtube.com
7 secure.gravatar.com www.gizchina.com
6 ads4.admatic.com.tr 6 redirects
6 ssl.gstatic.com accounts.google.com
www.gizchina.com
6 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
ads.us.e-planning.net
6 ads.pubmatic.com launcher.spot.im
live.primis.tech
s.console.adtarget.com.tr
ads.pubmatic.com
ads.us.e-planning.net
5 trc.taboola.com 1 redirects spl.zeotap.com
cdn.taboola.com
www.gizchina.com
5 c1.adform.net 4 redirects ads.pubmatic.com
www.gizchina.com
5 pix.spot.im launcher.spot.im
5 api-2-0.spot.im launcher.spot.im
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
4 ups.analytics.yahoo.com 2 redirects www.gizchina.com
4 spl.zeotap.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
4 sync.mathtag.com 4 redirects
4 match.prod.bidr.io 4 redirects
4 sync-tm.everesttech.net 3 redirects www.gizchina.com
4 ads.stickyadstv.com live.primis.tech
4 prebid-server.rubiconproject.com live.primis.tech
4 primis-d.openx.net live.primis.tech
4 ads.adaptv.advertising.com live.primis.tech
4 search.spotxchange.com live.primis.tech
4 hbopenbid.pubmatic.com live.primis.tech
4 prg.smartadserver.com live.primis.tech
4 events.newsroom.bi sdk.mrf.io
4 platform.twitter.com www.gizchina.com
platform.twitter.com
4 fonts.gstatic.com fonts.googleapis.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 s.e-planning.net ads.us.e-planning.net
3 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
3 ib.adnxs.com 2 redirects spl.zeotap.com
3 pixel.onaudience.com 3 redirects
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 i.vimeocdn.com player.vimeo.com
3 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
3 onesignal.com cdn.onesignal.com
3 sync.search.spotxchange.com 2 redirects www.gizchina.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.gizchina.com
3 scientificshirt.com www.gizchina.com
scientificshirt.com
3 fonts.googleapis.com www.gizchina.com
live.primis.tech
3 securepubads.g.doubleclick.net www.gizchina.com
www.googletagservices.com
2 r.scoota.co 2 redirects
2 ads.betweendigital.com 2 redirects
2 pixel.advertising.com 2 redirects
2 mug.criteo.com www.gizchina.com
2 gum.criteo.com 1 redirects
2 tracking.m6r.eu 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 odr.mookie1.com spl.zeotap.com
s.console.adtarget.com.tr
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects ssum.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 token.rubiconproject.com www.gizchina.com
eus.rubiconproject.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 ads.avct.cloud 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 green.erne.co 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 syndication.twitter.com platform.twitter.com
www.gizchina.com
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 f.vimeocdn.com player.vimeo.com
2 secure.adnxs.com 2 redirects
2 csync.loopme.me 2 redirects
2 u.openx.net live.primis.tech
2 secure-assets.rubiconproject.com 2 redirects
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 publisher-assets.spot.im launcher.spot.im
2 player.vimeo.com www.gizchina.com
2 connect.facebook.net www.gizchina.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.onesignal.com www.gizchina.com
cdn.onesignal.com
2 bc.marfeelcache.com www.gizchina.com
bc.marfeelcache.com
1 ws.rqtrk.eu 1 redirects
1 inv-nets.admixer.net 1 redirects
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 simage4.pubmatic.com ads.pubmatic.com
1 id.crwdcntrl.net live.primis.tech
1 id5-sync.com live.primis.tech
1 track.adform.net 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 onetag-sys.com ads.us.e-planning.net
1 s0.2mdn.net imasdk.googleapis.com
1 a.audrte.com ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 cm.adform.net s.console.adtarget.com.tr
1 s.console.adtarget.com.tr live.primis.tech
1 cdn.cookielaw.org cmp-cdn.cookielaw.org
1 www.facebook.com www.gizchina.com
1 di.rlcdn.com www.gizchina.com
1 static-cdn.spot.im www.gizchina.com
1 yt3.ggpht.com www.youtube.com
1 accounts.google.com apis.google.com
1 static.adsafeprotected.com www.gizchina.com
1 metrics-logger.spot.im launcher.spot.im
1 pixel.wp.com www.gizchina.com
1 stats.g.doubleclick.net www.google-analytics.com
1 flowcards.mrf.io www.gizchina.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 direct-events-collector.spot.im launcher.spot.im
1 geolocation.onetrust.com cmp-cdn.cookielaw.org
1 sdk.mrf.io www.gizchina.com
1 stats.wp.com www.gizchina.com
1 recirculation-cf.spot.im www.gizchina.com
1 recirculation.spot.im 1 redirects
1 launcher.spot.im www.gizchina.com
1 protagcdn.com www.gizchina.com
1 static.fatchilli.media www.gizchina.com
1 www.googletagservices.com www.gizchina.com
1 www.googletagmanager.com www.gizchina.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
0 sync.spotim.market Failed www.gizchina.com
ads.pubmatic.com
474 171
Subject Issuer Validity Valid
gr.gizchina.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-07-16 -
2022-08-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
live.mrf.io
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-03 -
2022-10-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
static.fatchilli.media
R3		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.protagcdn.com
R3		 2021-11-17 -
2022-02-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.spot.im
Amazon		 2021-11-04 -
2022-12-02		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
scientificshirt.com
R3		 2021-11-22 -
2022-02-20		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-08 -
2021-12-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-15 -
2022-10-17		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
spot.im
Amazon		 2021-08-01 -
2022-08-30		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.cl03.k8s.mrf.io
R3		 2021-11-10 -
2022-02-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-11-13 -
2022-02-11		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.iprom.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.e-planning.net
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
ads4.admatic.com.tr
R3		 2021-11-04 -
2022-02-02		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
js.cookieless-data.com
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Frame ID: B6A22AE80188E5DAEC1F10748924277C
Requests: 222 HTTP requests in this frame

Frame: https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Frame ID: F3C53CF05655FEF3F118CAB5D6353003
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: A4690B1F068FDBDEFE8CAA0AF6F985E9
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 000F02486F3084D278C66132F272DC51
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&layout=full&count=hidden&origin=https%3A%2F%2Fwww.gizchina.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: 4E0E698FC5895D7A4EA3F33AE50BDB06
Requests: 6 HTTP requests in this frame

Frame: https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Frame ID: 788C826E2F1E231DC0D4C6AC39A00DE3
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.gizchina.com
Frame ID: E9AF714DA0186B7DBF78B0D2B9AD7B43
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.gizchina.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: C9A46528E9DAAF3035E2F7428AD58E08
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 1D49BD35D4C13759E85A7F492D02EE3B
Requests: 23 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: F5C037F926F61C260FCB20DFC2B27A3F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 3A92F29696801AA8BB85AEA1BA76CB43
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Frame ID: F00C43731EA057267ABB22DA1C233E31
Requests: 3 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=94&advUuid=c518328b-51e1-11ec-8c76-14604df00306
Frame ID: 43E25276F1C32D99A933ECEECF8034F5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 4BD7BD0351466465CE01489C6A314AD0
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 99F6936BFCD0B71B87DCF1B3F8326A04
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: CE15C5F9E9C08E8576D4E93B2B1E9779
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: CAF7A264E358D73E860544D6AA28D51B
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 2E15850CEA1C5B7839DED3EE2F081B30
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 3BE09C03BFBAB740435C1B46B74EE4D7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 1CC617AE80792C93082B3A27F743B741
Requests: 12 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 46AA321C3628067C73763C6E9FDA4C72
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LWxjPeUloTxw30t7JdVf&pi=admatic&tc=1
Frame ID: 89B903C26A7C9106436A01BD4ADC77DF
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
Frame ID: 92F52C7CD7E2396C5B9C5B87D12C992F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123252113624498794
Frame ID: CBD6275CEDF939E08EA767FB03E12C59
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6506C41ADE1B97C8A76A57FC405ED1D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036355010209380492
Frame ID: 2C9F74EF2F761B9DE7D49EE13A7195ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaYnmgAIbyCrrwBR&gdpr=0&gdpr_consent=&_test=YaYnmgAIbyCrrwBR
Frame ID: A8F9C2E3E8B49A8E804FDDE82FD89007
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADX4k7DTE8AACrs8Z4j7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 22FA6B495F742B445D3608C901335345
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 4765DBABDF8397F9836713BD3FF397B9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2D8KdaMDemH14jZUwRbTX52L
Frame ID: 3F00225B3C7A2B99C2C3E1394FFB280F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003
Frame ID: 6D5ABF55BD8BD14A54393F1823EE7BE8
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 651F889320AD7EB03CB6A8616D622BAD
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5199DE17A3317376E49B152101385A81
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: A9A252F37AC8A160ADA8750559193CE7
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 24605AD4102BC42837B30AE30425A555
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4509D2EED55B86161E129A5B1E835B0C
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
Frame ID: 2E9618E2F0DEFE9970720322D51EE2BB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: AFC0E6963151E6558E9CE98F1FD6FA21
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Frame ID: 62B33AE2236FFFD7EEA600410A548876
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Frame ID: B8F56D099CFAB24E3B63EA72FA69A9DF
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: DF452662C7AF7233D393EB538DE158D6
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Frame ID: CDAC965D4419AFCF23D57410103A6C91
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 8E7579921F67688999362D2B3E367EDC
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361&cmp=0
Frame ID: A9CCB8E0A439ACFAF3FD580DD6128F06
Requests: 31 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 0F3665C82011087433C4D37D59F94713
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 52D8B7B18BEF765265271F6F907F0AFF
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 0D313F769769AF12D6BB93C7DC598A17
Requests: 10 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 47409B779219661C09FEF0BC70D881EF
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AAJtHMwYrF8jFKvD
Frame ID: F8900337B819FB63ED83C7CBFEC51B86
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 7BC3F3A94BA335C6A07858C5DCDE8C04
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: FFEC1C9C1A2C1436CF1429B3D1141083
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 06CB71E8700BE2531F9B8433ED0E14AE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 7B667AA1E79A5D4608B2DF24B8E1A0EF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CF0D6BC9096FA6DFA7556030BDCC29BB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 200004D64C699A320C09F67DEC18025B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 35B7BA5148FD9AE4E6046A28FFF3D6FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A new vulnerability in Windows makes it easy to get admin rightsBack ButtonSearch IconFilter IconGroup 3Group 3Group 3Group 3

Page Statistics

474
Requests

84 %
HTTPS

27 %
IPv6

103
Domains

171
Subdomains

110
IPs

17
Countries

7799 kB
Transfer

17122 kB
Size

144
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://recirculation.spot.im/spot/sp_RpYbjIoo HTTP 302
  • https://recirculation-cf.spot.im/empty.html
Request Chain 143
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1638279065454&ns_c=UTF-8&cv=3.5&c8=A%20new%20vulnerability%20in%20Windows%20makes%20it%20easy%20to%20get%20admin%20rights&c7=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1638279065454&ns_c=UTF-8&cv=3.5&c8=A%20new%20vulnerability%20in%20Windows%20makes%20it%20easy%20to%20get%20admin%20rights&c7=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&c9=
Request Chain 152
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=3537809648984412844
Request Chain 153
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=c5180be2-51e1-11ec-ae53-1708f5200506
Request Chain 154
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22&verify=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-0ty0Wy9E2uFSiU489vCKyu50WRcRZJU1~A~UPc5106481-51e1-11ec-9d65-06d2905c4e22
Request Chain 155
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=c51832f8-51e1-11ec-8c76-14604df00306 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=c518328b-51e1-11ec-8c76-14604df00306
Request Chain 168
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Request Chain 169
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=94&advUuid=c518328b-51e1-11ec-8c76-14604df00306
Request Chain 179
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=93&advUuid=498a2a01-6b3e-4a88-8ffc-8e8fd1d0f4f5
Request Chain 180
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=99&advUuid=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB
Request Chain 181
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=105&advUuid=3537809648984412844
Request Chain 218
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 224
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LWxjPeUloTxw30t7JdVf&pi=admatic&tc=1
Request Chain 226
  • https://c1.adform.net/serving/cookie/match?party=14&cid=30EFFF7F-519A-48F9-8EFC-601CD31DD006 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
Request Chain 227
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123252113624498794
Request Chain 229
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036355010209380492
Request Chain 230
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YaYnmgAIbyCrrwBR HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaYnmgAIbyCrrwBR&gdpr=0&gdpr_consent=&_test=YaYnmgAIbyCrrwBR
Request Chain 231
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWDRrN0RURThBQUNyczhaNGo3Zw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADX4k7DTE8AACrs8Z4j7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 232
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 233
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2D8KdaMDemH14jZUwRbTX52L
Request Chain 234
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3612607256 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3612607256 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a3401812-4a01-438f-82bf-109345f37dc4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003
Request Chain 238
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 239
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MO__f1GaSPmO_GAc0x3QBg%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MO__f1GaSPmO_GAc0x3QBg%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 242
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cb861a6-279a-4200-b19e-17a801a8c721
Request Chain 243
  • https://pixel.onaudience.com/?partner=214&mapped=30EFFF7F-519A-48F9-8EFC-601CD31DD006 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d44b7ae8a35bb59ea3ae19f74e4b7d11 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=a3401812-4a01-438f-82bf-109345f37dc4&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=0fd6cc87efceb9fd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1f41de53-0547-4be9-5e34-1ceac06d2802&reqId=77eefa5d-88ab-4d66-7a1d-fae26564ae18&zcluid=0fd6cc87efceb9fd&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1f41de53-0547-4be9-5e34-1ceac06d2802&reqId=77eefa5d-88ab-4d66-7a1d-fae26564ae18&zcluid=0fd6cc87efceb9fd&zdid=1332
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBFRkZGN0YtNTE5QS00OEY5LThFRkMtNjAxQ0QzMUREMDA2&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBFRkZGN0YtNTE5QS00OEY5LThFRkMtNjAxQ0QzMUREMDA2&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ0pBymUW_Cm94gs_RzF790&google_cver=1
Request Chain 247
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7&gdpr=0&gdpr_consent=
Request Chain 248
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2019882195564126656
Request Chain 249
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a3401812-4a01-438f-82bf-109345f37dc4
Request Chain 250
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3537809648984412844&gdpr=0&gdpr_consent=
Request Chain 251
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdLpkTHUscYugr7EYoalxWeB6sMu07zDYID40lLL
Request Chain 253
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=30EFFF7F-519A-48F9-8EFC-601CD31DD006&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c36NAUpE2uUArd9C6wUTuioSCXpQAj0-~A&gdpr=0&gdpr_consent=
Request Chain 254
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3441792153787669051&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 255
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=cfd292ba-918e-4099-80a9-f354261b9e70&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 257
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 258
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:518fa506-a77c-4a30-a85d-e14c676e7b46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 259
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3537809648984412844
Request Chain 265
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc922bc8e0cd6dcaa HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c922bc8e0cd6dcaa
Request Chain 270
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc922bc8e0cd6dcaa HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 271
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc922bc8e0cd6dcaa%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c922bc8e0cd6dcaa&uid=3537809648984412844
Request Chain 273
  • https://ih.adscale.de/uu?cbfn=receive&t=1638279066 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1638279066&nut&uu=ba6af80bca1948a5b17711b873a4940a
Request Chain 274
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 300
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaYnmrJHyWVSiueR9-xlswAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEErTSakQDB3iAJ04zvmQu2U&google_cver=1&gdpr=1
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENR6itnZVDK_MsplxpFc5bw&google_cver=1
Request Chain 303
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB&dcc=t
Request Chain 305
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADX4k7DTE8AACrs8Z4j7g&expiration=1639488667&gdpr=1
Request Chain 307
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bdf30f9e-094b-4ad0-9f1f-ac06e4f2d734&expiration=1669815067
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 314
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=91d398ac-7f6e-41c8-8ab2-661a04801cce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 316
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a3401812-4a01-438f-82bf-109345f37dc4&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 320
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a35fd380-2c43-4a0f-9eaf-b0cc9c52d164&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 321
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=348baf8d-3676-45fa-7981-a09ee0c5d661&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=348baf8d-3676-45fa-7981-a09ee0c5d661&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=85189389142021428331328152492691443284&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 323
  • https://bn01.er.bemail.it/zeotap.php?_bid=348baf8d-3676-45fa-7981-a09ee0c5d661&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021113014-39033-0.626495001638279070-071327524a7fdd1c21aff1446fc481f3&zdid=533&env=mWeb
Request Chain 324
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7036355010209380492&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 325
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=348baf8d-3676-45fa-7981-a09ee0c5d661 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=348baf8d-3676-45fa-7981-a09ee0c5d661
Request Chain 326
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=348baf8d-3676-45fa-7981-a09ee0c5d661&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=348baf8d-3676-45fa-7981-a09ee0c5d661&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361&bounce=1&random=2934456712 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=8G553TAxdx11HK1K0ydzOu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 328
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=348baf8d-3676-45fa-7981-a09ee0c5d661?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=d44b7ae8a35bb59ea3ae19f74e4b7d11&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 329
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-.ougFCJE2or3ncrxMUlNxmLUCgwvNjPouA--~A&zpartnerid=570&env=mWeb
Request Chain 330
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gOwCBUMoyjZMrVBiKo%2BMyfVskpdx65kE%2BS41iYitP1U%3D
Request Chain 334
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaYnmgAIbyCrrwBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 335
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8cb861a6-279a-4200-b19e-17a801a8c721&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 336
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 337
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361&dcc=t
Request Chain 338
  • https://tags.bluekai.com/site/87734?id=348baf8d-3676-45fa-7981-a09ee0c5d661&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 339
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Request Chain 348
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=446d17122be7b5afe91246f02a7600af2796232b66bbe3b23b5429db87520c89&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
Request Chain 352
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=75&tpuid=3537809648984412844&gdpr=0
Request Chain 356
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=fb4eef475dd970664941184a52b96b125f178d0bf23b0c6af9c71793c04d4b76&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YaYnmrJHyWVSiueR9-xlswAA%261166
Request Chain 358
  • https://track.adform.net/serving/cookie/match/?party=9&uid=64dca53dbb264611b53487f2c50d3fea3dc9b54f938ccbf240588f8f46a9c396&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=42&gdpr=0&tpuid=2019882195564126656
Request Chain 361
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=e95d9644509b15bd86bc7c472ea6538eff7132e4954e329489338bbbdfcdb156&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b1d24a0f-5400-4381-951e-dd656bea29f5&gdpr=0
Request Chain 362
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=85bceb02c9bbd5730f7fbf95be6e66caf12f824f85f6624e18984440315ae91f&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
Request Chain 363
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=e95c2168ac94a6b4603a25d510bb7ffcfe117a0a40905fd2ca3fab8fd494a8e3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=e95c2168ac94a6b4603a25d510bb7ffcfe117a0a40905fd2ca3fab8fd494a8e3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/js?tpid=48&tpuid=a9d099a4214015057c09b4bea1b14156
Request Chain 365
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gizchina.com%2F&domain=www.gizchina.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_OFoOnxhQ2VpbzIzeU5NR1RjaHBvZWZJYnpNQ2UzK1dSalhVT2lGa2RPbDlORWVacCtJbnJ2K3N6SmFETnhFMFBlcmNDVGw1TlllaThNTzcyZFN4Z1hzUGRWNnpTYllDd2dFUzlqeS9PYTBPM3ozNmpPZFYzd2RGOTNGZDdiMTRoNmw2cFIxYUUrdmIzVHIxTjZ2cFVQQ2s0eHlPb0owWkRYcU41bUVjTjBKOHR2Vk9WV2JUZUphMVNMd2QrZ3lqWm8zUUNRWHd6QmxETkhIem5POWgvNWlnVnFVUm01d3VnT3NZejlZNEI5eXZWTDIvNytjY0c5a1pJbk5MWjg0N3RTZ2FYVy9aWU9BRExSQkgxYmJQcnAxL1pVUT09fA&cppv=2
Request Chain 373
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3401812-4a01-438f-82bf-109345f37dc4&_origin=1&gdpr=1&gdpr_consent=
Request Chain 374
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e01649d92dab3c91715b2736ef317b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e910c_7036355014487191137 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTAxNjQ5ZDkyZGFiM2M5MTcxNWIyNzM2ZWYzMTdi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB0oCP1qzOfNk6K9124XPp8&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a3401812-4a01-438f-82bf-109345f37dc4 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3537809648984412844 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/e01649d92dab3c91715b2736ef317b?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-T3NMtApE2oP7MGLf6rMIGYCyLiBIU8kkjHl4cBpf~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=IyRqB4rS1MS3dW5&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YaYnmgAIbyCrrwBR&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADX4k7DTE8AACrs8Z4j7g&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Request Chain 375
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBjNTEwNjQ4MS01MWUxLTExZWMtOWQ2NS0wNmQyOTA1YzRlMjI%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEOT9AVnKSkWPQrkaOc9WngI&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOT9AVnKSkWPQrkaOc9WngI&google_cver=1&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=2D8KdaMDemH14jZUwRbTX52L&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Request Chain 413
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&ssp=admatic&gdpr=&gdpr_consent=
Request Chain 414
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d695850d-b0f2-534e-848b-69bee52d4e1f&ssp=admatic&expires=30&user_group=1 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Request Chain 452
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2019882195564126656&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Request Chain 457
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%3Dc5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=4cba4d96448f4d2d8985c6c6e00eb3f3&ssp=admatic&bsw_param=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Request Chain 469
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=33a55655-568c-44aa-a61e-52d54381ee9c&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Request Chain 473
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admatic&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=

474 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/ 		137 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8c0aa0ce7080aeefae6546215179cdfe901ce1e4fdcaadd94b130da3a4cb964a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.18.0 (Ubuntu)
link
<https://www.gizchina.com/wp-json/>; rel="https://api.w.org/" <https://www.gizchina.com/wp-json/wp/v2/posts/356189>; rel="alternate"; type="application/json" <https://www.gizchina.com/?p=356189>; rel=shortlink
x-frame-options
SAMEORIGIN
content-security-policy
upgrade-insecure-requests
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=()
referrer-policy
strict-origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000;
x-real-ip
161.35.246.138
x-original-request
/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
content-encoding
gzip
x-b3-traceid-primal
037bc0eab103445782dcbac1f00b2539
mrf-tech
CDN
accept-ranges
bytes
date
Tue, 30 Nov 2021 13:31:04 GMT
x-served-by
cache-lcy19236-LCY, cache-hhn4041-HHN
x-cache
HIT, HIT, HIT
x-cache-hits
1, 1
x-timer
S1638279064.471361,VS0,VE1
cache-control
public, max-age=60, stale-if-error=2592000
vary
Accept-Encoding, User-Agent
x-b3-traceid
fde2316abfc14f27b2fab2d9a498915b
mrf-cache-status
SH
content-type
text/html; charset=UTF-8
content-length
26879
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17866076-1
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7cf9c9151efb71c48539a66be64427fff3e3066ee2a7734492ef662928a72cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36130
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Nov 2021 13:31:04 GMT
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d89c12d1719d2e6610dd33aef999b6032f479e4ef08ab41ae98b10bca24356b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
br
x-b3-traceid
ac726ad731d14086b371333869ce1333
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
mrf-cache-status
H-HH
x-mrf-rendered
1637618016156
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
aa3523a9074141d5baeb181bfee27b80
content-length
3767
x-mshield-cache-status
HIT
server
nginx
x-served-by
mshield-b-02, mshield-f-01, cache-chi21153-CHI, cache-cdg20776-CDG
x-cache
Miss from cloudfront, HIT, HIT
access-control-allow-origin
*
x-mrf-type
UNKNOWN
x-mrs-age
39789
x-timer
S1638279065.559672,VS0,VE1
etag
W/"021f6935d72f0047a6096616960a024e9"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 33c5e667811ab5c0b32f883d38ab0a85.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
IeafhVsJYScPviZqxO7NTjMDR--6ZsgfZ2gHaqOKGV2xiTdUjAiFiQ==
x-cache-hits
1, 1
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1059 / 888 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26861
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Nov 2021 13:31:04 GMT
stickyBanner.js
static.fatchilli.media/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fatchilli.media/stickyBanner.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.9.170.217 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
shinyhousecore.vps.wbsprt.com
Software
nginx/1.20.1 /
Resource Hash
2eb6606679ce28fdacdfcd57387ad0bffd631d6b85f1ac7c1ea910454524efd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 13:43:11 GMT
server
nginx/1.20.1
etag
W/"5ee0e36f-bee"
vary
Accept-Encoding
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12e9beb9a3dced2403b1d7852ef84176f2e81df3d6715299bc695d9c6c236afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51263
x-xss-protection
0
server
cafe
etag
4501595230044618233
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 13:31:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
08012aaf4b314a0b3df680beb89f433d55e98c3a027af9a95fdd1f3569fdcdd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1059 / 571 of 1000 / last-modified: 1637708807"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26768
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Nov 2021 13:31:04 GMT
site.js
protagcdn.com/s/gizchina.com/ 		311 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protagcdn.com/s/gizchina.com/site.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6a8d60bc144353200284c9bf6f53a08f390cdbbefc5d4eca4ba1357922b608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=319457
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Sat, 20 Nov 2021 15:13:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFh1TIlkPLwe%2BJBDhmCIv3oZaKnb6iQrmTN1NKZtXI%2FwvhfLFIxP%2FnOvI1jWYSKAu%2BxTN%2BqOsgrd4pGoUxivsJ%2Br0ZvM8rI71wlPVMefadcq6IAk8AfrApzRfOD5E%2FmACXxG8zW2nrhqLIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6b646f1acfba375d-MXP
expires
Tue, 30 Nov 2021 14:01:04 GMT
mediaelementplayer-legacy.min.css
www.gizchina.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
19090975e979488fa11dc42747489a8d
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
e78c38f7e49a4955b322846b7168ad2e
content-length
2592
x-served-by
cache-lcy19254-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519518,VS0,VE1
etag
W/"602bc260-2bf8"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
wp-mediaelement.css
www.gizchina.com/wp-includes/js/mediaelement/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/mediaelement/wp-mediaelement.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
d1fde5c710554edd87b408ad4e45ed30
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
b61aba7b2e964067858c99a2a55f9037
content-length
1276
x-served-by
cache-lcy19246-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519488,VS0,VE1
etag
W/"5e1dd2da-1360"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
main.css
www.gizchina.com/wp-content/plugins/spotim-comments/assets/stylesheets/ 		105 B
286 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/plugins/spotim-comments/assets/stylesheets/main.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce8f0f49763b601127a67775440f336004d6c771e1bc6bc7b75ed049fb1a961d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
9d888158488c43a79753e854b5d76b69
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
f571b1c071964dc3a87362c9f48ea119
content-length
110
x-served-by
cache-lcy19243-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519549,VS0,VE1
etag
W/"5d933ce9-69"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
public.css
www.gizchina.com/wp-content/plugins/source-affix/assets/css/ 		285 B
398 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/plugins/source-affix/assets/css/public.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f86196e20c7324cdb33cb26b09d35a56d9790c54d8529a44f48af3462d73fca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
0bf29d0213ab4ee3947dea3cb1c34fa4
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
35868d088e8f4bff9b0013f51e986000
content-length
184
x-served-by
cache-lcy19236-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519514,VS0,VE1
etag
W/"6103cbe9-11d"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
style.css
www.gizchina.com/wp-content/themes/presso/ 		244 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/style.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e88f511fba0b3ab9a6021e070f971b62cc3bf2274b538b33ae9e9bfe8baf1d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
0538fdc3dbaf4cbb9266dd4dd7306027
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
7ed6ce8bbbea43148c3311876ba725fd
content-length
37912
x-served-by
cache-lcy19248-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519558,VS0,VE1
etag
W/"608817fe-3d04c"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
style.css
www.gizchina.com/wp-content/themes/gizchina/ 		2 KB
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/gizchina/style.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ec19a46529b6381ed062b18104d4821fd72d1d0897e87c874eb5b8f9818c8931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
f3cba6d96fc74959ac27abaf2dcf4665
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
346a951c15d54547995b4a9849624db3
content-length
687
x-served-by
cache-lcy19273-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519545,VS0,VE1
etag
W/"60ae1dfc-8a8"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
zocial.css
www.gizchina.com/wp-content/themes/presso/font-icons/social-icons/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/font-icons/social-icons/css/zocial.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
de6201a9c480a1b4d244c7b11c470b146b3f6293d4a4c34e4f0b26bb055ce902

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
8a021425c3c54aa9b2d60b044b250d4b
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
dd719e46db6b448f8e7605bd322d3fd9
content-length
2077
x-served-by
cache-lcy19258-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519701,VS0,VE2
etag
W/"60881827-1fef"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
entypo.css
www.gizchina.com/wp-content/themes/presso/font-icons/entypo/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/font-icons/entypo/css/entypo.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2b8e3dfab4eef2c00f0b0173378e168a2914ae05d2313b580ac42659fea9876e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
6723fd81f77843569834a007fc5d05e3
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
f9adba9efc6e4f298696bc762684ddb3
content-length
3764
x-served-by
cache-lcy19262-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519980,VS0,VE1
etag
W/"60881825-4b8b"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
slick.css
www.gizchina.com/wp-content/themes/presso/js/slick/ 		2 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/slick/slick.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f43ba23b35214b555e4e533ad3a7b4e1a0da33a244a122921e8f79d435bbd5f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
75934414eed742be81ce89aeeaa3b8af
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
f85a98d230824fa4b5c2077019a0f131
content-length
548
x-served-by
cache-lcy19253-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519945,VS0,VE1
etag
W/"60881814-717"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
slick-theme.css
www.gizchina.com/wp-content/themes/presso/js/slick/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/slick/slick-theme.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4950e443bf68c544147ba29741427865f8652181aa9b271d7aa1a6aa6829e682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
a5e19af10b3145e4a0a5c50345782743
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
2d88f145ccc3448da1a50e6bf64980a8
content-length
1362
x-served-by
cache-lcy19258-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.519678,VS0,VE4
etag
W/"60881814-1137"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
WmSHiMufCCbD.css
www.gizchina.com/wp-content/uploads/images/UiBSSXcSfJrn/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/uploads/images/UiBSSXcSfJrn/WmSHiMufCCbD.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e6ee1117d177a5be22184dc17eb81e8216ccf1c44bf57b7624e4599bc30bc3ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
49537aaa95f241eabd5d214fc4d2ff46
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
dca74ffbcd8a4f4e88186d3ea4ff1a46
content-length
1002
x-served-by
cache-lcy19280-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.525140,VS0,VE1
etag
W/"5e21a04a-d74"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
css
fonts.googleapis.com/ 		3 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla%3A400%2C700%2C400italic%2C700italic
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f118e242bfb2318d45f1aed9ed1f434c8f89f945023337ffb29c8d7cbc3175c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 13:12:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 13:31:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 13:31:04 GMT
jquery.js
www.gizchina.com/wp-includes/js/jquery/ 		282 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/jquery/jquery.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
eda91daa6969409abcbdfc6d777ac945
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
454d636934a54e4db41e339602125aaa
content-length
85148
x-served-by
cache-lcy19253-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.525165,VS0,VE1
etag
W/"613a660d-46758"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
jquery-migrate.js
www.gizchina.com/wp-includes/js/jquery/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/jquery/jquery-migrate.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
cb7e5deb4f844b6ba9855f746ac38389
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
cb40dd0ce8fd4c3891e8ad9520ab3ae4
content-length
8115
x-served-by
cache-lcy19245-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.525217,VS0,VE1
etag
W/"602bc260-62d4"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
otSDKStub.js
cmp-cdn.cookielaw.org/scripttemplates/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JVAndnKaGjIy3NFOrT6xPQ==
age
6807
cf-polished
origSize=13478
last-modified
Fri, 05 Feb 2021 17:39:07 GMT
vary
Accept-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
39a9068a-301e-0037-6a0a-c9067a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6b646f197effd6bd-FRA
expires
Tue, 30 Nov 2021 17:31:04 GMT
gizchina-logo-google.png
www.gizchina.com/wp-content/uploads/images/2021/03/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/03/gizchina-logo-google.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d406bb5609c56ae895928a3489ab7b3d6a77a761da3c39dac3e45311c1c94b8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
be75f095f56143678e0571b08c8d2014
x-cache
HIT, HIT
fastly-io-info
ifsz=1366 idim=215x60 ifmt=png ofsz=1236 odim=215x60 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
1236
x-served-by
cache-lcy19232-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
5be027d39e9a435cabebc1eb0697cd0c
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.696542,VS0,VE1
etag
"khF8j3DyI5b6LRVeGYY4ztEoiUUecIMtrrlkmcIMZ7s"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
sp_RpYbjIoo
launcher.spot.im/spot/ 		466 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_RpYbjIoo
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:800:c:1f1:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12dc4cef0560e100fbe0f960f75ad037a44925232a17f2a1de6aac7aa236d32b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 08:11:03 GMT
content-encoding
br
last-modified
Tue, 30 Nov 2021 08:10:56 GMT
server
AmazonS3
age
19202
etag
W/"bf37382a99f02359bcee2172ca536df6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
jLkHucfmA13WTWvrHVLnCnerEwkhBqeWi8qFTLvxD3iBqDYL3g4IUA==
empty.html
recirculation-cf.spot.im/
Redirect Chain
  • https://recirculation.spot.im/spot/sp_RpYbjIoo
  • https://recirculation-cf.spot.im/empty.html
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://recirculation-cf.spot.im/empty.html
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
143.204.98.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-14.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date
Tue, 30 Nov 2021 13:31:04 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
cloudfront-functions
generated-by-CloudFront-Functions
x-cache
FunctionGeneratedResponse from cloudfront
location
https://recirculation-cf.spot.im/empty.html
content-length
0
x-amz-cf-id
H9xZ72sXANO8GIsaIP7eKgsObN1jfkgpsCRu6jttliDY_lkcpZwf9Q==
liveView.php
live.primis.tech/live/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
3e5f28f71945ad24dad08a203ed08ac790f0e9f0093737d34af83663be4217d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
mobigaming_350px_mini.png
www.gizchina.com/wp-content/uploads/images/2020/03/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2020/03/mobigaming_350px_mini.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
68f93d76f9678db52dfb4df559bc851ff60f1257456102f59a3136e325c24029

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
9c4b8051d8654202964fde964fcf9308
x-cache
HIT, HIT
fastly-io-info
ifsz=1134 idim=350x74 ifmt=png ofsz=946 odim=350x74 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
946
x-served-by
cache-lcy19262-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
350eacec2f4843728c8a0903a404a784
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.697036,VS0,VE1
etag
"91A8ffUNQn9te82gs6iFvyuB8V+bAlFNNih2AfHyIYQ"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36a79135803869f257cae495ca43ee3d321aaaa2ea929856859444522d64cca8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qy8ai76EADWkthrnGtUy7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"ab30921c980527979f1cb8c5e858f5b2"
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Qy8ai76EADWkthrnGtUy7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires
Tue, 30 Nov 2021 13:31:04 GMT
Zeblaze_300x250_200921.gif
www.gizchina.com/wp-content/uploads/images/2020/09/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2020/09/Zeblaze_300x250_200921.gif
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
484318f15ab82282a3649e7315f3ec6a6b598b2f1a4a8df11fed509f964034aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
ac655cdc4f4c426eb18c05af9f0a2857
x-cache
HIT, HIT
fastly-io-info
ifsz=117845 idim=300x250 ifmt=gif ofsz=117845 odim=300x250 ofmt=gif ofrm=18
mrf-cache-status
HH
fastly-stats
io=1
content-length
117845
fastly-io-warning
Failed to shrink image
x-served-by
cache-lcy19251-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
67e84a3404044fd59811a98699ba2091
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.698379,VS0,VE1
etag
"Glz9k5EkfjQBuOruqJuNF5yK9Bwxpx8Ek/F1ru7if5w"
vary
Accept, User-Agent
content-type
image/gif
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
icons.css
www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
f6c2943c3d694a248a5efef936027470
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
66f5931fdc964bc4bc6688eb7c2359ea
content-length
8053
x-served-by
cache-lcy19228-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.671384,VS0,VE1
etag
W/"6171920c-848f"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
shortcodes.css
www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		45 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
4470469266374b23958562c05a31dc61
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
b441b91935654df8be2391f1b2d20ba4
content-length
7772
x-served-by
cache-lcy19231-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.671555,VS0,VE1
etag
W/"6171920c-b202"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
text/css
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
2, 1
resizer.js
www.gizchina.com/wp-content/plugins/marfeelpress/includes/base/src/resources/js/ 		681 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/plugins/marfeelpress/includes/base/src/resources/js/resizer.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
3aa2bdacab024930b834896ac8c322d1
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
3e18d0fe49ab46dca41b367693060ed0
content-length
305
x-served-by
cache-lcy19256-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.672055,VS0,VE1
etag
W/"6070642f-2a9"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
instant-search.js
www.gizchina.com/wp-content/themes/presso/inc/instant-search/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/inc/instant-search/instant-search.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c7fd32e5a1d69d2ca5fae484f455e3d490dbf2faa3459e6424e6e4f0bd0b3c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
a7587ac4b96546ad89bcb1587ed7fff5
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
d7a6c2987915416f98f3ad2cd7d90df2
content-length
1183
x-served-by
cache-lcy19283-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.672601,VS0,VE1
etag
W/"60881812-dff"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
comment-reply.js
www.gizchina.com/wp-includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/comment-reply.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6f8c51cc0e3f3115727406c16ca34ee4239314fcea51232e09c39411e3b0696

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
ac7f5dd10b424d53899fb8c5a7d6f082
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
56ea08bb872e46198552b40fec95e799
content-length
3703
x-served-by
cache-lcy19240-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.673010,VS0,VE1
etag
W/"602bc260-30a9"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.hoverIntent.js
www.gizchina.com/wp-content/themes/presso/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/jquery.hoverIntent.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f02ccdcb77a92a3a593afc1c7fa4f3cb5a3510b587c9fcbfebfe92ac056ccb93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
7598eca083bf422bad250822772433d9
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
e3df32556ffc4afd8837748ee768ff13
content-length
2363
x-served-by
cache-lcy19281-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.673712,VS0,VE1
etag
W/"60881809-1b09"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.fitvids.js
www.gizchina.com/wp-content/themes/presso/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/jquery.fitvids.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b9dcd703ec4de02c9fb966af531c0cd55e0931e440df7d29a6cb67e3d33afd3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
c9e4fb139a3f48ea8673af4f4c8babdf
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
c2a535cceafb4cddb4a5dc00c7d14e9b
content-length
1320
x-served-by
cache-lcy19280-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.674051,VS0,VE1
etag
W/"60881809-cbd"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
perfect-scrollbar.js
www.gizchina.com/wp-content/themes/presso/js/ 		46 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/perfect-scrollbar.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c116def1af10cabdeb912ed8bdf8776b105c34ddf15283790bda878e9a1ede15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
78c1d17a18714f2088f0c3f0d0cbeec3
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
2b8e214d59054c828dcd4a5bb215028a
content-length
9137
x-served-by
cache-lcy19272-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.679175,VS0,VE1
etag
W/"6088180a-b94d"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
imagesloaded.min.js
www.gizchina.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/imagesloaded.min.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
914df2903e97463faa795ee1b12b2c0e
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
035efb109d5c44e8bd1ed6e2115d3174
content-length
1834
x-served-by
cache-lcy19250-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.684513,VS0,VE1
etag
W/"5f7e3cda-15fd"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
isotope.pkgd.min.js
www.gizchina.com/wp-content/themes/presso/js/ 		88 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/isotope.pkgd.min.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cf4fe09874575590d6936d4a8c22f0917da3bbb3acc06074d1e1d0f5f2e8e535

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
4f06d77fd55848d58f15ee8a2ee6c07c
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
f60ecbb3774d448484f785ee0f964227
content-length
21152
x-served-by
cache-lcy19267-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.684577,VS0,VE1
etag
W/"60881809-15e41"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
packery-mode.pkgd.min.js
www.gizchina.com/wp-content/themes/presso/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/packery-mode.pkgd.min.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
60ef0ce4272c1ae361476cf56578930a5517b8d9d699e22dffc94524d7234b6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
8fd5a1c9c0ae481da21fcc2fb4e4f5fc
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
9820749416284eaab930ab99de4186be
content-length
4102
x-served-by
cache-lcy19244-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.684722,VS0,VE1
etag
W/"60881809-3532"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.easing.compatibility.js
www.gizchina.com/wp-content/themes/presso/js/ 		2 KB
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/jquery.easing.compatibility.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
13b3ba67f02741edd583856df023444c20ec717794831041ed331816fa057368

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
7957de3072c24f40a2f2862f8457aa5f
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
90d787f84fd94b42894d7a7f4c5f9eb9
content-length
392
x-served-by
cache-lcy19239-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.684823,VS0,VE1
etag
W/"60881809-6be"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.magnific-popup.js
www.gizchina.com/wp-content/themes/presso/js/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/jquery.magnific-popup.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
8e0d54616ec445c1bc6bccc035641fa9
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
dd2b02c200704f2789b66e58d170bf14
content-length
12487
x-served-by
cache-lcy19274-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.691223,VS0,VE1
etag
W/"60881809-a302"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
superfish.js
www.gizchina.com/wp-content/themes/presso/js/jquery-superfish/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/jquery-superfish/superfish.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
799b1bf04a44c00ccdc439ff8ab20162c6309323aab30bdc5b1244f96a72a9d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
2c5093e78bd94554b790ca29932fc715
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
f9dd439ac87546769ef7a332cc163207
content-length
2423
x-served-by
cache-lcy19254-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.691281,VS0,VE1
etag
W/"60881813-1d85"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
theia-sticky-sidebar.js
www.gizchina.com/wp-content/themes/presso/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/theia-sticky-sidebar.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
01e105efa6aa2dac21ed4c473d9e4a2d7a4fa9b75dfbf422492b811a90d23381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
58148384d93f41ce842a1c2d823f2b89
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
ef20742b6ac640dc82eecdbc48f2dd5c
content-length
3528
x-served-by
cache-lcy19227-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.691418,VS0,VE1
etag
W/"6088180a-3ca5"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.waypoints.js
www.gizchina.com/wp-content/themes/presso/js/waypoint/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/waypoint/jquery.waypoints.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c38f4320393c8ad8128e3ba8a1fe654f160ac1c8d627b676b115b79d4d52b4d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
f9accb7c1e474e70864adffd67e6c637
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
feb7f8933d694a00a782bb1529c7cc66
content-length
3620
x-served-by
cache-lcy19245-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.691430,VS0,VE1
etag
W/"60881814-448c"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
inview.js
www.gizchina.com/wp-content/themes/presso/js/waypoint/shortcuts/ 		3 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/waypoint/shortcuts/inview.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9599c95efe224dfa8ba677c01e7af503af8b52973cc07537de9c0960986343a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
2de75b9654cc409890e2db8011376b85
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
3aae273a34d64f3993ca0de4ee1a2a6c
content-length
843
x-served-by
cache-lcy19267-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.691495,VS0,VE1
etag
W/"6088182a-af4"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
sticky.js
www.gizchina.com/wp-content/themes/presso/js/waypoint/shortcuts/ 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/waypoint/shortcuts/sticky.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d95be89779c0d1bb2ba8668e593eb44b983eabd399aa4a8ea79a3ac74f5c54f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
2e3ab387784642399aba339d518b6ded
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
f28f25eef8d441409f1ef1dad67c1053
content-length
717
x-served-by
cache-lcy19241-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.691494,VS0,VE1
etag
W/"6088182b-76e"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
slick.js
www.gizchina.com/wp-content/themes/presso/js/slick/ 		82 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/slick/slick.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
93a1c42dd174444c84bac11203d63078
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
5cfd722ced5b402db3b9d49f481be831
content-length
14362
x-served-by
cache-lcy19273-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695558,VS0,VE1
etag
W/"60881814-14929"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
vegas.js
www.gizchina.com/wp-content/themes/presso/js/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/vegas.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
15d8821212405f6af4a07cc85b19583e6c69ecc979c97b5de1e6daaafc3da774

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
3627bd590dc049c38836ce96ca4e034e
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
d3e864ed55ab448c902e84f3ad959474
content-length
4626
x-served-by
cache-lcy19247-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695671,VS0,VE1
etag
W/"6088180a-5ce7"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
effect.js
www.gizchina.com/wp-includes/js/jquery/ui/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/jquery/ui/effect.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f83339669b71b39f378a9144fe136dc3c31fd8fd83716a4d6a3e7a10fca56e17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
25edf818cc4042b585fa3d2cc2d347ba
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
911b1f866d3f4411bca5e61aec84a222
content-length
12114
x-served-by
cache-lcy19234-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695668,VS0,VE1
etag
W/"602bc260-9f8e"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
main.js
www.gizchina.com/wp-content/themes/presso/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/main.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6fe98587c344b58d4b05b71072ce66696d47d6df4d7a270b5c33ea1cca38a704

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
ecbebcc5ed164a14861571bc1c1ec959
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
c0a1bdd9b7da4eddb01621eb93935aad
content-length
7759
x-served-by
cache-lcy19267-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695712,VS0,VE1
etag
W/"60881809-7fd9"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
effect-fade.js
www.gizchina.com/wp-includes/js/jquery/ui/ 		916 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/jquery/ui/effect-fade.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ea6de3955b61f208ffb604b48bd6e44ad721dbf5ea2fff7d3aea33065fedb313

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
6d3e689da2ef4197a6c4e646fff58fab
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
2d4909f5a2394918b7a41cb3175420e0
content-length
508
x-served-by
cache-lcy19255-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695789,VS0,VE1
etag
W/"602bc260-394"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
core.js
www.gizchina.com/wp-includes/js/jquery/ui/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/jquery/ui/core.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
623ca601a8b7099f7d04a0b64cefa9a589e27a282af0a092568b951478cbf6c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
00b2d2c2154e46b3b267330cb3fd22f5
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
05b8c6185684414c9b26d80baae70ccf
content-length
13130
x-served-by
cache-lcy19259-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695869,VS0,VE1
etag
W/"602bc260-bf3b"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
accordion.js
www.gizchina.com/wp-includes/js/jquery/ui/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/jquery/ui/accordion.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
db77415882b8f40473cb5448b644d93ec964c53b9b524a9b2a064236dceee710

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
8ef95a85961948058b698fc18717e64b
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
fe75d138c2e1462d9fee73956af54a97
content-length
4502
x-served-by
cache-lcy19233-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695879,VS0,VE1
etag
W/"602bc260-3df8"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
tabs.js
www.gizchina.com/wp-includes/js/jquery/ui/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/jquery/ui/tabs.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b62c0c89435530116f73b3c24d53feef2b9bbe42680f5825c945fbe783b4e73f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
31aa12b7741c4f56be9f801705311162
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
1fe609134e8f4e3381e0b5ef8fa986e3
content-length
6808
x-served-by
cache-lcy19281-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.695945,VS0,VE3
etag
W/"602bc260-5c00"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
shortcodes.js
www.gizchina.com/wp-content/themes/presso/js/ 		2 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/js/shortcodes.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
94afa4df49d3ad7a462ddfc6a29e86ce160f1ac82ba1e4dda0aecc3f1f944fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
5571e3608f734de68e2208bd16b4ddec
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
701944c7e23443e6965593b65d354e63
content-length
646
x-served-by
cache-lcy19255-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.696432,VS0,VE1
etag
W/"6088180a-76a"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
q2w3-fixed-widget.min.js
www.gizchina.com/wp-content/plugins/q2w3-fixed-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
fb5b6c96728243efb1b0430f33b416c9
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
c64aaeb09bdc4a21ae14247d8df393e4
content-length
1400
x-served-by
cache-lcy19251-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.696467,VS0,VE1
etag
W/"605b209d-1108"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
FgAQMqUpjRZM.js
www.gizchina.com/wp-content/uploads/images/UiBSSXcSfJrn/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/uploads/images/UiBSSXcSfJrn/FgAQMqUpjRZM.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1356f1f7c6d6697f17940cdd2d46c184734a4b552be3bc1323f690a64c840dc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
68d5a1d8ce684673970c2ab03e542401
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
97ff5aa4a6014e5f8823261b5d7b4162
content-length
6215
x-served-by
cache-lcy19230-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.696495,VS0,VE1
etag
W/"5e21a04a-6e89"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
wp-embed.js
www.gizchina.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/wp-embed.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
c0a4d861697b4daa825543261b66f810
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
4402e5e50db74d08acf1d55e73c6ba90
content-length
1267
x-served-by
cache-lcy19281-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.697212,VS0,VE1
etag
W/"5d9460c9-c8e"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1989
etag
W/"2d763adca2b6a93c45e5b76bff1f8c5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6b646f1a8914694b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 03 Dec 2021 13:31:04 GMT
e-202148.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202148.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 21 Nov 2022 07:46:06 GMT
main.d.js
bc.marfeelcache.com/www.gizchina.com/ 		13 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/www.gizchina.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
via
1.1 ab1abc326c36ea4cd78ce117e4c20e89.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
abf4b12c03964ea1bd6c85d9f18a1a90
x-amz-cf-pop
YUL62-C2
x-mrs-cache
REFRESHING
mrf-cache-status
R-SS
x-mrf-rendered
1636967461719
x-cache
Miss from cloudfront, HIT, HIT
x-b3-traceid-primal
00b7a2aecaaf42a4a11484fbab48aa5f
content-length
13
x-mshield-cache-status
REFRESHING
server
nginx
x-served-by
mshield-b-02, mshield-f-03, cache-chi21175-CHI, cache-cdg20776-CDG
x-mrf-type
UNKNOWN
x-mrs-age
0
x-timer
S1638279065.701958,VS0,VE1
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
j1bvqPUkj4pPIZzRsSBP8GYxvnYxF-QfRV6Gkren_yk0Z-p7S-ND1w==
x-cache-hits
1, 1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17866076-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6961
date
Tue, 30 Nov 2021 11:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 30 Nov 2021 13:35:03 GMT
twemoji.js
www.gizchina.com/wp-includes/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/twemoji.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f9fae20d30474c95bf8745df26cfa5c62803462a9ee57dd710c8266d7ece3f3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
5750d577dc3849aeb340213852d1949e
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
91aa9d584be145e2bc863ca7776be159
content-length
8145
x-served-by
cache-lcy19242-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.698375,VS0,VE1
etag
W/"613a660d-7cdc"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
wp-emoji.js
www.gizchina.com/wp-includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-includes/js/wp-emoji.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-b3-traceid
a1a60661dc0c449c81dae532550e97a1
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
dcb6ead529a545aa86fbb66588f484f9
content-length
3441
x-served-by
cache-lcy19265-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.698389,VS0,VE1
etag
W/"5ea895d5-231d"
vary
Accept-Encoding, Accept-Encoding, User-Agent
content-type
application/javascript
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
dms-Wz9n017qNF14oo1PlZqDwKtKeYr2oAKeb9ZsCd4vO3HTTowp8kJNW4ow_81H6Anphre7cGCqvUqL1xUAQ
scientificshirt.com/v2/0/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scientificshirt.com/v2/0/dms-Wz9n017qNF14oo1PlZqDwKtKeYr2oAKeb9ZsCd4vO3HTTowp8kJNW4ow_81H6Anphre7cGCqvUqL1xUAQ
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
da1ee31deb4e2fd3dd52ead3ef084e45f2656ad21155f2b3995c68a094010a45
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"0289c3b9cf71ac0255abfa8002f0b2167ad0b0539a7e0410207017d9aef7fd00"
vary
Accept-Encoding, Accept-Language
x-hostname
0586a9fb
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Tue, 30 Nov 2021 13:31:04 GMT
timing-allow-origin
*
center-center-default-stack-global-ot.json
cmp-cdn.cookielaw.org/consent/center-center-default-stack-global-ot/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/center-center-default-stack-global-ot/center-center-default-stack-global-ot.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1547cefa8b68df2e89e876bdfd0d31d5c11c649798420584eb7cfde121b6e4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
D9MAdmeO33zzxSbp4tYZ8g==
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:36:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
85e50e52-901e-002e-11ee-e586c1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6b646f1a58007022-FRA
loader.js
cdn.taboola.com/libtrc/gizchina/ 		264 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gizchina/loader.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
746ec13299d9a229760d2b32806884b66e476ecd0906fa4dac2b4d83bcebc361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
qaJ.R068kfQuYprzOt7mJKVbDcUC_7_Z
content-encoding
gzip
etag
"90637a219d99ca00cb0948fbaa275e16"
age
74
x-cache
HIT
content-length
26557
x-amz-id-2
knLMRuQMO/OjD1rGVbNlg0yHZIIVIfuMtmU5ArpxCdMs5SxVQ6QOcVqPEFGr2CPsoY0+3vDt80g=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 28 Nov 2021 10:38:28 GMT
server
AmazonS3
x-timer
S1638279065.755413,VS0,VE1
date
Tue, 30 Nov 2021 13:31:04 GMT
vary
Accept-Encoding
x-amz-request-id
Y8WNM3NT07GXE4DJ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
81
x-cache-hits
1
marfeel-sdk.js
sdk.mrf.io/statics/ 		53 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=152
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a435cad78cc3890a0058ed2dd9f1f1747754704cd6d9f42f7493dc3eea904a2f

Request headers

Referer
https://www.gizchina.com/
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
0a4846c9c5804a75a3c6e38291f7b200
x-amz-cf-pop
FRA60-P2
x-cache
RefreshHit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
d7539b2e51a54ad7aa0e715d64f11d26
content-length
54293
x-served-by
cache-hhn4024-HHN
last-modified
Fri, 26 Nov 2021 09:58:32 GMT
server
AmazonS3
x-timer
S1638279065.738746,VS0,VE0
etag
"7740815c9f2721bc59a485781cf831b6"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=2592000
accept-ranges
bytes
x-amz-cf-id
DZHILNlDenf5Rb97lzu9ZdohySSNkJCKqeiWZngBdaaFlZXJyK15jA==
x-cache-hits
3
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b443146852a4aa58dc7ed403f544597d76a7b8d3a5bf6ac5cf918d8271e52620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
eefggTjEAoz5jEdLTpBrBQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 30 Nov 2021 13:33:16 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
l/BFBBEsR6pg5Y+ibxPhfFeUOGB8LP6prMbKYrUrkK5KTL9SUtABrp0D/vrHUE+kfHo1TnsbJ9gvohmQSjPGGQ==
x-fb-trip-id
917726464
x-fb-content-md5
a838fb3cc4ff2b3e7c50872373af4be8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 30 Nov 2021 13:31:04 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"5c340c51e499b08b6489b0ab2cf11343"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
qkBbXvYC6trAT7RVLtw.woff2
fonts.gstatic.com/s/karla/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v15/qkBbXvYC6trAT7RVLtw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%2C700%2C400italic%2C700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:31:44 GMT
x-content-type-options
nosniff
age
345560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29268
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:11:53 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:31:44 GMT
entypo.woff
www.gizchina.com/wp-content/themes/presso/font-icons/entypo/font/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/font-icons/entypo/font/entypo.woff?77730494
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/wp-content/themes/presso/font-icons/entypo/css/entypo.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cabb4d55605822b0575523f66c25df2b5ded543dc6a2d186adbc8c5f55dcf102

Request headers

Referer
https://www.gizchina.com/wp-content/themes/presso/font-icons/entypo/css/entypo.css
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
69c49bcdce42458689f5aaf8c3f8b21e
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
073a0776b51148f0a6db718f36b70d6c
content-length
30676
x-served-by
cache-lcy19280-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.702545,VS0,VE1
etag
"60881825-77d4"
vary
User-Agent
content-type
application/font-woff
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
zocial.woff2
www.gizchina.com/wp-content/themes/presso/font-icons/social-icons/font/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/themes/presso/font-icons/social-icons/font/zocial.woff2?80218164
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/wp-content/themes/presso/font-icons/social-icons/css/zocial.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2d8609a6eb17fa4d0ee22902d38c43c1e760baa7cc9037e5026ad74109e18c29

Request headers

Referer
https://www.gizchina.com/wp-content/themes/presso/font-icons/social-icons/css/zocial.css
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
eb340214f41e4d31a2ae25375e3a74da
x-cache
HIT, HIT
mrf-cache-status
HH
x-b3-traceid-primal
7ae9fab84047428997c94a7b64c12591
content-length
25964
x-served-by
cache-lcy19270-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.702747,VS0,VE1
etag
"60881827-656c"
vary
User-Agent
content-type
application/octet-stream
cache-control
public, max-age=60, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
qkBVXvYC6trAT7RQHt6e4Q.woff2
fonts.gstatic.com/s/karla/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v15/qkBVXvYC6trAT7RQHt6e4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla%3A400%2C700%2C400italic%2C700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd613c417eee02c7fd4be829859eb33fb2f1d15e4b4821578a37a798fa29a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:13:36 GMT
x-content-type-options
nosniff
age
69448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29956
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:09:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 29 Nov 2022 18:13:36 GMT
Redmi-Note-11-Pro-series-c-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/10/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/10/Redmi-Note-11-Pro-series-c-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
eea465f024dbab811ab02d321761d4063d8dadabd3d3a100fa586af733fad783

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
879c63dd399149ee81701a9ecac1af2c
x-cache
HIT, HIT
fastly-io-info
ifsz=8683 idim=335x186 ifmt=jpeg ofsz=6502 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
6502
x-served-by
cache-lcy19221-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
94fbd03dbffb4a3e86dcaddf89ec9e49
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.772982,VS0,VE1
etag
"Kkxrdb9c4F12hZs0R+z4skav8hpjCiO2VQp3HiR2I+g"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
7750d0f81b27f00091d129974aa225e6
secure.gravatar.com/avatar/ 		849 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/7750d0f81b27f00091d129974aa225e6?s=16&d=mm&r=g
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
93cef0e1248d7c800ed03050eeadc1a6037da64a18ad5477f326dd9ba436ccb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 30 Nov 2021 13:31:04 GMT
last-modified
Fri, 25 Jun 2021 08:51:14 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="7750d0f81b27f00091d129974aa225e6.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/7750d0f81b27f00091d129974aa225e6?s=16&d=mm&r=g>; rel="canonical"
content-length
849
expires
Tue, 30 Nov 2021 13:36:04 GMT
Oppo-Reno-7-Pro-retail-box-and-phone-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/10/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/10/Oppo-Reno-7-Pro-retail-box-and-phone-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
021039d4ba1474200d8a10c2f8838b18e9d0b9bdb25f6f79d461c43abf30be7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
e644183b2fad4634bb75eb63ce0b0e84
x-cache
HIT, HIT
fastly-io-info
ifsz=9611 idim=335x186 ifmt=jpeg ofsz=7468 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
7468
x-served-by
cache-lcy19255-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
9949ee3a8ad344c2821400bd65ce8f5e
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.773104,VS0,VE1
etag
"ep2HwRGHvE+jQ/0DaGnAaEXoP+5cMaSxLbjbPnYyukU"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
Samsung-35W-Power-Adapter-Duo-India-launch-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/Samsung-35W-Power-Adapter-Duo-India-launch-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e58127d16f0b46f548fb17330c3856ba5d3c09e30b1faa980e9ffd0189020de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
cc3367da220e46049a28a842d3793662
x-cache
HIT, HIT
fastly-io-info
ifsz=4074 idim=335x186 ifmt=jpeg ofsz=2194 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
2194
x-served-by
cache-lcy19242-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
b2899de8a077436fbff50c47ce026c8e
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.774576,VS0,VE1
etag
"nJPbyCbSXyJMUp5vqc1FhCf33w/5YBnR0EMhqNLHdw0"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
Tecnowewsds-2-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/Tecnowewsds-2-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0e48a60f342db3139bed193af47d251444a56980ba175e9c48d9f60bb8a06cec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
e57614c6e41c4ac593544368beeb45bb
x-cache
HIT, HIT
fastly-io-info
ifsz=2649 idim=335x186 ifmt=jpeg ofsz=1192 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
1192
x-served-by
cache-lcy19221-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
e2394d20715344bdbcb53d6b1c177cac
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.774835,VS0,VE1
etag
"tKodL8ItngwBx0wLM0fugPJzynZSEyWkUdBbmR0TCgs"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
b19916662bc62f240fb31556c188671d
secure.gravatar.com/avatar/ 		908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/b19916662bc62f240fb31556c188671d?s=16&d=mm&r=g
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7600c48b565c291556159b86e35dd640a64991bd1705e61cf0c3a0e61a8a4a4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 30 Nov 2021 13:31:04 GMT
last-modified
Sun, 16 Jun 2019 16:39:32 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="b19916662bc62f240fb31556c188671d.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/b19916662bc62f240fb31556c188671d?s=16&d=mm&r=g>; rel="canonical"
content-length
908
expires
Tue, 30 Nov 2021 13:36:04 GMT
IMG_9807-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/IMG_9807-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5172abfdcf4721806a417305fb2d9e56c48b0c2d431fc0e1d223c4584bce3d87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
06324ac93df94233a8e9a49e0338003a
x-cache
HIT, HIT
fastly-io-info
ifsz=9400 idim=335x186 ifmt=jpeg ofsz=7084 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
7084
x-served-by
cache-lcy19235-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
91a15600fd6b452a9a8611f64960c55a
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.776912,VS0,VE1
etag
"uoYRKLFNFF+U2T0MMJekAYj1Jsv3NxbL0QtswB4tnYM"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
da1f6dbd16c40922d2194091f850f124
secure.gravatar.com/avatar/ 		886 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/da1f6dbd16c40922d2194091f850f124?s=16&d=mm&r=g
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5e48f9f011448129d994fba263d4cba30591af29f6614249f1c5641a2dde076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 30 Nov 2021 13:31:04 GMT
last-modified
Sun, 15 Oct 2017 10:07:53 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="da1f6dbd16c40922d2194091f850f124.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/da1f6dbd16c40922d2194091f850f124?s=16&d=mm&r=g>; rel="canonical"
content-length
886
expires
Tue, 30 Nov 2021 13:36:04 GMT
RealMe-GT-Master-Edition-Review-335x186.jpeg
www.gizchina.com/wp-content/uploads/images/2021/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/09/RealMe-GT-Master-Edition-Review-335x186.jpeg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aaaa4a38960b9ae9bb0514d83563c4527766fd0946c3908b5d12f381f3e9ea08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
65d4a8f480db4542a3f3d876e2954501
x-cache
HIT, HIT
fastly-io-info
ifsz=5811 idim=335x186 ifmt=jpeg ofsz=4030 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
4030
x-served-by
cache-lcy19263-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
772b6fea439941c6a6b7147539f91e3c
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.776984,VS0,VE1
etag
"0OJK84tHzEyXWaUfFnJQ9YSxnXfs7guSCCpFEUJBJUM"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
ILIFE-A10-2-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/08/ILIFE-A10-2-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2573477a01b856b7bd318a2e9534d30d7d2c28b9a6dbfbdf5a19f419495928e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
d621d230581349c39c75dc3b3e932bf1
x-cache
HIT, HIT
fastly-io-info
ifsz=5232 idim=335x186 ifmt=jpeg ofsz=3460 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
3460
x-served-by
cache-lcy19246-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
06c8c07440ab4371a7e52bee3f434ffa
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.779161,VS0,VE1
etag
"qV7Yt+dMFavCyV9GlfPLEMAhf+hQSGfY3vUBfGjKkEs"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
6a9cacf5ed4ac9dc1008101be4857fbf
secure.gravatar.com/avatar/ 		870 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/6a9cacf5ed4ac9dc1008101be4857fbf?s=16&d=mm&r=g
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5d4e691effd471a4ffdd5d94819c0626adf9e0a785a9f710a1326d588be04c97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 30 Nov 2021 13:31:04 GMT
last-modified
Wed, 22 Jan 2020 22:02:35 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="6a9cacf5ed4ac9dc1008101be4857fbf.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/6a9cacf5ed4ac9dc1008101be4857fbf?s=16&d=mm&r=g>; rel="canonical"
content-length
870
expires
Tue, 30 Nov 2021 13:36:04 GMT
IMG_5848-335x186.jpeg
www.gizchina.com/wp-content/uploads/images/2021/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/06/IMG_5848-335x186.jpeg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
04d5b53649b6e6acc0cb59452076895b8ed5cb1d8b3928c5797e4ff4fea15bc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
c733b4b6d7204e3088296da22af28a0d
x-cache
HIT, HIT
fastly-io-info
ifsz=9565 idim=335x186 ifmt=jpeg ofsz=6832 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
6832
x-served-by
cache-lcy19270-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
25fede8d35db49e78064af80279af1eb
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.780085,VS0,VE1
etag
"JaJkVzoafW3Q/65O17PsFxlZ8ajxQZ6Yq9WpKvD5cs4"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
2, 1
1-19-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/1-19-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1a6874445cbb26aa3b0de94f865ac0ea010418da170c950a1357b99cc43f80f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
47f88d2281a444fabf0452ce9c0c6e24
x-cache
HIT, HIT
fastly-io-info
ifsz=11106 idim=335x186 ifmt=jpeg ofsz=9084 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
9084
x-served-by
cache-lcy19248-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
fdb5eabd4572420d8e3fd8e8c92af48d
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.780206,VS0,VE1
etag
"sH1nzzVNzRat7vWFalynHvlM6il/yXdbNLYaxFIoFoA"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
images-150x150-1.jpg
www.gizchina.com/wp-content/uploads/images/2020/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2020/01/images-150x150-1.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1c14db6bcbfae11da6e16a6de6e7547d7986b588a10620e994c51f814bf2e2eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
aa3e0221faea428ead9b1f9c8efb612c
x-cache
HIT, HIT
fastly-io-info
ifsz=3710 idim=150x150 ifmt=jpeg ofsz=2722 odim=150x150 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
2722
x-served-by
cache-lcy19239-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
3eb5bd8578cc4216944a397152703dec
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.780247,VS0,VE1
etag
"I8YSvwiInUt6z6+36UJ74FOFepXU3PJw7f0PpK8g9As"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
Apple-Watch-Series-7-3-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/10/Apple-Watch-Series-7-3-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7bd4321b50cefdcd322744a7d1e0dafa3364a3811b329fbc2520fd08b4f854ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
3bf629fa56874773817c14da150ac559
x-cache
HIT, HIT
fastly-io-info
ifsz=7701 idim=335x186 ifmt=jpeg ofsz=4920 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
4920
x-served-by
cache-lcy19223-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
cf4daab335874d9a85fd31d94ae02864
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.780648,VS0,VE1
etag
"pSkbcsOZY8jH3iXyXdpO6PbmjdX8zDiC6YrkSZ4vL90"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
367c9f8e9bf33be898a8ab7edc67a086
secure.gravatar.com/avatar/ 		777 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/367c9f8e9bf33be898a8ab7edc67a086?s=16&d=mm&r=g
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2469b206eb6327f670227ca16daa71bc42e38f1988134f52cfdcd0fe90e44940

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 30 Nov 2021 13:31:04 GMT
last-modified
Fri, 01 Oct 2021 15:45:35 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="367c9f8e9bf33be898a8ab7edc67a086.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/367c9f8e9bf33be898a8ab7edc67a086?s=16&d=mm&r=g>; rel="canonical"
content-length
777
expires
Tue, 30 Nov 2021 13:36:04 GMT
Beats-Flex-Fragment-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/Beats-Flex-Fragment-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0f2608602bd21f482959571f0eecdd73ef0c9858bbaa8961f2c09eba945556b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
16dc799e8d024316808097f4380c279b
x-cache
HIT, HIT
fastly-io-info
ifsz=6017 idim=335x186 ifmt=jpeg ofsz=3888 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
3888
x-served-by
cache-lcy19273-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
2f2da005205b4e51b5e1c77a773bdbbc
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.780710,VS0,VE1
etag
"ac3UAUPDgoy64rp4ZV1J7zwOvDxg/OccdMoD4qa5F0M"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
Untitled-Design-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/Untitled-Design-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bb2027beb637fccac53fb75021ed4a489e08b5a359781da0953c6343a58433be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
03b3368bd1014721a50fa79bf1cd8717
x-cache
HIT, HIT
fastly-io-info
ifsz=11887 idim=335x186 ifmt=jpeg ofsz=9538 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
9538
x-served-by
cache-lcy19273-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
0b74b6375de840e690cfd9dece0b7f88
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.780797,VS0,VE1
etag
"GriErbl7l87PJriwrfibbxAiabGVr5rWAB1Jx5JPlwU"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
reliance_jio-1024x683-1-335x186.jpeg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/reliance_jio-1024x683-1-335x186.jpeg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4374d4642fed5037436ad942ee7019d2ff815d73129f30a2569d030e6717eb63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
52e11dff23b3433ba2cdba61d77e16a5
x-cache
HIT, HIT
fastly-io-info
ifsz=2621 idim=335x186 ifmt=jpeg ofsz=1158 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
1158
x-served-by
cache-lcy19242-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
bde3a4a325674e3da07d5575557d5058
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.781905,VS0,VE1
etag
"RaXHxcCCGwQtkGIVynMLhLam/oFoMqO+znAH2bUJZiE"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
RT1-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/RT1-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
989a885eb66574596678654731515e58808d282c1766cdc99e6efa05bc140046

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
12a9ef47948849348ad4177cef2491cb
x-cache
HIT, HIT
fastly-io-info
ifsz=10754 idim=335x186 ifmt=jpeg ofsz=8658 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
8658
x-served-by
cache-lcy19250-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
4092b2b8bc5246508478de38bcb51304
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.782015,VS0,VE1
etag
"7XjlfnLioLu0aNo2WlsQxeCXVxb1qdsyf6mzEtrc5zc"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
01-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/01-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c3519194b4a6e634dedc973e01e71aad4b07d52325856c92cc452bf27603575b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
90ed8f0dadca4f63a6b25886ba7a5215
x-cache
HIT, HIT
fastly-io-info
ifsz=6269 idim=335x186 ifmt=jpeg ofsz=3088 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
3088
x-served-by
cache-lcy19238-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
d9644653ae4f4686860fab4707f9752e
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.782056,VS0,VE1
etag
"W9LA5Y/Zu0fYSH1iGNJBYZzDNpVPkYKDcyCc9tT2Y90"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
0bf922876a-335x186.jpg
www.gizchina.com/wp-content/uploads/images/2021/11/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/11/0bf922876a-335x186.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
266b854cac29edb2a5c17ffcab93709dbb2923f59999d4627b4d551363185ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
ddaf49211d6a4c58b1506510964d3b0e
x-cache
HIT, HIT
fastly-io-info
ifsz=7527 idim=335x186 ifmt=jpeg ofsz=4538 odim=335x186 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
4538
x-served-by
cache-lcy19255-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
5042a2b67d0e407abb7ff653037a54cd
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.782104,VS0,VE1
etag
"T61CtnPqXVRpVZWGtJK5GWBOuKkVoFN6B0Ctr5pLCcg"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
6a9cacf5ed4ac9dc1008101be4857fbf
secure.gravatar.com/avatar/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/6a9cacf5ed4ac9dc1008101be4857fbf?s=24&d=mm&r=g
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e6838c8c1c62a12e86fe845dfb54a612d3efe7381e00053662285b7078c13c67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 30 Nov 2021 13:31:04 GMT
last-modified
Wed, 22 Jan 2020 22:02:35 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="6a9cacf5ed4ac9dc1008101be4857fbf.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/6a9cacf5ed4ac9dc1008101be4857fbf?s=24&d=mm&r=g>; rel="canonical"
content-length
1108
expires
Tue, 30 Nov 2021 13:36:04 GMT
Windows-11-3.jpg
www.gizchina.com/wp-content/uploads/images/2021/08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2021/08/Windows-11-3.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c7b6afa6f7216f28eda41fb118eb5d3b8fd0ef193fcac1f7ae5654bfc386f5c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
x-b3-traceid
a0c29204243249c8ab4c74faa150a161
x-cache
HIT, HIT
fastly-io-info
ifsz=27010 idim=1200x800 ifmt=jpeg ofsz=12692 odim=1200x800 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
12692
x-served-by
cache-lcy19222-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
12013ad4686545c08fcca9b87a99e777
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.782381,VS0,VE1
etag
"TqguHbhSX6G4LIdq0lOYY1SmoOXI+e9mrSdu/NT9nh0"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		193 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b646f1b7e250f76-MXP
648758294
player.vimeo.com/video/ Frame F3C5 		15 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

Connection
keep-alive
Content-Length
10443
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Tue, 30 Nov 2021 13:35:09 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-b-8
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Tue, 30 Nov 2021 13:31:05 GMT
Age
0
X-Served-By
cache-hhn4025-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1638279065.887741,VS0,VE115
Vary
Accept-Encoding
X-Player-Backend
p
liveView.php
live.primis.tech/live/ Frame A469 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
47e3042ff40be895b71778d58590971b6bc7f64a6253fea0808b6b89a7118073

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
6a9cacf5ed4ac9dc1008101be4857fbf
secure.gravatar.com/avatar/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/6a9cacf5ed4ac9dc1008101be4857fbf?s=150&d=mm&r=g
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e6c94177e9f78da63e58da058654aa86f7b36fe7cd7225069a817255db50a74e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 30 Nov 2021 13:31:04 GMT
last-modified
Wed, 22 Jan 2020 22:02:35 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="6a9cacf5ed4ac9dc1008101be4857fbf.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/6a9cacf5ed4ac9dc1008101be4857fbf?s=150&d=mm&r=g>; rel="canonical"
content-length
12690
expires
Tue, 30 Nov 2021 13:36:04 GMT
collect
www.google-analytics.com/j/ 		2 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=567074249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&ul=en-us&de=UTF-8&dt=A%20new%20vulnerability%20in%20Windows%20makes%20it%20easy%20to%20get%20admin%20rights&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=497975996&gjid=456569934&cid=791184729.1638279065&tid=UA-17866076-1&_gid=1785727065.1638279065&_r=1&gtm=2ouba1&z=149502199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=68b6305671e94bc77739ba8497b93d1a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2e035d82cf61783e88da9e923ebfe74cfdeb3a7b04b8aab7026ad8176452d2b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.gizchina.com/
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
zU5fYjPTy60ccB6XbGVKWw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 30 Nov 2022 12:32:38 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82874
x-fb-rlafr
0
x-fb-debug
bNqHOq8FAVwglqlPRyy8fo7LCccVjb7dOvhUEBYO0yN7ilvmhJ5FbwoqRZJHUF9gAf+IppJZYQxhp2biTEsS/g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
2e1befd17dd86bab8d489c36edd066db
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 13:31:04 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"547a96f2c6cd54a2be7d225ad4856f40"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Nov 2021 13:31:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		256 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gizchina.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8922f1669f2fd4d415ab645524784e268d1e65383e4ce76530655469e180d297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140
x-xss-protection
0
expires
Tue, 30 Nov 2021 13:31:04 GMT
impl.20211128-3-RELEASE.js
cdn.taboola.com/libtrc/ 		612 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gizchina/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
69e18acf4210e512378ef9ce202aa504c46cf34e1abc492bf676b86a04edd00d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
P.nXZjlFTs_U2jwD6fK3jkKBPgfYRXnH
content-encoding
br
etag
"be487557bb3abb211a88a34cd405ee8f"
age
12911
x-cache
HIT
content-length
128142
x-amz-id-2
E+9LANOUVzcIor/npbFcUOOOivoUVRRn7X+1Hh1T3F1SX4F4h3TF/Y3VG5bMABmKiJcJjv21Lsg=
x-served-by
cache-hhn4022-HHN
last-modified
Sun, 28 Nov 2021 09:51:21 GMT
server
AmazonS3-br
x-timer
S1638279065.980642,VS0,VE0
date
Tue, 30 Nov 2021 13:31:04 GMT
vary
Accept-Encoding
x-amz-request-id
CJQMN1WZ40WKDB0A
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
74
x-cache-hits
13503
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gizchina/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 03:27:42 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
116860
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YQgfB9CXSX3Vt4g-PH_XjvJZenlfMKA71tjLKKv2DLEOTG7oUHf3wg==
events
direct-events-collector.spot.im/api/v2/ 		0
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-106.fra50.r.cloudfront.net
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA50-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
x-amz-cf-id
zXvioBZm40RIghK7ulR5Dz4xmcYwd43BE2cX8cGAcYOS3HtKaer_XQ==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 21:13:04 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
58812
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
90f_aSFdjq3PoytSxada8EekRUSAkWZznkFH5YkChewogaWws4sZVw==
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_RpYbjIoo/ 		28 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_RpYbjIoo/v2?platform=Desktop
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3800:1d:6a6f:6d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
fasthttp /
Resource Hash
b73391d004f750d7175cd8f49575121e9a1588d1b5a31a8a0437cd2e6b4c7754

Request headers

x-guid
null
x-post-id
356189
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8
x-spot-id
sp_RpYbjIoo
x-spotim-page-view-id
a41727c2-8953-4079-8053-806e9d454c31
Referer
https://www.gizchina.com/
x-access-token
null

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-request-id
c4c3f9f6-51e1-11ec-85d4-feedac476424
access-control-allow-origin
https://www.gizchina.com
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
access-control-expose-headers
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
1v-x9JBvyKYgJqI4ja5-nrtFdQ7D7iXAD_CUxJ-vnvrEGvAneXpfcA==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-7.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 21:13:04 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
age
58812
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
ToZQxtfcae2vnlq-_5c7rfHChsKb4KDmmwGlaaQyIa95fhkLbTWPfw==
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_RpYbjIoo/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_RpYbjIoo/v2?platform=Desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3800:1d:6a6f:6d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Tue, 30 Nov 2021 13:31:05 GMT
server
fasthttp
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-expose-headers
access-control-max-age
86400
x-cache
Miss from cloudfront
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MdyckvpamHjT5XZ1DdlSQ6SsVkuWZuIsGuTSHxm3SIk2Mp6N3_Ftvg==
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (mil/6CE9)
Age
784
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9806463567435883&plah=www.gizchina.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b3675ecb29180b5a8350ffee58a535435c9103188b9607d96b4f6a03a872a9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99573
x-xss-protection
0
server
cafe
etag
477867772697803248
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 Nov 2021 13:31:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 000F 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 30 Nov 2021 09:43:00 GMT
expires
Tue, 14 Dec 2021 09:43:00 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
13685
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ingest.php
events.newsroom.bi/ 		0
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=152
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.96.92.40.188.clients.your-server.de
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarygsb4HpcvJeCRwMcA

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
https://www.gizchina.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
active
flowcards.mrf.io/json/ 		16 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=152&page_technology=0
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
x-b3-traceid
bd5bf53f404c46ed92b3d46fa93d0dcf
x-cache
HIT
mrf-cache-status
H
x-envoy-upstream-service-time
7
x-b3-traceid-primal
40030b0a9a8c44e5a2e9787ed80e4ae9
content-length
42
x-served-by
cache-hhn4024-HHN
server
istio-envoy
x-timer
S1638279065.096869,VS0,VE0
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
content-type
application/json; charset=utf-8
x-cache-hits
2
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17866076-1&cid=791184729.1638279065&jid=497975996&gjid=456569934&_gid=1785727065.1638279065&_u=YEBAAUAAAAAAAC~&z=1756274652
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 30 Nov 2021 13:31:05 GMT
content-type
text/plain
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
GizChina_Loga_NEW_FINAL.png
www.gizchina.com/wp-content/uploads/images/2018/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2018/04/GizChina_Loga_NEW_FINAL.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e421bba6844dc10965555b23d9dffb4064b7c85d4172ed8efefbf609dd401877

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
x-b3-traceid
19188b8424cb403db946e7dc35b561eb
x-cache
HIT, HIT
fastly-io-info
ifsz=6470 idim=394x99 ifmt=png ofsz=2952 odim=394x99 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
2952
x-served-by
cache-lcy19236-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
e04e6696d898493f8f1b869661937dd1
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.123212,VS0,VE1
etag
"zgH18Mpdjd0EtmUbzEP1uAntJAPJtjRSY3j8v7xVzOk"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
pixel
pix.spot.im/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiJhNDE3MjdjMi04OTUzLTQwNzktODA1My04MDZlOWQ0NTRjMzEiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cuZ2l6Y2hpbmEuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cuZ2l6Y2hpbmEuY29tLzIwMjEvMTEvMjQvYS1uZXctdnVsbmVyYWJpbGl0eS1pbi13aW5kb3dzLW1ha2VzLWl0LWVhc3ktdG8tZ2V0LWFkbWluLXJpZ2h0cy8iLCJsYW5nIjoiZW4tVVMiLCJzb3VyY2VfdmVyc2lvbiI6IiIsInRpbWVfZGVsdGEiOjY4NSwidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF9ScFliaklvbyIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV9pZCI6InN0YXJ0IiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsInNlZ21lbnQiOnsiaWQiOiJvcGVud2ViX2xhdW5jaGVyOmNyaXRpY2FsX2Zsb3dfc3RhcnRfbWFya19rd201MjB4cS5tenEifX0%3D&rnd=0.022272248454298316
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-106.fra50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Tue, 30 Nov 2021 13:31:05 GMT
server
fasthttp
access-control-allow-origin
https://www.gizchina.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
x-cache
Miss from cloudfront
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-QddR0WDJ9cfI-BpprsIcqOsAQknonwT2V27s1YxdBwYtOeiFrp1HQ==
pixel
pix.spot.im/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiJhNDE3MjdjMi04OTUzLTQwNzktODA1My04MDZlOWQ0NTRjMzEiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cuZ2l6Y2hpbmEuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cuZ2l6Y2hpbmEuY29tLzIwMjEvMTEvMjQvYS1uZXctdnVsbmVyYWJpbGl0eS1pbi13aW5kb3dzLW1ha2VzLWl0LWVhc3ktdG8tZ2V0LWFkbWluLXJpZ2h0cy8iLCJsYW5nIjoiZW4tVVMiLCJzb3VyY2VfdmVyc2lvbiI6IiIsInRpbWVfZGVsdGEiOjY5MCwidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF9ScFliaklvbyIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsIml0ZW1faWQiOiJlbmQiLCJzZWdtZW50Ijp7ImR1cmF0aW9uIjoxNi42MDAwMDAzODE0Njk3MjcsImlkIjoib3BlbndlYl9sYXVuY2hlcjpjcml0aWNhbF9mbG93X3N0YXJ0X21hcmtfa3dtNTIweHEubXpxIn19&rnd=0.8210228659483494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-106.fra50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Tue, 30 Nov 2021 13:31:05 GMT
server
fasthttp
access-control-allow-origin
https://www.gizchina.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
x-cache
Miss from cloudfront
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
IZoZ-ap9UdrNPDwPk51jhN6dGezxPClWPSOProeCR3r3wXhv-fg9Bg==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2.1&blog=37985201&post=356189&tz=-4&srv=www.gizchina.com&host=www.gizchina.com&ref=&fcp=273&rand=0.2560544278484047
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 30 Nov 2021 13:31:05 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
pixel
pix.spot.im/api/v1/ 		16 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiJhNDE3MjdjMi04OTUzLTQwNzktODA1My04MDZlOWQ0NTRjMzEiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cuZ2l6Y2hpbmEuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cuZ2l6Y2hpbmEuY29tLzIwMjEvMTEvMjQvYS1uZXctdnVsbmVyYWJpbGl0eS1pbi13aW5kb3dzLW1ha2VzLWl0LWVhc3ktdG8tZ2V0LWFkbWluLXJpZ2h0cy8iLCJsYW5nIjoiZW4tVVMiLCJzb3VyY2VfdmVyc2lvbiI6IiIsInRpbWVfZGVsdGEiOjY4NSwidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF9ScFliaklvbyIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV9pZCI6InN0YXJ0IiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsInNlZ21lbnQiOnsiaWQiOiJvcGVud2ViX2xhdW5jaGVyOmNyaXRpY2FsX2Zsb3dfc3RhcnRfbWFya19rd201MjB4cS5tenEifX0%3D&rnd=0.022272248454298316
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-11.fra50.r.cloudfront.net
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://www.gizchina.com/
x-spotim-device-uuid
undefined
x-spotim-page-view-id
a41727c2-8953-4079-8053-806e9d454c31
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA50-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
x-amz-cf-id
3B2DONLDYZoleQuJSkd9-0L6Em3Zu2gfI44_oV5pzYhIBCS9upGWdw==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
910 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3800:1d:6a6f:6d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
fasthttp /
Resource Hash
e771b76367a46dfa82ad0b70caf873310f6e4a534befecf83ccc7369766a2d67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-spotim-device-uuid
7c29ceed-9a38-4295-9540-e2a5575477b1
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
36
x-guid
7c29ceed-9a38-4295-9540-e2a5575477b1
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.gizchina.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
BeFCfKeqzZLXYyzq4bobG4Qli3XLtVwRD3OJIxIs-Yt5YwhSrF-Qdw==
metric
metrics-logger.spot.im/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metrics-logger.spot.im/metric
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.8.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-8-41.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gizchina.com
date
Tue, 30 Nov 2021 13:31:05 GMT
content-length
0
pixel
pix.spot.im/api/v1/ 		16 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixel?m=eyJwYWdlX3ZpZXdfaWQiOiJhNDE3MjdjMi04OTUzLTQwNzktODA1My04MDZlOWQ0NTRjMzEiLCJyZWZlcnJlciI6IiIsInVzZXJfaWQiOiIwIiwiZHVyYXRpb24iOjAsInYiOjEwLCJkb21haW4iOiJ3d3cuZ2l6Y2hpbmEuY29tIiwidXJsIjoiaHR0cHM6Ly93d3cuZ2l6Y2hpbmEuY29tLzIwMjEvMTEvMjQvYS1uZXctdnVsbmVyYWJpbGl0eS1pbi13aW5kb3dzLW1ha2VzLWl0LWVhc3ktdG8tZ2V0LWFkbWluLXJpZ2h0cy8iLCJsYW5nIjoiZW4tVVMiLCJzb3VyY2VfdmVyc2lvbiI6IiIsInRpbWVfZGVsdGEiOjY5MCwidGVzdF9maWVsZCI6IiIsInNwbGl0X25hbWUiOiIiLCJwdWJsaXNoZXJfY3VzdG9tX2RhdGEiOiJ7fSIsInNwb3RfaWQiOiJzcF9ScFliaklvbyIsInNvdXJjZSI6ImxhdW5jaGVyIiwidHlwZSI6InBlcmZvcm1hbmNlIiwiaXRlbV90eXBlIjoiY3JpdGljYWxfZmxvdyIsIml0ZW1faWQiOiJlbmQiLCJzZWdtZW50Ijp7ImR1cmF0aW9uIjoxNi42MDAwMDAzODE0Njk3MjcsImlkIjoib3BlbndlYl9sYXVuY2hlcjpjcml0aWNhbF9mbG93X3N0YXJ0X21hcmtfa3dtNTIweHEubXpxIn19&rnd=0.8210228659483494
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-11.fra50.r.cloudfront.net
Software
fasthttp /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://www.gizchina.com/
x-spotim-device-uuid
undefined
x-spotim-page-view-id
a41727c2-8953-4079-8053-806e9d454c31
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
FRA50-C1
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
16
x-amz-cf-id
eiCPu51jVwxUWoU8CyAcv1HwBMfTTzGsW-2ls4kNTDr6ltqe51BkFQ==
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de801d89e6f71bf92faa287b9d67520105e6188e703bf3d060223ec2072a95ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 18:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43581
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 15:20:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 18:01:38 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29af0c8109de86bcf0f69ab6f293c71bff84e52c48bdc4193e2e9583f291f726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 14:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41540
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 15:20:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 14:25:22 GMT
subscribe_embed
www.youtube.com/ Frame 4E0E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&layout=full&count=hidden&origin=https%3A%2F%2Fwww.gizchina.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44c8ecb7c8f687d002280c1ffcc78b678de97f97a22fa3ae5ee31e1fc0f8dc06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 30 Nov 2021 13:31:05 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
forkawesome-webfont.woff2
www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/fonts/fork-awesome/forkawesome-webfont.woff2?v=1.0.11
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c

Request headers

Referer
https://www.gizchina.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
x-b3-traceid
3494d390ba7e412aa43a32e95b965da8
x-cache
HIT, HIT
mrf-cache-status
SH
x-b3-traceid-primal
a608f924469545f5b7ca9e932b140c0a
content-length
90420
x-served-by
cache-lcy19237-LCY, cache-hhn4041-HHN
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279065.201856,VS0,VE1
etag
"6171920c-16134"
vary
User-Agent
content-type
application/octet-stream
cache-control
public, max-age=60, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1973
etag
W/"bac537a7eba0b66473f70a7a4bf837c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6b646f1dee7d374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 03 Dec 2021 13:31:05 GMT
648758294
player.vimeo.com/video/ Frame 788C 		16 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2fc84096e99b2d970983e4c1ff6d1641ad4e247099df7d55467cdac571252b4c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

Connection
keep-alive
Content-Length
11415
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Tue, 30 Nov 2021 13:35:09 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-b-8
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Tue, 30 Nov 2021 13:31:05 GMT
Age
0
X-Served-By
cache-hhn4025-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1638279065.258176,VS0,VE116
Vary
Accept-Encoding
X-Player-Backend
p
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame A469 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 30 Nov 2022 13:31:05 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame A469 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 30 Nov 2022 13:31:05 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame A469 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 30 Nov 2022 13:31:04 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame A469 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 30 Nov 2022 13:31:04 GMT
prebidVid.5.18.0_6.min.js
live.primis.tech/content/prebid/ Frame A469 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:28:42 GMT
server
nginx
etag
W/"619b8cfa-7892b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Wed, 30 Nov 2022 13:31:05 GMT
liveVideo.php
live.primis.tech/live/ Frame A469 		618 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=98481&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed116exqortjyv&vp_template=5271&subId=[SUBID_ENCODED]&cbuster=1638279064&pubUrlAuto=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
946030cbe18f547f59378246b255c0e8e4e0d861afa0b02e374c5627643e7869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
otBannerSdk.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 		366 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2hymstrqSFu7c4C3tsoodg==
age
5479
cf-polished
origSize=374787
last-modified
Fri, 05 Feb 2021 17:39:17 GMT
vary
Accept-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
971db14a-101e-001f-2a89-7f67d2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6b646f1e5e96d6bd-FRA
expires
Tue, 30 Nov 2021 17:31:05 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
age
10012591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
NP0ozHxLqufERd1IMz6hWt_JKe3TsnK_fIea67_lfTTp_Ce9P8mveA==
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame E9AF 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.gizchina.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEC) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
939164
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Nov 2021 13:31:05 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CEC)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1638279065454&ns_c=UTF-8&cv=3.5&c8=A%20new%20vulnerability%20in%20Windows%20makes%20it%20easy%20to%20get%20admin%20rights&c7=https%3A%...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1638279065454&ns_c=UTF-8&cv=3.5&c8=A%20new%20vulnerability%20in%20Windows%20makes%20it%20easy%20to%20get%20admin%20rights&c7=https%3A...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1638279065454&ns_c=UTF-8&cv=3.5&c8=A%20new%20vulnerability%20in%20Windows%20makes%20it%20easy%20to%20get%20admin%20rights&c7=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&c9=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
9guZaai6WpTOF3cXN42vXHLXfuaB-DdzYR7GnbF5bSma4T1Rz1FbhA==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 30 Nov 2021 13:31:05 GMT
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1638279065454&ns_c=UTF-8&cv=3.5&c8=A%20new%20vulnerability%20in%20Windows%20makes%20it%20easy%20to%20get%20admin%20rights&c7=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&c9=
content-length
332
x-amz-cf-id
N85NS_NiU-RbwAV-ZqZ1CzspYpsp64reafL6AZgP4P_8pHiOlplLfQ==
postmessageRelay
accounts.google.com/o/oauth2/ Frame C9A4 		565 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.gizchina.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57945ae05a0f762a1c7375fb26fa7e56cf33e1fa75b62ed6c1807aea5aaf9a74
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AhjE9OAeLhjk75ga3Q8qEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 30 Nov 2021 13:31:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-AhjE9OAeLhjk75ga3Q8qEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 4E0E 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&layout=full&count=hidden&origin=https%3A%2F%2Fwww.gizchina.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&layout=full&count=hidden&origin=https%3A%2F%2Fwww.gizchina.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 10:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 26 Nov 2022 10:01:15 GMT
AKedOLSkiXCKiduplfBL81tQ9vf01TXO2mN6tmNmYtQGRw=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4E0E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSkiXCKiduplfBL81tQ9vf01TXO2mN6tmNmYtQGRw=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&layout=full&count=hidden&origin=https%3A%2F%2Fwww.gizchina.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
05e1a289ef978099932deeeb85db7ab67b87087e41fb5aa4a911ace171d4595c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:23:20 GMT
x-content-type-options
nosniff
age
465
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
server
fife
etag
"v2f4"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 17 Nov 2021 17:18:00 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 4E0E 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&layout=full&count=hidden&origin=https%3A%2F%2Fwww.gizchina.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&layout=full&count=hidden&origin=https%3A%2F%2Fwww.gizchina.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 10:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 26 Nov 2022 10:01:16 GMT
356189
api-2-0.spot.im/v1.0.0/config/ab_test/sp_RpYbjIoo/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_RpYbjIoo/356189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3800:1d:6a6f:6d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Tue, 30 Nov 2021 13:31:05 GMT
server
fasthttp
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
x-cache
Miss from cloudfront
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qS0ztX4Dupyn2nmy3BiYIb-swNk5yJLv5sYwW1iaFlDphCVU07O8Mw==
356189
api-2-0.spot.im/v1.0.0/config/ab_test/sp_RpYbjIoo/ 		93 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_RpYbjIoo/356189
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3800:1d:6a6f:6d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ba6960667ed6717424e56424bb69dca442cc11d93ab7c1b3d0ed76c80c0693bb

Request headers

Accept
application/json
Referer
https://www.gizchina.com/
x-spotim-page-view-id
a41727c2-8953-4079-8053-806e9d454c31
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-spotim-device-uuid
7c29ceed-9a38-4295-9540-e2a5575477b1

Response headers

date
Tue, 30 Nov 2021 09:24:20 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
age
14805
x-cache
Hit from cloudfront
content-length
93
x-request-id
4c5f3b2f-51bf-11ec-b63f-46afcfea9773
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.gizchina.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version
x-amz-cf-id
xbAIrnq4bXot0y-uBbyC2jrTyT4-EMJPpat5MKfCHvKnghKPJ9z-HA==
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v2.66.7/launcher/ 		3 KB
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v2.66.7/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-14.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 19:33:51 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 15:17:28 GMT
server
AmazonS3
age
64635
etag
W/"7ddd342672200944b8560f7774dbd89b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
x-amz-version-id
GdyzlXT2CR4K_ZGKYFOsKY8y5BScYoOx
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
image/svg+xml
x-amz-cf-id
VoTFAQMThPwNeEp_YzcvD9rKtnH1YU4GuV0nIq-4AbZBdq7EIMrnug==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D49 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=32735
expires
Tue, 30 Nov 2021 22:36:40 GMT
date
Tue, 30 Nov 2021 13:31:05 GMT
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=3537809648984412844
0
0
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=c5180be2-51e1-11ec-ae53-1708f5200506
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=c5180be2-51e1-11ec-ae53-1708f5200506
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Tue, 30 Nov 2021 13:31:05 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
75
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Tue, 30 Nov 2021 13:31:05 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=c5180be2-51e1-11ec-ae53-1708f5200506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
84
Connection
keep-alive
Content-Length
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22&verify=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-0ty0Wy9E2uFSiU489vCKyu50WRcRZJU1~A~UPc5106481-51e1-11ec-9d65-06d2905c4e22
0
0
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=c51832f8-51e1...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=c518328b-51e1-11ec-8c76-14604df00306
0
0
710530.gif
di.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
via
1.1 google
alt-svc
clear
content-length
0
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1623298447970991&ev=fb_page_view&dl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&rl=&if=false&ts=1638279065733&sw=1600&sh=1200&at=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 30 Nov 2021 13:31:05 GMT
web
onesignal.com/api/v1/sync/028ff5ba-9563-498b-8771-488cb54a1b94/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/028ff5ba-9563-498b-8771-488cb54a1b94/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bff36e18dc0cf22ae67c613dc37a730653afd6895738ef983d33166860d3004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3325
cf-polished
origSize=3028
status
200 OK
x-envoy-upstream-service-time
50
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
92d13078-4d3b-462b-96ef-506d8ae9cf25
x-runtime
0.048619
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"00aebaa6e62b8b790bac5af6772fad6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6b646f211dea694b-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 30 Nov 2021 14:31:05 GMT
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 4E0E 		156 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:51:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
531556
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 24 Nov 2022 09:51:49 GMT
en.json
cmp-cdn.cookielaw.org/consent/center-center-default-stack-global-ot/f16b721e-885e-4fb9-81a4-9dbf61b7fd73/ 		37 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/center-center-default-stack-global-ot/f16b721e-885e-4fb9-81a4-9dbf61b7fd73/en.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69f753cef46e2969bae0a83b1fe8fa93184ce3202e9ec8aac7ad6bcaa77ae7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
O/XmLcP6Ts3gsq8xe+4KrA==
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:36:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bb0e828d-501e-0031-15ee-e535c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6b646f2189fb7022-FRA
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		268 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3059a0e3fa60f9c17944195d96fa02de7702942d81694d8004146124cd04ce2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
4uLkxsGWmgwmeZLBspYCPg==
age
10735
vary
Accept-Encoding
content-length
37833
x-ms-lease-status
unlocked
last-modified
Tue, 30 Nov 2021 07:23:06 GMT
server
cloudflare
etag
0x8D9B3D2411DE967
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f8142a1d-a01e-00d8-72d5-e57f37000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6b646f218a087022-FRA
otTCF.js
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otTCF.js
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
KgOdlQGhgiHAfAnDQiJaFQ==
age
5477
cf-polished
origSize=68680
last-modified
Fri, 05 Feb 2021 17:39:14 GMT
vary
Accept-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bc77d5e1-001e-003c-6946-a8fd11000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6b646f218ba6d6bd-FRA
expires
Tue, 30 Nov 2021 17:31:05 GMT
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame A469 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding
gzip
etag
1e39d25f07f5619925357b752ab10d04
age
401
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1ZPFB4TDBH8FX9XW8WYF
date
Tue, 30 Nov 2021 13:25:40 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
PJok5O7fdEIrCR5OS8audyS89Nen_fuHU6h2dRdwzGFIEQWghpzUkA==
css
fonts.googleapis.com/ Frame F5C0 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 11:55:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 13:31:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 13:31:05 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 11:55:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 30 Nov 2021 13:31:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Nov 2021 13:31:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3A92 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=32735
expires
Tue, 30 Nov 2021 22:36:40 GMT
date
Tue, 30 Nov 2021 13:31:05 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F00C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Nov 2021 13:31:05 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Date
Tue, 30 Nov 2021 13:31:05 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
liveCS.php
live.primis.tech/live/ Frame 43E2
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=94&advUuid=c518328b-51e1-11ec-8c76-14604df00306
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=94&advUuid=c518328b-51e1-11ec-8c76-14604df00306
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:05 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 30 Nov 2021 13:31:05 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=94&advUuid=c518328b-51e1-11ec-8c76-14604df00306
X-fe
75
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 4BD7 		43 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Tue, 30 Nov 2021 13:31:05 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 99F6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
5b75883827cfc9a4678740054f465fb729643d0a459f8ee6abd4019809090c86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

Server
VertaMedia 1.0
Date
Tue, 30 Nov 2021 13:31:05 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
852
Access-Control-Allow-Origin
https://www.gizchina.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame A469 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlNDI3MSUlRaZcZGViMTUkMTt4Mmx4OSUlRaZcZDVzZTFwYmMjZGQ0Ywx2MwM2NTEjNmEhoXA0JaZcZF9wo250ZW50X2yxPTElMTx1NTEzqzyxX2NioaRyoaRsZGVmYm1BpHBfZSgDYXIeQ291oGQeUzVjo3J0ZWRfrSgMYXVhY2tenW4eTGF0ZSflMDIkJaZcZF9wo250ZW50X3RcqGkyPUFjpGkyK0NupvgDo3VfZCgSZXBipaRyZGk5K0kuqW5wnCgcovgMYXRyKmIjMwEzqzyxX2NioaRyoaRsZHVlYXRco249NDxzZGVvqWqJozZipz1uqGyiow0zrD0mMDAzrT0lNTAzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMkMxQmMmMjNUYmMTM1N0Q3QwpmMmEmMDM3MmxmMmMmMmtmMmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ2NDpjNwU2RDRFNxY2MTU3MmU2ODRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmMmMDMjN0Q3QwU5MmImNTMjN0Q3QwY2MmE3RDqCNEMmNTMlMmpmMTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMmIhMwMhMTp4JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nv4jLwQ2NwQhNDUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwFuNwI3OTuxYzNwMSZwYaVmqGVlPTE2MmtlNmxjNwU5MwpzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
0c61699bae410dbcc526f0991e3ff1bcd22ed40d7efe0998802293c8c64a952b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3391
chunklist_480.m3u8
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		410 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
f3cfaf64257ca19b47726204302d388b96cb33bae327c9702906d1816958c1bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 12b8fffb374df4eb1fcd64097a74f3f8.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
content-length
410
last-modified
Wed, 18 Aug 2021 04:09:21 GMT
server
Tengine
etag
"3f3587fdfb0d26eef013e01edbe0fa8c"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
eK1rFkPcNZQMFZGcCzaUUCJHXbsKTufcSY0fijURrhd44lyPVrW7Jw==
expires
Tue, 14 Dec 2021 13:31:06 GMT
vid5f746a9b7f690617123080_thumb.jpg
video.primis.tech/uploads/cn17/video/users/converted/24271/video1511883989/ Frame F5C0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn17/video/users/converted/24271/video1511883989/vid5f746a9b7f690617123080_thumb.jpg?cbuster=1617610073
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
fa4fb5356329f1df868237bd98106d7f0acc959574e65f98593e89c2211e706c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 558f7ecd43929b77c262a9b755d6b164.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:26:39 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"272e90fd1f77877d57fbff6ce7e3d636"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4086
x-amz-cf-id
NLekZHiYOCu9aSxAeqyLDGNMRQqNjIfJzMK5g6d5HX5cRgIYCK_jQQ==
x-proxy-cache
HIT
vid5f7d11e10a63c847723013_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/24271/video1511883989/ Frame F5C0 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/24271/video1511883989/vid5f7d11e10a63c847723013_thumb.jpg?cbuster=1617610073
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
63b930e7e2714515dd58421e7a945c89d75c07f3300252fd25c595d890d49aba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 5f0256b858eb482d76fb1e14a1b7a667.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:22:29 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"dce93fa12d26f806bd21e66444796593"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3492
x-amz-cf-id
0nZVBZzb_q6LuBf-owG8DrJOa6t0jYKuAQKYNClW2nDdxObfwV-B4Q==
x-proxy-cache
HIT
vid5fa12d4c19ae1053808445_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/24271/video1511883989/ Frame F5C0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/24271/video1511883989/vid5fa12d4c19ae1053808445_thumb.jpg?cbuster=1617610073
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
3d3214413a2c1ed9ed224a5bbff4138df7a9bd4a6437544beada425b57380cea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 18:01:34 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"20f447a3168e7809cf1007ab953308e0"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1133
x-amz-cf-id
39XhQdCuWQs6g1o1fXW6Py0tHY7iSgVDNLoTEu3Cka8B4Yown17rHw==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMTJEMmEmMTJEMmMmMDVGMmEmNTqEN0I3MmMkMmAmNmM5MmMmMmM4MmM3RDqCNDMmNTM3N0Q3QwUmNwQmMmY0MmM0QmZENwQ3MDY1NxQ0RTZGNwE1NmM1Nwt0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODMmMmAmMDqEN0I1OTMlMmUmMDqEN0I2NwMkN0Q3QwRDMmUmMwM3MmE3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MTt1LwImMv4lMl4kNmtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWE2Mwp5OGRvY2MkJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmtlNmxjNwU5MTYzqWyxPVNyn2yhZG9TUGkurWVlNwFuNwI3OTx0YTuuOSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZ2y6Y2ucozEhY29gJTJGMwAlMSUlRwEkJTJGMwQyMxZuLW5yql12qWkhZXJuYzyfnXR5LWyhLXqcozRiq3MgoWFeZXMgnXQgZWFmrS10ol1aZXQgYWRgnW4gpzyanHRmJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame A469 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=61a62798dbcc1&custom_data=61a62798dbcc1;live.primis.tech&gdpr=1&gdpr_consent=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.198.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-198-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame A469
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=93&advUuid=498a2a01-6b3e-4a88-8ffc-8e8fd1d0f4f5
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=93&advUuid=498a2a01-6b3e-4a88-8ffc-8e8fd1d0f4f5
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=93&advUuid=498a2a01-6b3e-4a88-8ffc-8e8fd1d0f4f5
date
Tue, 30 Nov 2021 13:31:06 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame A469
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=99&advUuid=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=99&advUuid=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=99&advUuid=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Tue, 30 Nov 2021 13:31:06 GMT
liveCS.php
live.primis.tech/live/ Frame A469
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61a62798dbcc1%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=105&advUuid=3537809648984412844
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=105&advUuid=3537809648984412844
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:06 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
893b8912-dd4c-4f58-8f57-4a4d508ed298
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61a62798dbcc1&pixel=&advId=105&advUuid=3537809648984412844
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid5fe1cc30dd4b9623651071.jpg
video.primis.tech/uploads/cn6/video/users/converted/24271/video1511883989/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/24271/video1511883989/vid5fe1cc30dd4b9623651071.jpg?cbuster=1617610073
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
452637e4772bc3cadb119a3bba7dc419e902fe6d848855b9bcd068ae2bb9c8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 6ae82cc0c8a39c993134c2be90b4d121.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 17:59:21 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"c356e924eccafefae8ea2d4fe4a4fc7c"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:06 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
17940
x-amz-cf-id
fgSQ2oFDQFLQdlwBuGdyclDJuLJVU0spCyAUUivsTEEsXAsP5a534g==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame A469 		118 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlNDI3MSUlRaZcZGViMTUkMTt4Mmx4OSUlRaZcZDVzZTFwYmMjZGQ0Ywx2MwM2NTEjNmEhoXA0JaZcZF9wo250ZW50X2yxPTElMTx1NTEzqzyxX2NioaRyoaRsZGVmYm1BpHBfZSgDYXIeQ291oGQeUzVjo3J0ZWRfrSgMYXVhY2tenW4eTGF0ZSflMDIkJaZcZF9wo250ZW50X3RcqGkyPUFjpGkyK0NupvgDo3VfZCgSZXBipaRyZGk5K0kuqW5wnCgcovgMYXRyKmIjMwEzqzyxX2NioaRyoaRsZHVlYXRco249NDxzZGVvqWqJozZipz1uqGyiow0zrD0mMwAzrT0kODAzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMkMxQmMmMjNUYmMTM1N0Q3QwpmMmEmMDM3MmxmMmMmMmtmMmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ2NDpjNwU2RDRFNxY2MTU3MmU2ODRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmMmMDMjN0Q3QwU5MmImNTMjN0Q3QwY2MmE3RDqCNEMmNTMlMmpmMTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMmIhMwMhMTp4JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nv4jLwQ2NwQhNDUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwFuNwI3OTuxYzNwMSZwYaVmqGVlPTE2MmtlNmxjNwU5NwYzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
53a0b143f4c96444b3c6a2d356746cd77369db5b443d6cd1b14dc4b91c7936cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10513
liveView.php
live.primis.tech/live/ Frame A469 		118 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlNDI3MSUlRaZcZGViMTUkMTt4Mmx4OSUlRaZcZDVzZTFwYmMjZGQ0Ywx2MwM2NTEjNmEhoXA0JaZcZF9wo250ZW50X2yxPTElMTx1NTEzqzyxX2NioaRyoaRsZGVmYm1BpHBfZSgDYXIeQ291oGQeUzVjo3J0ZWRfrSgMYXVhY2tenW4eTGF0ZSflMDIkJaZcZF9wo250ZW50X3RcqGkyPUFjpGkyK0NupvgDo3VfZCgSZXBipaRyZGk5K0kuqW5wnCgcovgMYXRyKmIjMwEzqzyxX2NioaRyoaRsZHVlYXRco249NDxzZGVvqWqJozZipz1uqGyiow0zrD0mODAzrT0lMTQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMkMxQmMmMjNUYmMTM1N0Q3QwpmMmEmMDM3MmxmMmMmMmtmMmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ2NDpjNwU2RDRFNxY2MTU3MmU2ODRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmMmMDMjN0Q3QwU5MmImNTMjN0Q3QwY2MmE3RDqCNEMmNTMlMmpmMTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMmIhMwMhMTp4JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nv4jLwQ2NwQhNDUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwFuNwI3OTuxYzNwMSZwYaVmqGVlPTE2MmtlNmxjNwU5NwYzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
17f11e486efbd235f79b2695ad8f6c6aa19b1d27128c16d027f1986852742284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10506
liveView.php
live.primis.tech/live/ Frame A469 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlNDI3MSUlRaZcZGViMTUkMTt4Mmx4OSUlRaZcZDVzZTFwYmMjZGQ0Ywx2MwM2NTEjNmEhoXA0JaZcZF9wo250ZW50X2yxPTElMTx1NTEzqzyxX2NioaRyoaRsZGVmYm1BpHBfZSgDYXIeQ291oGQeUzVjo3J0ZWRfrSgMYXVhY2tenW4eTGF0ZSflMDIkJaZcZF9wo250ZW50X3RcqGkyPUFjpGkyK0NupvgDo3VfZCgSZXBipaRyZGk5K0kuqW5wnCgcovgMYXRyKmIjMwEzqzyxX2NioaRyoaRsZHVlYXRco249NDxzZGVvqWqJozZipz1uqGyiow0zrD0mMwAzrT0kODAzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMkMxQmMmMjNUYmMTM1N0Q3QwpmMmEmMDM3MmxmMmMmMmtmMmqEN0I0MmM1Mmp3RDqCNTM2NDMmNwQmMmRDNxQ2NDpjNwU2RDRFNxY2MTU3MmU2ODRDNxQ0RTp2NwI1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmMmMDMjN0Q3QwU5MmImNTMjN0Q3QwY2MmE3RDqCNEMmNTMlMmpmMTqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NTAhMTA0OSZaZW9Mo25aPTthNwI5NSZ1p2VlSXBBZGRlPTE4NS4lMmIhMwMhMTp4JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5Nv4jLwQ2NwQhNDUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwFuNwI3OTuxYzNwMSZwYaVmqGVlPTE2MmtlNmxjNwU5NwpzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
cb11e8c2e123325d6de19af0a980d7ca53434d79a3fc28ab4b39d89684f6ec0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3387
796779910-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame C9A4 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/796779910-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.gizchina.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04082cfaa14c7a04a29bf53810bda0de1aa03910090a4aeffb198f4e8bbf70d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 08:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4295
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 19:09:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 08:28:25 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame C9A4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.gizchina.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc10eb4c3193b2a9e85d3e011075c703c98d79e86dee2c8647311db2f1dfeb4b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hIgZjlNZXYaUnM3HUONhqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"3fc975e12af4bcde7e44fdb36bca1117"
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-hIgZjlNZXYaUnM3HUONhqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires
Tue, 30 Nov 2021 13:31:06 GMT
1307320068-572b3ba6cc6c991862f596b62430484491b87501cf06851f1.jpg
i.vimeocdn.com/video/ Frame 788C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1307320068-572b3ba6cc6c991862f596b62430484491b87501cf06851f1.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b6b4c2557306b6e31354abed44eef833cdda4ea5330d88dcfc6c53b921f607f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
665201
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1379
viewmaster-server
viewmaster-us-central1-kz6g
x-served-by
cache-dfw18646-DFW, cache-fra19125-FRA
x-timer
S1638279066.046512,VS0,VE0
etag
c5de3c18c6fcb157183883215d07609e
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
2, 2
player.de-DE.js
f.vimeocdn.com/p/3.46.0/js/ Frame 788C 		682 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6a86cf28ce8ec2b4c9354709be1a2a7dca13e8a694a21c628362bc695862eadb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 varnish, 1.1 varnish
age
1019992
x-guploader-uploadid
ADPycduNp0Xq9hKCkiuE7aw7KkcnpUs8f06lOWTGoEfgZ2A63OJ_yM20tCu-i2F8aEhT8LSJb9lwC9TGEriYhrJUiwg
x-cache
MISS, HIT
content-encoding
br
content-length
163924
x-served-by
cache-bwi5169-BWI, cache-fra19172-FRA
last-modified
Thu, 18 Nov 2021 18:02:22 GMT
server
UploadServer
x-timer
S1638279066.026668,VS0,VE0
etag
"994938d7d3ec4fd309b1cdf45d94f959"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 5711
player.css
f.vimeocdn.com/p/3.46.0/css/ Frame 788C 		195 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.46.0/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
df28fccbafb244dd6825a3eb86ec470c874a19fa978031c470f2280a5a319a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 varnish, 1.1 varnish
age
1020001
x-guploader-uploadid
ADPycduBWygthAjfvLldCVQeEEx5V6bMU4oXfGkLvW1yJRTTmDRnwpRIrvaaoPh8rDE5N5InFr7enAY7jbW-dlg1h1k
x-cache
MISS, HIT
content-encoding
br
content-length
19236
x-served-by
cache-bwi5146-BWI, cache-fra19172-FRA
last-modified
Thu, 18 Nov 2021 18:02:22 GMT
server
UploadServer
x-timer
S1638279066.018167,VS0,VE0
etag
"4d1acc56d3e4ce8c3dd5b7b01300b9da"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 530797
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
345078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:39:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F5C0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gizchina.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options
nosniff
age
345078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:39:48 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ Frame 4E0E 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c92084dec60847faa5d1719a8b8c238bf82f3f1ca97a8474acd3c67e3aed419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 16:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41862
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 15:20:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:48:45 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A469 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
31283
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Tue, 30 Nov 2021 05:37:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rbLHF5_2Ztl0FVBstTlecaSSHvkMZEjdmUJko1wYv2_k9KtWurYQgg==
w_480_00000.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		426 KB
427 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
d1d82743258bafc885b12da04e94af87ec633385feea740267a720ab8fe72c5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
436724
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
etag
"26fd3d186c532ced008ea1787430696c"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
ZI1XxmauyObHCLGb8zcM8SgNgh_iZwcpPEGcOVjiMjUNOYdtAmCoaQ==
expires
Tue, 14 Dec 2021 13:31:06 GMT
v1
prg.smartadserver.com/prebid/ Frame A469 		171 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
liveInternalSsp.php
live.primis.tech/live/ Frame A469 		25 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0EmMwAyMxMyMwJbZWyanHQyMwIyM0EkODAyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMTt1LwImMv4lMl4kNmtyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JTIlJTJDJTIloGF0JTIlJTNBJTIlNTAhMTA0OSUlMvUlQlUlMzkiovUlMvUmQSUlMwthNwI5NSUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phZ2y6Y2ucozEhY29gJTJGMwAlMSUlRwEkJTJGMwQyMxZuLW5yql12qWkhZXJuYzyfnXR5LWyhLXqcozRiq3MgoWFeZXMgnXQgZWFmrS10ol1aZXQgYWRgnW4gpzyanHRmJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQSUlMvUlMvUlQlUlMzFjpFZypaNco24yMwIyM0EyMwIyMwIyMxMyMwJlZWZypaJypvUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYyMwIyMxMyMwJaZHBlJTIlJTNBMSUlQlUlMzqxpHJDo25mZW50JTIlJTNBJTIlJTIlJTJDJTIlnXNXZVBup3NHZHBlJTIlJTNBJTIlMCUlMvUlQlUlMzNwpGEyMwIyM0EjJTJDJTIlY2NjYUNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJxo21unW4yMwIyM0EyMwJ3q3phZ2y6Y2ucozEhY29gJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MWE2Mwp5OGRvY2MkJTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0E5ODQ4MSUlQlUlMaB1Yzkcp2uypxyxJTIlJTNBMwp3NTpyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMwp3NTpyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyMxMyMwJlZWqco24yMwIyM0EyMwJFVSUlMvUlQlUlMzNuoXBunWqhplUlMvUmQSU3QvUlMwY5NDxlJTIlJTNBJTqCJTIlqHJuY2gypvUlMvUmQSUlMzNuoXBunWqhRaJypUNupCUmRDAyMwUlRwAyMwZwYW1jYWyaoxyxJTNENwx0OTIyMwZmpGFwZTJBZEyxJTNEMTM3MmQ3MDMyMwIyMxMyMwJjpzVvnWROp3NjSW5xZXtyMwIyM0EjJTJDJTIlp3BuY2UlQWRJZCUlMvUmQSUlMwEmNmM0NmAmJTIlJTJDJTIlZGVuoCUlMvUmQSU3QvUlMzymUaRvRGVuoCUlMvUmQTAyMxMyMwJlqGJEZWFfSWQyMwIyM0EyMwIyMwIyMxMyMwJlqGJTZWF0SWQyMwIyM0EyMwIyMwIyN0QyMxMyMwJlqGJXU2VuqCUlMvUmQSUlMvUlMvUlQlUlMzNuoXBunWqhSWQyMwIyM0E2OTQ5MvUlQlUlMzNuoXBunWqhU2NipGUyMwIyM0EyMwJjqWJfnWMyMwIyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMwx0NmUyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzyxZzkio3IyMwIyM0EmLwUyMxMyMwJvYXNyRzkio3IyMwIyM0EmLwUyMxMyMwJyrHQyMwIyM0EyN0IyMwJjYXJ0ozVlJTIlJTNBJTIlOTIyMwIyMxMyMwJlZXZTnGFlZSUlMvUmQSUlMwEhMDAyMwIyN0QyMxMyMwJlZWZypzVhY2VJZCUlMvUmQTElJTqEJTqEJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwE5LTI1JTIlJTJDJTIlSUFCMTxyMwIyMxMyMwJJQUImLTQyMwIyMxMyMwJJQUIkOS00JTIlJTVEJTJDJTIlpGkuY2VgZW50Q2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyMxMyMwJwo250ZW50Y2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
translator
hbopenbid.pubmatic.com/ Frame A469 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame A469 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame A469 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
X-SpotX-Timing-Transform
0.000480
X-SpotX-Timing-SpotMarket
0.005700
X-SpotX-Timing-Page-Mux
0.000473
X-SpotX-Timing-Page-Require
0.000550
X-fe
121
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000019
X-SpotX-Timing-Page
0.011803
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000541
Last-Modified
Tue, 30 Nov 2021 13:31:06 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005700
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gizchina.com
X-SpotX-Timing-Page-Misc
0.004013
X-SpotX-Timing-Page-Exception
0.000006
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000021
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame A469 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
avjp
primis-d.openx.net/v/1.0/ Frame A469 		106 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c17df4f8-4349-45e7-a1ca-b608494ebab9&nocache=1638279066224&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=320&vht=180&aumfs=3500
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 google
server
OXGW/16.221.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gizchina.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A469 		173 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.15.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-15-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
375dfc3356df91765dc6bc9ec293978d4e4c55a0edc90e7b95634beb56f3954f

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
x-prebid
pbs-java/1.79.0
content-type
application/json
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A469 		67 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1638279066227&pKey=796176906&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.gizchina.com%2F&playerSize=320x180&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:06 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.gizchina.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1638279066425011-533
Expires
Tue, 30 Nov 2021 13:31:06 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM4Mwp5MDY1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTMmOTtjNmtzrD0mMwAzrT0kODAzoXN0YT0kMDp5MmM4MlZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5anXcwnGyhYS5wo20zp3VvSWQ9q3q3LzqcrzNbnW5uLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTt1LwImMv4lMl4kNmtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWE2Mwp5OGRvY2MkJaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmODI3OTA2NwE5OCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWE2Mwp5OTRuOGE5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:05 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM4Mwp5MDY1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTYkMDQ3ODtzrD0mMwAzrT0kODAzoXN0YT0kMDp5MmM4MlZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5anXcwnGyhYS5wo20zp3VvSWQ9q3q3LzqcrzNbnW5uLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTt1LwImMv4lMl4kNmtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWE2Mwp5OGRvY2MkJaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmODI3OTA2NwE5OSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWE2Mwp5OTRuOGE5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
PugMaster
image6.pubmatic.com/AdServer/ Frame 1D49 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91184281&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0af6b427823563075123be79c7ee0fc8c4704bcbd1925d533ac1bd7114314c69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame F00C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41145
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 01 Dec 2021 00:56:51 GMT
32aefc7d-13f5-4094-ba63-5dfdde23503d
https://www.gizchina.com/ 		65 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.gizchina.com/32aefc7d-13f5-4094-ba63-5dfdde23503d
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
66258
Content-Type
text/javascript
defaults-blue_60x60
i.vimeocdn.com/portrait/ Frame 788C 		741 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/portrait/defaults-blue_60x60
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb979b547809a0615f8d033ba1d6b33693b9e902a178a3ead75a5dcb3c9d0543

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
281775
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
741
viewmaster-server
viewmaster-us-central1-9199
x-served-by
cache-dfw18625-DFW, cache-fra19125-FRA
x-timer
S1638279066.343454,VS0,VE0
etag
2a3431b0f58081f075ee539a613338ae
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
495, 1381
1307320068-572b3ba6cc6c991862f596b62430484491b87501cf06851f1
i.vimeocdn.com/video/ Frame 788C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1307320068-572b3ba6cc6c991862f596b62430484491b87501cf06851f1?mw=700&mh=394
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/648758294?h=f8972f4077&dnt=1&app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b8bb2f956ef97bf8b591d13fb7d95f8bf4493fb6961067cfd416b0c5fc0a21e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
662614
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
8307
viewmaster-server
viewmaster-us-central1-7v9f
x-served-by
cache-dfw18635-DFW, cache-fra19125-FRA
x-timer
S1638279066.394424,VS0,VE0
etag
14262c6e124a759280e8f907d93d61f0
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 2
otCenterRounded.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCenterRounded.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
18pWEBkfOu/31P7Un8pCfA==
content-length
2421
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:04 GMT
server
cloudflare
etag
0x8D8C9FCEE6E2788
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9bf95cc8-101e-0020-77ee-e5af71000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6b646f254cde7022-FRA
otPcCenter.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/v2/otPcCenter.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
6SSYYj+cvj/lp8HQvP6bVA==
content-length
11379
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF4A85A1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
987cf143-e01e-0024-5cee-e52276000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6b646f255ce57022-FRA
otCookieSettingsButton.json
cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCookieSettingsButton.json
Requested by
Host: cmp-cdn.cookielaw.org
URL: https://cmp-cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
CaGQ5l/lz/RAB/LfzD6w5A==
content-length
2178
x-ms-lease-status
unlocked
last-modified
Fri, 05 Feb 2021 17:39:05 GMT
server
cloudflare
etag
0x8D8C9FCEF05A5C6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
061c3427-001e-004e-25ee-e5fa5e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6b646f255ce87022-FRA
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ Frame C9A4 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a6f2a85533d8b0a3572be5fa46cb09629d8f54f28bf40c52e0878d68caa046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18237
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 15:20:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 12:56:20 GMT
settings
syndication.twitter.com/ Frame E9AF 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=1bcc0a49704d44b411e352ed0eea2f428e1ed499
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time
105
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 13:31:06 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
44f28bd6497dacac77047a197f9a921f5f86e83adf2755164b48ad4a3b022576
content-length
166
/
ads.us.e-planning.net/uspd/1/ Frame CE15
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0cd543c33e8db7c9de2a203857e89f827814fd31e140be17c261b5dcd1a126ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Tue, 30 Nov 2021 13:31:06 GMT
x-sid
AMS-601
content-encoding
gzip

Redirect headers

server
openresty
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-601
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CAF7 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=32734
expires
Tue, 30 Nov 2021 22:36:40 GMT
date
Tue, 30 Nov 2021 13:31:06 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 2E15 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ee00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Fri, 26 Nov 2021 04:01:25 GMT
x-amz-version-id
fmw_ELj.0.vXaxs.8.DPrS7rkRs97V4I
server
AmazonS3
content-encoding
br
date
Tue, 30 Nov 2021 12:01:28 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qLJQ9yjc1x9X3PFJfXl_Zhrax94bz0TpYdFbovVUkf0YWbmNDj4Ahg==
age
5379
cookie
cm.adform.net/ Frame 3BE0 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 1CC6 		251 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.190.167 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-528.bunnyinfra.net
Software
BunnyCDN-CZ1-528 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-CZ1-528
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
528
cdn-storageserver
DE-169
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:05:08
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
3c784610d88eb23e2ee1435b0edd4c0e
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 46AA 		0
0
csync
sync.console.adtarget.com.tr/ Frame 89B9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LWxjPeUloTxw30t7JdVf&pi=admatic&tc=1
0
0
csync
sync.console.adtarget.com.tr/ Frame 99F6 		0
0
match
c1.adform.net/serving/cookie/ Frame 92F5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame CBD6
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123252113624498794
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123252113624498794
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:05 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug020:0:608
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123252113624498794
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 6506 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 30 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
560021
Pug
simage2.pubmatic.com/AdServer/ Frame 2C9F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036355010209380492
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036355010209380492
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug012:0:466
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 30 Nov 2021 13:31:06 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7036355010209380492
Pug
simage2.pubmatic.com/AdServer/ Frame A8F9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaYnmgAIbyCrrwBR&gdpr=0&gdpr_consent=&_test=YaYnmgAIbyCrrwBR
1 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaYnmgAIbyCrrwBR&gdpr=0&gdpr_consent=&_test=YaYnmgAIbyCrrwBR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug005:0:492
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YaYnmgAIbyCrrwBR&gdpr=0&gdpr_consent=&_test=YaYnmgAIbyCrrwBR
accept-ranges
bytes
date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 varnish
x-served-by
cache-cdg20776-CDG
x-cache
HIT
x-cache-hits
0
x-timer
S1638279067.728911,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 22FA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWDRrN0RURThBQUNyczhaNGo3Zw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADX4k7DTE8AACrs8Z4j7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADX4k7DTE8AACrs8Z4j7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADX4k7DTE8AACrs8Z4j7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 4765
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug004:2:258
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Tue, 30 Nov 2021 13:31:06 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 3F00
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2D8KdaMDemH14jZUwRbTX52L
42 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2D8KdaMDemH14jZUwRbTX52L
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:05 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug011:0:1658
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Tue, 30 Nov 2021 13:31:06 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2D8KdaMDemH14jZUwRbTX52L
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 6D5A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3612607256
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3612607256
  • https://sync.1rx.io/usersync/tradedesk/a3401812-4a01-438f-82bf-109345f37dc4
  • https://sync.targeting.unrulymedia.com/csync/RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug017:0:410
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003
etag
RX2594938c3a0848f78f72f074d2a94ed8003
dpe
ad4m.at/ad/ Frame 651F 		15 B
916 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b646f267815375e-MXP
bridge
cm.adgrx.com/ Frame 5199 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-7
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
cookiesync
core.iprom.net/ Frame A9A2 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
ragnarok-94ec2a0dbdff@version_1.358
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Tue, 30 Nov 2021 13:31:06 GMT
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2460
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 varnish
x-served-by
cache-hhn4022-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1638279067.624113,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 varnish
x-served-by
cache-hhn4022-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1638279067.591051,VS0,VE16
x-vcl-time-ms
16
content-length
0
i.match
s.tribalfusion.com/z/ Frame 4509
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b646f27c9765a25-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1468
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b646f268e1e5a25-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
csync
sync.spotim.market/ Frame 2E96 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MO__f1GaSPmO_GAc0x3QBg%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MO__f1GaSPmO_GAc0x3QBg%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32734
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 30 Nov 2021 22:36:40 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cb861a6-279a-4200-b19e-17a801a8c721
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cb861a6-279a-4200-b19e-17a801a8c721
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8cb861a6-279a-4200-b19e-17a801a8c721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 Nov 2021 13:31:05 GMT
mw
mwzeom.zeotap.com/ Frame 1D49
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=30EFFF7F-519A-48F9-8EFC-601CD31DD006
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d44b7ae8a35bb59ea3ae19f74e4b7d11
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=a3401812-4a01-438f-82bf-109345f37dc4&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=0fd6cc87efceb9fd
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1f41de53-0547-4be9-5e34-1ceac06d2802&reqId=77eefa5d-88ab-4d66-7a1d-fae26564ae18&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1f41de53-0547-4be9-5e34-1ceac06d2802&reqId=77eefa5d-88ab-4d66-7a1d-fae...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1f41de53-0547-4be9-5e34-1ceac06d2802&reqId=77eefa5d-88ab-4d66-7a1d-fae26564ae18&zcluid=0fd6cc87efceb9fd&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6b646f2a9d5b3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1f41de53-0547-4be9-5e34-1ceac06d2802&reqId=77eefa5d-88ab-4d66-7a1d-fae26564ae18&zcluid=0fd6cc87efceb9fd&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBFRkZGN0YtNTE5QS00OEY5LThFRkMtNjAxQ0QzMUREMDA2&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBFRkZGN0YtNTE5QS00OEY5LThFRkMtNjAxQ0QzMUREMDA2&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 12:04:10 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0022:0:447
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ0pBymUW_Cm94gs_RzF790&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ0pBymUW_Cm94gs_RzF790&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:362
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ0pBymUW_Cm94gs_RzF790&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1D49 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 29 Nov 2021 13:31:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:392
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 Nov 2021 13:31:05 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2019882195564126656
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2019882195564126656
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:537
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2019882195564126656
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a3401812-4a01-438f-82bf-109345f37dc4
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a3401812-4a01-438f-82bf-109345f37dc4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:702
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a3401812-4a01-438f-82bf-109345f37dc4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3537809648984412844&gdpr=0&gdpr_consent=
42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3537809648984412844&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:847
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:06 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ed7b29f1-12b1-41fc-80e2-03178661a6fc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3537809648984412844&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdLpkTHUscYugr7EYoalxWeB6sMu07zDYID40lLL
42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdLpkTHUscYugr7EYoalxWeB6sMu07zDYID40lLL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:479
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NdLpkTHUscYugr7EYoalxWeB6sMu07zDYID40lLL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
30EFFF7F-519A-48F9-8EFC-601CD31DD006
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1D49 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/30EFFF7F-519A-48F9-8EFC-601CD31DD006?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=30EFFF7F-519A-48F9-8EFC-601CD31DD006&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c36NAUpE2uUArd9C6wUTuioSCXpQAj0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c36NAUpE2uUArd9C6wUTuioSCXpQAj0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c36NAUpE2uUArd9C6wUTuioSCXpQAj0-~A&gdpr=0&gdpr_consent=
date
Tue, 30 Nov 2021 13:31:06 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3441792153787669051&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3441792153787669051&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:390
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3441792153787669051&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=cfd292ba-918e-4099-80a9-f354261b9e70&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:513
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 30 Nov 2021 13:31:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1D49 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=30EFFF7F-519A-48F9-8EFC-601CD31DD006&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:05 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:419
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:518fa506-a77c-4a30-a85d-e14c676e7b46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:518fa506-a77c-4a30-a85d-e14c676e7b46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:08 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:523
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:518fa506-a77c-4a30-a85d-e14c676e7b46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 30 Nov 2021 13:31:08 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 1D49
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3537809648984412844
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3537809648984412844
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:403
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:06 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f54d2773-70b5-46df-98a4-38571ddac8b3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3537809648984412844
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 1D49 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
cmp-features.js
cmp-cdn.cookielaw.org/consent/cmp-features/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp-cdn.cookielaw.org/consent/cmp-features/cmp-features.js
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9u6YIWGeNVQg6qhQV2zLqg==
age
5480
last-modified
Fri, 05 Feb 2021 17:34:27 GMT
vary
Accept-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fa714143-801e-000d-2360-1f1c02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6b646f26cb57d6bd-FRA
expires
Tue, 30 Nov 2021 17:31:06 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A469 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D33305F31357D7B7331303739333338337D7B4335377D7B53643364334C6D6470656D4E6F615735684C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C353237317DFEFE&userIpAddr=185.232.23.178&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61a62798dbcc1&debugInfo=10793383_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=10793383&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed116exqortjyv&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=left&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=380&flow_height=250&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=5271&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=www.gizchina.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Tue, 30 Nov 2021 13:31:06 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aad48dde0907d035bdb01024f52600bec81a2c05bcc6b81469751d567faed27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 14:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9531
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 15:20:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 14:25:23 GMT
um
u-ams02.e-planning.net/ Frame CE15
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc922bc8e0cd6dcaa
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c922bc8e0cd6dcaa
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c922bc8e0cd6dcaa
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=c922bc8e0cd6dcaa
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame CE15 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 29 Nov 2026 13:31:06 GMT
prebid
rtb.openx.net/sync/ Frame CE15 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc922bc8e0cd6dcaa%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:06 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3tnubt40esrd22mpfsh5upj5hgs8dgfa
ptag
a.audrte.com/ Frame CE15 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.120.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-120-237.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d3c1d39d137d9ad51044955db975a95d1a35d4c179801ab7ce8e8e399ce66727

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame CE15 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 29 Nov 2026 13:31:06 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame CE15
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc922bc8e0cd6dcaa
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Tue, 30 Nov 2021 13:31:06 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame CE15
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc922bc8e0cd6dcaa%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c922bc8e0cd6dcaa&uid=3537809648984412844
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c922bc8e0cd6dcaa&uid=3537809648984412844
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:06 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c9a8b2d6-fba2-45e6-8647-3464ed203e57
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c922bc8e0cd6dcaa&uid=3537809648984412844
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bundle.js
cdn.admatic.com.tr/user/ Frame 1CC6 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.190.167 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-528.bunnyinfra.net
Software
BunnyCDN-CZ1-528 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
br
cdn-edgestorageid
528
cdn-fileserver
141
cdn-storageserver
DE-169
cdn-cachedat
2021-08-10 09:36:07
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-CZ1-528
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
866095c7f6b5ea2f7eff90390ee04600
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
uu
ih.adscale.de/ Frame 2E15
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1638279066
  • https://ih.adscale.de/uu?cbfn=receive&t=1638279066&nut&uu=ba6af80bca1948a5b17711b873a4940a
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1638279066&nut&uu=ba6af80bca1948a5b17711b873a4940a
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ec5f4b781d9c518523fb0bb1c31caceffbf0ac72d22a24b668fad7b50d0fe333

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1638279066&nut&uu=ba6af80bca1948a5b17711b873a4940a
date
Tue, 30 Nov 2021 13:31:06 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame AFC0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Nov 2021 13:31:06 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Tue, 30 Nov 2021 13:31:06 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 62B3 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=32734
expires
Tue, 30 Nov 2021 22:36:40 GMT
date
Tue, 30 Nov 2021 13:31:06 GMT
vary
Accept-Encoding
button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:51 GMT
Server
ECS (mil/6CE9)
Age
1087380
Etag
"e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
subscribe_embed
www.youtube.com/ Frame B8F5 		604 B
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5929615118bcd7b3c1af82d7178a77ba8fe330239a44e98042d27995f5583133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 30 Nov 2021 13:31:06 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 17:10:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
591659
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 23 Nov 2022 17:10:07 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 21:17:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
58429
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 29 Nov 2022 21:17:17 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:49:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
531668
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 24 Nov 2022 09:49:58 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:13:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
69438
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 29 Nov 2022 18:13:48 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 18:22:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
500890
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 24 Nov 2022 18:22:56 GMT
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame DF45 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 30 Nov 2021 07:36:34 GMT
expires
Wed, 30 Nov 2022 07:36:34 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
21272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A469 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Nov 2021 13:31:07 GMT
usync.js
eus.rubiconproject.com/ Frame AFC0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41145
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 01 Dec 2021 00:56:51 GMT
usermatch
ssum.casalemedia.com/ Frame CDAC 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef710bca669930bfe2dc7872aff2366aced71b018f152d49898f895ff3178f36

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|51|130|221|8
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1588
Expires
Tue, 30 Nov 2021 13:31:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 8E75 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A9CC 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6cfc0fb0dbb3c529eb71e8851def3c1b1c703af5b4c298264baa8e7258d6cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b646f28f88d3763-MXP
content-encoding
br
user
ads3.admatic.com.tr/ Frame 1CC6 		76 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
8bc00240a55504470959fec6b080a75d87cdb3cccd646eb83593ebe52f54c985

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
80
follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
platform.twitter.com/widgets/ Frame 0F36 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
97fea9dcfcea4baf6f72f7228a1a50560a67c9e3d1a82582d9d41f11085631f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1087380
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Nov 2021 13:31:07 GMT
Etag
"c645eaa597e9d4a92f2a306087a45087+gzip"
Last-Modified
Mon, 18 Oct 2021 18:31:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE9)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13629
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 52D8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 12:35:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 30 Nov 2021 13:35:06 GMT
userconnect.js
js.adscale.de/ Frame 2E15 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ee00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
rPJLS4UCo5ChgehTCVQrl0AyZnUpynsg
content-encoding
br
last-modified
Fri, 26 Nov 2021 04:01:25 GMT
server
AmazonS3
age
5381
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Tue, 30 Nov 2021 12:01:27 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
kf29yHrC8yeRN_XtAKX-8-x27IoZp9kzZqW_bnJdR3OjvYdhMEbi9A==
csync
sync.console.adtarget.com.tr/ Frame 2E15 		0
0
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame B8F5 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 10:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 26 Nov 2022 10:01:18 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame B8F5 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCU_lUN_138dJ0yMALFhKdLQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.1oGqGyIIxrg.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 10:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 26 Nov 2022 10:01:18 GMT
khaos.jpg
token.rubiconproject.com/ Frame F00C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/ Frame B8F5 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c92084dec60847faa5d1719a8b8c238bf82f3f1ca97a8474acd3c67e3aed419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 16:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41862
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 15:20:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 16:48:45 GMT
w_480_00001.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		437 KB
438 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
a64d96fbe3b96a8098f6a3a85358449da8921ee4e2a3c6fe08537f5cc12bb69e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 50004ba6b399efd7e9feb3e04887ccc1.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
content-length
447816
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
etag
"139ff28ec70a0fd48365e8e6b8821e6d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
jtr2COShKO77BT-bNp2odHpYfKl0tjal97YubszwS63dZ17aBXqWCg==
expires
Tue, 14 Dec 2021 13:31:07 GMT
userconnect
ih.adscale.de/ Frame 2E15 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1638279067104&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-length
149
content-type
application/javascript
crum
dsum-sec.casalemedia.com/ Frame CDAC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YaYnmrJHyWVSiueR9-xlswAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEErTSakQDB3iAJ04zvmQu2U&google_cver=1&gdpr=1
43 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEErTSakQDB3iAJ04zvmQu2U&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 30 Nov 2021 13:31:07 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEErTSakQDB3iAJ04zvmQu2U&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CDAC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENR6itnZVDK_MsplxpFc5bw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENR6itnZVDK_MsplxpFc5bw&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 30 Nov 2021 13:31:07 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENR6itnZVDK_MsplxpFc5bw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CDAC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame CDAC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G13E0KCFJ1880HZYYTJT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6SGXX0HMEMB2GT6YAKC6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaYnmrJHyWVSiueR9_xlswAABI4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame CDAC 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.198.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-198-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame CDAC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADX4k7DTE8AACrs8Z4j7g&expiration=1639488667&gdpr=1
43 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADX4k7DTE8AACrs8Z4j7g&expiration=1639488667&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 30 Nov 2021 13:31:07 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADX4k7DTE8AACrs8Z4j7g&expiration=1639488667&gdpr=1
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
tpid=YaYnmrJHyWVSiueR9-xlswAA%261166
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame CDAC 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YaYnmrJHyWVSiueR9-xlswAA%261166?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.89
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame CDAC
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bdf30f9e-094b-4ad0-9f1f-ac06e4f2d734&expiration=1669815067
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bdf30f9e-094b-4ad0-9f1f-ac06e4f2d734&expiration=1669815067
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 30 Nov 2021 13:31:07 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=bdf30f9e-094b-4ad0-9f1f-ac06e4f2d734&expiration=1669815067
date
Tue, 30 Nov 2021 13:31:07 GMT
server
Kestrel
content-length
0
um
u-ams02.e-planning.net/ Frame CDAC 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=c922bc8e0cd6dcaa&uid=YaYnmrJHyWVSiueR9-xlswAA%261166
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc922bc8e0cd6dcaa%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Huissen, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
server
openresty
content-type
image/gif
truncated
/ Frame 0F36 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
map
ih.adscale.de/ Frame 0D31 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
642c8d9eb4cfed2b7e9bafa1797bf70900ce6bafc342b2513b86823a3c4f856f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2442
new
ads3.admatic.com.tr/user/ Frame 1CC6 		170 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
b13aea80b09ae1c3e120876583965e1ac3375c12419d327d796c5bc8caa955b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
br
etag
XWsDc8zkY4MVs8zVgxP7VSaWgQu7qLGIK01nqjt5lsp7KXNdmYxKzod_ybIqIhieYuh2PLb01N58qIm57DK7Vw
last-modified
Tue, 30 Nov 2021 14:31:07 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
174
getuid
ib.adnxs.com/ Frame A9CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2a8d503763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEDDly4wgXXGyEVYS8FX9SaY&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=91d398ac-7f6e-41c8-8ab2-661a04801cce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=91d398ac-7f6e-41c8-8ab2-661a04801cce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2abdda3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=91d398ac-7f6e-41c8-8ab2-661a04801cce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame A9CC 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De...
  • https://mwzeom.zeotap.com/mw?cid=a3401812-4a01-438f-82bf-109345f37dc4&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a3401812-4a01-438f-82bf-109345f37dc4&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2a8d583763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=a3401812-4a01-438f-82bf-109345f37dc4&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame A9CC 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1638279067.245083,VS0,VE16
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4022-HHN
u
dmp.v.fwmrm.net/ad/ Frame A9CC 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f601:6e36:3d7b:dfb5:1567 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A9CC 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348baf8d-3676-45fa-7981-a09ee0c5d661%26reqId%3De36e0e16-eeab-47d0-57ce-c6e6e37af6ba%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=a35fd380-2c43-4a0f-9eaf-b0cc9c52d164&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a35fd380-2c43-4a0f-9eaf-b0cc9c52d164&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2b5fc43763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=a35fd380-2c43-4a0f-9eaf-b0cc9c52d164&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=348baf8d-3676-45fa-7981-a09ee0c5d661&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=348baf8d-3676-45fa-7981-a09ee0c5d661&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=85189389142021428331328152492691443284&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=85189389142021428331328152492691443284&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2b2f2f3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v020-0de17d954.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
FXEZye+mQa0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=85189389142021428331328152492691443284&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame A9CC 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=348baf8d-3676-45fa-7981-a09ee0c5d661&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021113014-39033-0.626495001638279070-071327524a7fdd1c21aff1446fc481f3&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021113014-39033-0.626495001638279070-071327524a7fdd1c21aff1446fc481f3&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2afe803763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021113014-39033-0.626495001638279070-071327524a7fdd1c21aff1446fc481f3&zdid=533&env=mWeb
Date
Tue, 30 Nov 2021 13:31:10 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7036355010209380492&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7036355010209380492&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2a8d533763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7036355010209380492&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame A9CC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=348baf8d-3676-45fa-7981-a09ee0c5d661
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=348baf8d-3676-45fa-7981-a09ee0c5d661
95 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=348baf8d-3676-45fa-7981-a09ee0c5d661
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=348baf8d-3676-45fa-7981-a09ee0c5d661
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=348baf8d-3676-45fa-7981-a09ee0c5d661&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=348baf8d-3676-45fa-7981-a09ee0c5d661&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=8G553TAxdx11HK1K0ydzOu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=8G553TAxdx11HK1K0ydzOu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2b2f2d3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
last-modified
Tue, 30 Nov 2021 13:31:07 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=8G553TAxdx11HK1K0ydzOu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame A9CC 		36 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=348baf8d-3676-45fa-7981-a09ee0c5d661&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.104 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=348baf8d-3676-45fa-7981-a09ee0c5d661?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=d44b7ae8a35bb59ea3ae19f74e4b7d11&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-ee...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=d44b7ae8a35bb59ea3ae19f74e4b7d11&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2afe823763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=d44b7ae8a35bb59ea3ae19f74e4b7d11&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
cache-control
no-cache
x-server
10.45.11.230
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-.ougFCJE2or3ncrxMUlNxmLUCgwvNjPouA--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-.ougFCJE2or3ncrxMUlNxmLUCgwvNjPouA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2bd93c3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 30 Nov 2021 13:31:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-.ougFCJE2or3ncrxMUlNxmLUCgwvNjPouA--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gOwCBUMoyjZMrVBiKo%2BMyfVskpdx65kE%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gOwCBUMoyjZMrVBiKo%2BMyfVskpdx65kE%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2b4f963763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=gOwCBUMoyjZMrVBiKo%2BMyfVskpdx65kE%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame A9CC 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame A9CC 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.77.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-77-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1638279067
x-served-by
beacon-n001-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame A9CC 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaYnmgAIbyCrrwBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaYnmgAIbyCrrwBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2ace1b3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1638279067.227710,VS0,VE80
x-served-by
cache-cdg20776-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YaYnmgAIbyCrrwBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=8cb861a6-279a-4200-b19e-17a801a8c721&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e1...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8cb861a6-279a-4200-b19e-17a801a8c721&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2c4abb3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=8cb861a6-279a-4200-b19e-17a801a8c721&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Tue, 30 Nov 2021 13:31:06 GMT
usermatch.gif
beacon.krxd.net/ Frame A9CC
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37a...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
34.255.77.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-77-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1638279067
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
date
Tue, 30 Nov 2021 13:31:07 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame A9CC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-798...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-798...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0ETVZ6BZZC23075NH896
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TJXPMW46ZWG4Y9PQ3N14
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=348baf8d-3676-45fa-7981-a09ee0c5d661&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=348baf8d-3676-45fa-7981-a09ee0c5d661&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2cfd693763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Tue, 30 Nov 2021 13:31:07 GMT
Connection
keep-alive
Content-Length
0
BK-Server
94f3
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame A9CC
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D348...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6b646f2c8b8c3763-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
date
Tue, 30 Nov 2021 13:31:07 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame A9CC 		557 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b4572961ec320cc2af5af5ea6f49565511fefdb44fe776f5733554b0b29c30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray
6b646f2a2c2d3763-MXP
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 30 Nov 2021 13:31:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
csync
sync.console.adtarget.com.tr/ Frame 1CC6 		0
0
match.js
js.adscale.de/ Frame 0D31 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ee00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
sGpB2t7uHJi7uS6huVTUXC5_V8qvOBTB
content-encoding
br
last-modified
Fri, 26 Nov 2021 04:01:25 GMT
server
AmazonS3
age
5381
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Tue, 30 Nov 2021 12:01:27 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
yz01rwH5a2tLiepQ8dmhMVjcRNweW7avwLABlEuTCA7rOYkU4aQP8g==
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Gizchina%22%2C%22widget_creator_screen_name%22%3A%22Gizchina%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1638279067287%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
107
pragma
no-cache
last-modified
Tue, 30 Nov 2021 13:31:07 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
44f28bd6497dacac77047a197f9a921f5f86e83adf2755164b48ad4a3b022576
x-transaction
dd8ba756f059ee96
expires
Tue, 31 Mar 1981 05:00:00 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame CE15 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-104.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 20:40:11 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
60657
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
APwDnI_fikSvarRkdldhhCTbEbvdAKdPHotYg-xblQMNq5e3WfXGEg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 4740 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Tue, 30 Nov 2021 13:31:06 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sun, 29 Nov 2026 13:31:06 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame F890 		0
0
cmp
spl.zeotap.com/ Frame A9CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b646f2aad9f3763-MXP
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D31
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=446d17122be7b5afe91246f...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
49 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 Nov 2021 13:31:06 GMT
w_480_00002.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		352 KB
353 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
84c2158a08435ead7b8af459c5b76a2cf8f7b48e9e90ae92276928776799b79d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
360208
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
etag
"d18b692704ab6f053eb48a625141ecbe"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
Mo5UFWI1XUtSKflVoLHwfUEz487dpVflykZpOkaUEolsoOMNtOkpzw==
expires
Tue, 14 Dec 2021 13:31:07 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1991
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6b646f2ab970374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 03 Dec 2021 13:31:07 GMT
GS.d
js.cookieless-data.com/ Frame 4740 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1638279067313
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
img
ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/ Frame 0D31
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccbc2c2afc9f8%2F1638279067187%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=75&tpuid=3537809648984412844&gdpr=0
49 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=75&tpuid=3537809648984412844&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
X-Proxy-Origin
185.232.23.178; 185.232.23.178; 864.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
96e771b1-e626-4f83-a19b-09b67e1e7661
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=75&tpuid=3537809648984412844&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
w_480_00003.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		369 KB
370 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
05b3bb218b9b5ba0f7459c2d71d3b2190ae70a0eeaea4f8e92b50486313a4d8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 5f0256b858eb482d76fb1e14a1b7a667.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
content-length
377880
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
etag
"9620f36cf0131c962415a74f9729a907"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
AOnIPzYGyP-ZNLHhvpngeL9B-kfsjmoOgvQyZFSeBzSDheTKlT3Dtg==
expires
Tue, 14 Dec 2021 13:31:07 GMT
icon
onesignal.com/api/v1/apps/028ff5ba-9563-498b-8771-488cb54a1b94/ 		250 B
640 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/028ff5ba-9563-498b-8771-488cb54a1b94/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d099b9eeb08e1f2532e8b6c8317ba4b6135b9b2bdb5aad734be13bccc172bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
x-envoy-upstream-service-time
10
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
579dab07-0243-46ff-b059-1ad7d7114aea
x-runtime
0.007936
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"e8d099b9eeb08e1f2532e8b6c8317ba4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6b646f2b5eae0e26-MXP
access-control-allow-headers
SDK-Version
w_480_00004.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		440 KB
441 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
235399d879da3f6c26d63a8a2349568bbe2d4c89f574c9f350daa65fd1d054e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"21a2e7ff9aa0d2c74645e6d14afb3575"
content-type
video/mp2t
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
450824
x-amz-cf-id
_7kvVZt7bC6jcgImxuZNzo1bZCAh4ys4OzApHBQL4ficHTFLxFykoA==
x-proxy-cache
HIT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D31
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=fb4eef475dd970664941184a5...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YaYnmrJHyWVSiueR9-xlswAA%261166
49 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YaYnmrJHyWVSiueR9-xlswAA%261166
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YaYnmrJHyWVSiueR9-xlswAA%261166
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Tue, 30 Nov 2021 13:31:07 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame DF45 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2C22388914533%2Fgizchinamedia&description_url=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&env=vp&correlator=3887785837215362&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Duwgxnm&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=965826125&sdk_apis=2%2C8&sid=34060DEC-09DE-4A57-B601-FA137D6D7586&nel=1&eid=44725356&url=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&dlt=1638279064870&idt=2387&dt=1638279067480&scor=379294505055138&ged=ve4_td2_tt0_pd2_la2000_er943.-1980.1096.-1680_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/ Frame 0D31
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=64dca53dbb264611b53487f2c50d3fea3dc9b54f938ccbf240588f8f46a9c396&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f840200482f98fccb...
  • https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=42&gdpr=0&tpuid=2019882195564126656
49 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=42&gdpr=0&tpuid=2019882195564126656
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
nginx
location
https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/img?tpid=42&gdpr=0&tpuid=2019882195564126656
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
w_480_00005.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		393 KB
393 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
b35da386711f632b307255514073beddde663f827e51a0a8d086fc72384e758f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 dfc3a7bfbc818f103aa0634d79f28907.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"203b8ba2250ea434c9b599d4eb2e847f"
content-type
video/mp2t
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:07 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
401944
x-amz-cf-id
76S6Wst0GjaGMaU9Ksxhn7cyJVy5fenndy4OKvWfkeDIohXXXqaq8A==
x-proxy-cache
HIT
khaos.jpg
token.rubiconproject.com/ Frame AFC0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D31
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b1d24a0f-5400-4381-951e-dd656bea29f5&gdpr=0
49 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b1d24a0f-5400-4381-951e-dd656bea29f5&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b1d24a0f-5400-4381-951e-dd656bea29f5&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
13015783
content-length
0
expires
Tue, 30 Nov 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0D31
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=85bceb02c9bbd5730f7fbf95...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
49 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 Nov 2021 13:31:06 GMT
js
ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/ Frame 0D31
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=e95c2168ac94a6b4603a25d510bb7ffcfe117a0a40905fd2ca3fab8fd494a8e3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f84020048...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=e95c2168ac94a6b4603a25d510bb7ffcfe117a0a40905fd2ca3fab8fd494a8e3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fdcc93f84020048...
  • https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/js?tpid=48&tpuid=a9d099a4214015057c09b4bea1b14156
44 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/js?tpid=48&tpuid=a9d099a4214015057c09b4bea1b14156
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
248e7cef393c77b681b12f5dd254f6c8ecc6299e52736137b9087879cefbb4cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Tue, 30 Nov 2021 13:31:07 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/dcc93f840200482f98fccbc2c2afc9f8/1638279067187/0/js?tpid=48&tpuid=a9d099a4214015057c09b4bea1b14156
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gizchina.com%2F&domain=www.gizchina.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.gizchina.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1544
date
Tue, 30 Nov 2021 13:31:07 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame A469
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.gizchina.com%2F&domain=www.gizchina.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=_OFoOnxhQ2VpbzIzeU5NR1RjaHBvZWZJYnpNQ2UzK1dSalhVT2lGa2RPbDlORWVacCtJbnJ2K3N6SmFETnhFMFBlcmNDVGw1TlllaThNTzcyZFN4Z1hzUGRWNnpTYllDd2dFUzlqeS9PYTBPM3ozNmpPZFYzd2RGOTNGZD...
414 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_OFoOnxhQ2VpbzIzeU5NR1RjaHBvZWZJYnpNQ2UzK1dSalhVT2lGa2RPbDlORWVacCtJbnJ2K3N6SmFETnhFMFBlcmNDVGw1TlllaThNTzcyZFN4Z1hzUGRWNnpTYllDd2dFUzlqeS9PYTBPM3ozNmpPZFYzd2RGOTNGZDdiMTRoNmw2cFIxYUUrdmIzVHIxTjZ2cFVQQ2s0eHlPb0owWkRYcU41bUVjTjBKOHR2Vk9WV2JUZUphMVNMd2QrZ3lqWm8zUUNRWHd6QmxETkhIem5POWgvNWlnVnFVUm01d3VnT3NZejlZNEI5eXZWTDIvNytjY0c5a1pJbk5MWjg0N3RTZ2FYVy9aWU9BRExSQkgxYmJQcnAxL1pVUT09fA&cppv=2
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
77f636d6b6bde765475d251a01547f342308db87cde49bb487bedc513bb3495a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 30 Nov 2021 13:31:07 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3156
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 30 Nov 2021 13:31:06 GMT
location
https://mug.criteo.com/sid?cpp=_OFoOnxhQ2VpbzIzeU5NR1RjaHBvZWZJYnpNQ2UzK1dSalhVT2lGa2RPbDlORWVacCtJbnJ2K3N6SmFETnhFMFBlcmNDVGw1TlllaThNTzcyZFN4Z1hzUGRWNnpTYllDd2dFUzlqeS9PYTBPM3ozNmpPZFYzd2RGOTNGZDdiMTRoNmw2cFIxYUUrdmIzVHIxTjZ2cFVQQ2s0eHlPb0owWkRYcU41bUVjTjBKOHR2Vk9WV2JUZUphMVNMd2QrZ3lqWm8zUUNRWHd6QmxETkhIem5POWgvNWlnVnFVUm01d3VnT3NZejlZNEI5eXZWTDIvNytjY0c5a1pJbk5MWjg0N3RTZ2FYVy9aWU9BRExSQkgxYmJQcnAxL1pVUT09fA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2226
content-length
541
expires
0
212.json
id5-sync.com/g/v2/ Frame A469 		213 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
cb776b64279e66f63061277a1c2d142d259775f3ec15ce50e0d6de30322b7b57
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.gizchina.com
Date
Tue, 30 Nov 2021 13:30:59 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame A469 		63 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b23f230af837b69e07f63b9296a62e5fdb353e10a0b81497a54267ed70464507

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache
x-server
10.45.31.22
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame A469 		108 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e21c9fbea6305d792f2a7c6550a05bbac283969cd048e0011f39792e4068fe40

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gizchina.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 30 Dec 2021 13:31:07 GMT
pd
u.openx.net/w/1.0/ Frame 7BC3 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.221.0
date
Tue, 30 Nov 2021 13:31:07 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.html
eus.rubiconproject.com/ Frame FFEC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Nov 2021 13:31:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 06CB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=32733
expires
Tue, 30 Nov 2021 22:36:40 GMT
date
Tue, 30 Nov 2021 13:31:07 GMT
vary
Accept-Encoding
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame A469 		85 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1638279068.723009,VS0,VE81
x-served-by
cache-cdg20776-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame A469
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3401812-4a01-438f-82bf-109345f37dc4&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3401812-4a01-438f-82bf-109345f37dc4&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3401812-4a01-438f-82bf-109345f37dc4&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
/
c1.adform.net/serving/cookie/match/ Frame A469
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e01649d92dab3c91715b2736ef317b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e910c_7036355014487191137
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTAxNjQ5ZDkyZGFiM2M5MTcxNWIyNzM2ZWYzMTdi&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB0oCP1qzOfNk6K9124XPp8&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=a3401812-4a01-438f-82bf-109345f37dc4
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3537809648984412844
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/e01649d92dab3c91715b2736ef317b?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-T3NMtApE2oP7MGLf6rMIGYCyLiBIU8kkjHl4cBpf~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8cb861a6-279a-4200-b19e-17a801a8c721&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=IyRqB4rS1MS3dW5&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YaYnmgAIbyCrrwBR&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADX4k7DTE8AACrs8Z4j7g&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
0
0
sync
ups.analytics.yahoo.com/ups/57304/ Frame A469
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBjNTEwNjQ4MS01MWUxLTExZWMtOWQ2NS0wNmQyOTA1YzRlMjI%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEOT9AVnKSkWPQrkaOc9WngI&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOT9AVnKSkWPQrkaOc9WngI&google_cver=1&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOT9AVnKSkWPQrkaOc9WngI&google_cver=1&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOT9AVnKSkWPQrkaOc9WngI&google_cver=1&apid=UPc5106481-51e1-11ec-9d65-06d2905c4e22
date
Tue, 30 Nov 2021 13:31:07 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame FFEC 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 13:31:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41144
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9511
Expires
Wed, 01 Dec 2021 00:56:51 GMT
305861_289877234370194_1070394448_n-Custom.jpg
www.gizchina.com/wp-content/uploads/images/2017/10/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gizchina.com/wp-content/uploads/images/2017/10/305861_289877234370194_1070394448_n-Custom.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2fbb3f22ea03d0d1d145d916f36cd24a9085bc16f55bc439d796950abd3af605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
x-b3-traceid
3890eb090ded431288c22ef091c4febd
x-cache
HIT, HIT
fastly-io-info
ifsz=12160 idim=198x198 ifmt=jpeg ofsz=4520 odim=198x198 ofmt=webp
mrf-cache-status
HH
fastly-stats
io=1
content-length
4520
x-served-by
cache-lcy19249-LCY, cache-hhn4041-HHN
x-b3-traceid-primal
72f0d0d14f554170a369deca4fa634d4
mrf-tech
CDN
server
nginx/1.18.0 (Ubuntu)
x-timer
S1638279068.771035,VS0,VE1
etag
"yRdyWNSmEClHBkUXlyaq/2VFh7ivq47LK4//l7f1wR4"
vary
Accept, User-Agent
content-type
image/webp
cache-control
public, max-age=8640000, stale-if-error=2592000
accept-ranges
bytes
x-cache-hits
1, 1
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_OFoOnxhQ2VpbzIzeU5NR1RjaHBvZWZJYnpNQ2UzK1dSalhVT2lGa2RPbDlORWVacCtJbnJ2K3N6SmFETnhFMFBlcmNDVGw1TlllaThNTzcyZFN4Z1hzUGRWNnpTYllDd2dFUzlqeS9PYTBPM3ozNmpPZFYzd2RGOTNGZDdiMTRoNmw2cFIxYUUrdmIzVHIxTjZ2cFVQQ2s0eHlPb0owWkRYcU41bUVjTjBKOHR2Vk9WV2JUZUphMVNMd2QrZ3lqWm8zUUNRWHd6QmxETkhIem5POWgvNWlnVnFVUm01d3VnT3NZejlZNEI5eXZWTDIvNytjY0c5a1pJbk5MWjg0N3RTZ2FYVy9aWU9BRExSQkgxYmJQcnAxL1pVUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1075
date
Tue, 30 Nov 2021 13:31:06 GMT
content-encoding
gzip
vary
Accept-Encoding
sium
ih.adscale.de/ Frame 0D31 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Tue, 30 Nov 2021 13:31:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PUNQUWZZq0yQUWZZq0yBY0FCQxVOQwNDZ0FBQUFBSF9BQUNcUUFBQVF2QUcNTyM4Z0M3RXNwR1RuTxgiVVFJq3JDUTZBVUFGRxFNTFJGWVFNpzqjMyZ3RS1iSVqBQ0UkQVJaUxFarEJSZ3qDQUFRQ0FKQ0yaSxFEq1FDSUFcQVFBQWqCVWqJUUFFYxFJTEFDq01BZ0FGQU5DrEFcZ0NFQ1FarU9DomVUQWqJn1qcZ25mpxFFo085nyRDRU1mp0FLQyJsUyVZQ0cRZ2qXQzgKQ3qwrHqCSUNYQ3yRTE1BQUFBLyyBQUFEX2qBQUFBQSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmODI3OTA2Nmx4MSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWE2Mwp5OTRuOGE5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:07 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
user
ads3.admatic.com.tr/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=2D8KdaMDemH14jZUwRbTX52L&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:07 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
SPug
simage4.pubmatic.com/AdServer/ Frame 1D49 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ingest.php
events.newsroom.bi/ 		0
721 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=152
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.96.92.40.188.clients.your-server.de
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarylGA8UJvePcp7IOjF

Response headers

date
Tue, 30 Nov 2021 13:31:10 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
https://www.gizchina.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
json
trc.taboola.com/gizchina/trc/3/ 		31 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gizchina/trc/3/json?tim=13%3A31%3A10.612&lti=deflated&data=%7B%22id%22%3A785%2C%22ii%22%3A%22%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1638095859232%2C%22vi%22%3A1638279070610%2C%22cv%22%3A%2220211128-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPQfYwIPQfYwIAcABBENB3CgAAAAAH_AACiQAAAQvAJMNS8gC7EscGTaNKoUQIwrCQ6AUAFFAMLRFYQMrgp2VwE-oIWACE1ARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEoO9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXCyQLMAAAA.YAAAD_gAAAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4784%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2849.421875%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c43d1ca02109aa005d95502b6efe866ff8be5487d368c43fb84cb14928d6c919

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
222
date
Tue, 30 Nov 2021 13:31:10 GMT
content-encoding
gzip
server
nginx
x-timer
S1638279071.621833,VS0,VE222
x-served-by
cache-hhn4022-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding
gzip
etag
"103abcd7af0ff73c2bca84d874ada0e2"
age
4554
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6020
x-amz-id-2
TUREJRwSbK6Q1BNR6xICMOwpvDMUm57IF+r2FPbLNLC4b1vdZ9ZULmOO1ptghCn/6oRpDoLfA4A=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 30 Nov 2021 12:15:08 GMT
server
AmazonS3
x-timer
S1638279071.865708,VS0,VE0
date
Tue, 30 Nov 2021 13:31:10 GMT
vary
Accept-Encoding
x-amz-request-id
X26H3EV1KCN6X8EV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
20
x-cache-hits
5753
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding
gzip
etag
"44e0fb48ae5c8af459ee8102bcc39ee7"
age
4551
x-cache
HIT
x-amz-replication-status
PENDING
content-length
702
x-amz-id-2
r/4tneBbgsI6k4fD9QbVcOCaDx4GWZb6wGAC+1TwkSAzetCjj4GYXVcGx60DmHlHm2LpyNY/FO8=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 30 Nov 2021 12:15:07 GMT
server
AmazonS3
x-timer
S1638279071.865693,VS0,VE0
date
Tue, 30 Nov 2021 13:31:10 GMT
vary
Accept-Encoding
x-amz-request-id
67RVR3QNBVTG6FKS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
20
x-cache-hits
5801
tb
15.taboola.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=gizchina&unitType=59&tbloc=&pageType=text&pstn=Slider%20-%20Video&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&encoded=1&uid=1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1638279070889&tagid=&cntry=DE&platform=1&sesid=b4f150f2ca3c394833df93eeb863bd3e&itemid=/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights&viewid=1638279070610&geolat=&geoing=&deviceifa=&appid=&sd=v2_b4f150f2ca3c394833df93eeb863bd3e_1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a_1638279070_1638279070_CNawjgYQu5ZSGJKHq4jXLyABKAMwODib4wlAiIoQSMbb2ANQouwQWAFgAGiQmMHcuKuioghwAA&ri=761da75ad4b048d4810d043e33d150a6&appname=&cdb=CPQfYwIPQfYwIAcABBENB3CgAAAAAH_AACiQAAAQvAJMNS8gC7EscGTaNKoUQIwrCQ6AUAFFAMLRFYQMrgp2VwE-oIWACE1ARgRAgxBRgwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignsrAEoO9jTCEMssAKBR_RUYCJQggWBkJCwcxwBICXCyQLMAAAA.YAAAD_gAAAAA&gdprApplies=true&rid=&sii=-7021643872363806294&oee=true&tpubid=1346363&uis=3&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NW&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8361482d526bffe67959ce2eca02297e409e48540a66d67114b3506fdbf1260c

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Nov 2021 13:31:10 GMT
content-encoding
gzip
access-control-allow-origin
https://www.gizchina.com
machineid
1448
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4022-HHN
pragma
no-cache
server
nginx
x-timer
S1638279071.900017,VS0,VE12
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20211128-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211128-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gizchina/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
310b28ac061650c615b0a70e171769f70c625e04a4e89bbe0d8bc892c12031ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
j6RR9k9xDD6e3JhlqBxutZDrhzxM_xLA
content-encoding
gzip
etag
"3975f9fa5c9a4811ab218a3ceab46050"
age
12927
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5340
x-amz-id-2
SiifHfHNZxJX4lzeYWHOy8ugXAuCBMG4WjDBn4utbjFDt8S+ESmRrM3o1jfx3ddU+06Avc05GHE=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 30 Nov 2021 09:55:40 GMT
server
AmazonS3
x-timer
S1638279071.893689,VS0,VE0
date
Tue, 30 Nov 2021 13:31:10 GMT
vary
Accept-Encoding
x-amz-request-id
5ZJDC50D41WPNCMP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
20
x-cache-hits
7784
explore-more.20211128-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20211128-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gizchina/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24fe7e4c353937e55ac1ee80c4f95679b9beaac602601dfbd1e32b30ae7699f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
yE8Rz7uK3uWE6ss.aai1zalnRNphrhgE
content-encoding
gzip
etag
"c218c3ded6ddb42821307897bd74d494"
age
12881
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4436
x-amz-id-2
jgK7udpKXm/rDYmcP8BT3n2BnN9ke+2bigc1RNozZ6wjsKbQbZ1U4b6OPL/qITWaU8JdiFvihCY=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 30 Nov 2021 09:56:25 GMT
server
AmazonS3
x-timer
S1638279071.894235,VS0,VE0
date
Tue, 30 Nov 2021 13:31:10 GMT
vary
Accept-Encoding
x-amz-request-id
M7EEYJPVC324425X
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
20
x-cache-hits
3152
feed-card-placeholder.20211128-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20211128-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gizchina/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
491a1930b3803b2f1119633f96c7742fd1c65cf19da4faf488bf0f0fb3bef92c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
401rPxwxWWV5pSFuHnD5mgfUwpNIekEP
content-encoding
gzip
etag
"2cbcaba2901ff301d0ae16038d599fb2"
age
12884
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
Ti6f6EAnoHubbmu7kAzQootpQfdjbLkJwPmq3YUwdMkI7VoWt16H3ZpCGfUL/+DM2Iz+/GDhOg0=
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 30 Nov 2021 09:56:22 GMT
server
AmazonS3
x-timer
S1638279071.895557,VS0,VE0
date
Tue, 30 Nov 2021 13:31:10 GMT
vary
Accept-Encoding
x-amz-request-id
7JHWGSD98C2FY2WH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
20
x-cache-hits
10827
abtests
trc.taboola.com/gizchina/log/3/ 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/gizchina/log/3/abtests?route=AM:AM:V&lti=deflated&ri=761da75ad4b048d4810d043e33d150a6&sd=v2_b4f150f2ca3c394833df93eeb863bd3e_1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a_1638279070_1638279070_CNawjgYQu5ZSGJKHq4jXLyABKAMwODib4wlAiIoQSMbb2ANQouwQWAFgAGiQmMHcuKuioghwAA&ui=1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a&pi=/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights&wi=-7021643872363806294&pt=text&vi=1638279070610&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1638279070950%7D&tim=13%3A31%3A10.951&id=2798&llvl=2&cv=20211128-3-RELEASE&
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 30 Nov 2021 13:31:10 GMT
via
1.1 varnish
server
nginx
x-timer
S1638279071.959946,VS0,VE9
x-served-by
cache-hhn4022-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
UnitSliderDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitSliderDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c26bee9cd1dc3d869a9f22a80b04da4168c84f3d315754b11cf3687471397c3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:10 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront), 1.1 varnish
age
1689175
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
23245
x-served-by
cache-hhn4022-HHN
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1638279071.979640,VS0,VE1
etag
"f334d02862e5d4ab3201b31651bfb08f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
D9JT0N-SidgkHUlR3-oMRu2r7I0o0QYTkbJhKWblY5AKWjej6wQzpw==
x-cache-hits
1
497443b63ec997a4c446d3c751d9970c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/497443b63ec997a4c446d3c751d9970c.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
863609a81e34160098711637ee2ce0901c77002f51432a91511a801df73985c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 30 Nov 2021 13:31:10 GMT
via
1.1 varnish, 1.1 varnish
age
4067101
edge-cache-tag
479673172897681819399237338885909140132,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
40
expiration
expiry-date="Sun, 07 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/497443b63ec997a4c446d3c751d9970c.jpg
content-length
6764
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 07 Oct 2021 08:41:56 GMT
server
nginx
x-timer
S1638279071.974783,VS0,VE0
etag
"94ae277734880ac050c1d4c1beb2d5c6"
x-served-by
cache-wdc5559-WDC, cache-dca17778-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
df491b89bf9c9edac969a0f8e8337a5d.png
images.taboola.com/taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_608,y_422/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_608,y_422/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df491b89bf9c9edac969a0f8e8337a5d.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c192b6fbf8ae52bb04230586b02b61d023938de1fc5a4bac1e4c51243f309a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Nov 2021 13:31:10 GMT
via
1.1 varnish, 1.1 varnish
age
2174353
edge-cache-tag
313038210174247909551237719530611423220,534204711576517018506359162574474127338,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
157
expiration
expiry-date="Fri, 19 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/h_350,w_420,c_fill,g_xy_center,x_608,y_422/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df491b89bf9c9edac969a0f8e8337a5d.png
content-length
21160
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 19 Oct 2021 04:05:15 GMT
server
nginx
x-timer
S1638279071.974832,VS0,VE1
etag
"dedb2b6781dedb6aa7fe64b90f232237"
x-served-by
cache-wdc5557-WDC, cache-dca17739-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
Windows-11-5-1024x576.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/Windows-11-5-1024x576.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb8839656901d4464df62f258158d1e41d17c0c2bd7ff79ad69d7dc180194eb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
87
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
239674
edge-cache-tag
562636878721991923275275781924629851941,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
414
expiration
expiry-date="Tue, 07 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/Windows-11-5-1024x576.jpg
content-length
33338
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sat, 06 Nov 2021 04:39:11 GMT
server
nginx
x-timer
S1638279071.974683,VS0,VE87
etag
"3fdec6726261091e35e5855a4a12b5c4"
x-served-by
cache-dca17777-DCA, cache-dca17751-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
Windows1120-1024x576.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/Windows1120-1024x576.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a270a38160dfdfc802f1bc2b64384c3b6119de93c6a51e62bbdfb50b9f95488c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
88
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
239674
edge-cache-tag
549315418867328519416160867657456218689,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
881
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/Windows1120-1024x576.jpg
content-length
30186
x-request-id
e2a1fd9f8df0d2f9207f9bc020256259
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sat, 20 Nov 2021 06:29:42 GMT
server
nginx
x-timer
S1638279071.975028,VS0,VE88
etag
"e7746d9e8c878131d8aa1d860b839a4e"
x-served-by
cache-dca17723-DCA, cache-dca12924-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
Windows-11-1-1024x683.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/08/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/08/Windows-11-1-1024x683.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0610ac1924543e5285c7ee0244307f951d3087fef517f07c835d864f3ab75076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
87
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
1382
edge-cache-tag
404590172409935854045200379795185889220,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
230
expiration
expiry-date="Tue, 07 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/08/Windows-11-1-1024x683.jpg
content-length
23026
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 06 Nov 2021 04:39:11 GMT
server
nginx
x-timer
S1638279071.978334,VS0,VE87
etag
"6199dc7a040c86cc3cd9bff5cb5be43c"
x-served-by
cache-bwi5073-BWI, cache-dca17727-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
Infinix-Zero-5G-1024x576.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/Infinix-Zero-5G-1024x576.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07d7ce022e9a903ec91e296c05367023e26f1dfe0f85a6491cbc360a67448dfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
88
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
180334
edge-cache-tag
617167158654684798864109929354126072843,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
611
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/Infinix-Zero-5G-1024x576.jpg
content-length
12490
x-request-id
9bcd6c31b0bde8728e6e01303c9d4e90
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 26 Nov 2021 17:22:03 GMT
server
nginx
x-timer
S1638279071.979757,VS0,VE88
etag
"ef7236f76d464c04a229c3e5069ab47e"
x-served-by
cache-dca17776-DCA, cache-dca17767-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
Android-apps-on-windows.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/01/Android-apps-on-windows.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffc342b2bced57b337cad25f5434b3589d10b247ee95a2bf01ed3729f702d354

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
856
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
312230375525649699883160712040564346097,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
700
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/01/Android-apps-on-windows.jpg
content-length
18410
x-request-id
01c1c2a49f1b63e4cc4c87d30412bb0b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sat, 06 Nov 2021 02:51:01 GMT
server
nginx
x-timer
S1638279071.984290,VS0,VE856
etag
"0a154c7d3afe18c75e4c26da26bc12f1"
x-served-by
cache-wdc5538-WDC, cache-dca17738-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
Windows-Defender-1024x566.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/Windows-Defender-1024x566.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6cdce03d929deeb6af96621ad618d2dab6ecec046decf16a677ca9c8f1992e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Nov 2021 13:31:10 GMT
via
1.1 varnish, 1.1 varnish
age
77762
edge-cache-tag
435842714023473390136142149516077156767,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
351
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/Windows-Defender-1024x566.jpg
content-length
5290
x-request-id
3160d6374869230d27c36bd1e941b5fc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 29 Nov 2021 11:24:38 GMT
server
nginx
x-timer
S1638279071.989606,VS0,VE1
etag
"7154992b65f68961362666f31643680b"
x-served-by
cache-dca17774-DCA, cache-dca17734-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Oppo-Reno7-SE-1-1024x572.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/Oppo-Reno7-SE-1-1024x572.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c05ef9cae85ff6dbeeb4c1f8421e20110047baa8f129cec66ae3d213600e2acc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
86
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
1382
edge-cache-tag
464657104983737879814401597655650993644,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
177
expiration
expiry-date="Tue, 14 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/11/Oppo-Reno7-SE-1-1024x572.png
content-length
8628
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 13 Nov 2021 20:03:41 GMT
server
nginx
x-timer
S1638279071.999404,VS0,VE86
etag
"a230736d1fad4922bbfe02d80f772c76"
x-served-by
cache-bwi5045-BWI, cache-dca17775-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
Mi-10-launch.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/03/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/03/Mi-10-launch.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f328af734b7a2385de7eb9df88725cae8f10a2ca1a0042853a606402e406f54b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
1027958
edge-cache-tag
386711582838261164825929792445719063074,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
280
expiration
expiry-date="Sun, 21 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/03/Mi-10-launch.jpg
content-length
17594
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Thu, 21 Oct 2021 09:40:45 GMT
server
nginx
x-timer
S1638279071.071950,VS0,VE2
etag
"6d23315664297001b27fd9b8d3daf9d9"
x-served-by
cache-bwi5070-BWI, cache-dca17743-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
497443b63ec997a4c446d3c751d9970c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/497443b63ec997a4c446d3c751d9970c.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9cb59c4e6ff7d01a1c82e3a985fc33319dc1c536c4586cc72ae476f6223dcd3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
3040887
edge-cache-tag
479673172897681819399237338885909140132,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
97
x-envoy-upstream-service-time
140
expiration
expiry-date="Sun, 07 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/497443b63ec997a4c446d3c751d9970c.jpg
content-length
12952
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Thu, 07 Oct 2021 10:26:28 GMT
server
nginx
x-timer
S1638279071.096458,VS0,VE0
etag
"5fd25ea87d4ad26603fd7ccca9890291"
x-served-by
cache-wdc5558-WDC, cache-dca12929-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
df491b89bf9c9edac969a0f8e8337a5d.png
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_608,y_422/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_608,y_422/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df491b89bf9c9edac969a0f8e8337a5d.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38eb48b02fd1a86a2e7ddeb5651e1fbc3131d12ffde7183c5456be4e82d9de57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
1449638
edge-cache-tag
313038210174247909551237719530611423220,450667505147894098081303123472958735970,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
409
expiration
expiry-date="Fri, 19 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_608,y_422/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df491b89bf9c9edac969a0f8e8337a5d.png
content-length
44968
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 19 Oct 2021 05:42:04 GMT
server
nginx
x-timer
S1638279071.096672,VS0,VE1
etag
"fb9b4cba6e1b4fb6f4a4a0b613a60dc0"
x-served-by
cache-bwi5065-BWI, cache-dca12924-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
Windows-11-4-1024x576.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/Windows-11-4-1024x576.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb9300d534c1c874d133621fe94359cddaa410cb186899a56454d290bada166b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
249
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
1381
edge-cache-tag
555519854778756531507943631046088727549,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
908
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2021/06/Windows-11-4-1024x576.jpg
content-length
10974
x-request-id
d8a5b48fc7aa7311b1fda565ec5f4b1e
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Sun, 31 Oct 2021 16:14:14 GMT
server
nginx
x-timer
S1638279071.096789,VS0,VE249
etag
"ecb76acb59de0514d0088ba5c2c7a1af"
x-served-by
cache-bwi5062-BWI, cache-dca17756-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
MIUI13-2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/11/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/11/MIUI13-2.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a507145372ddb2cea3cc17b18c4cb33514c00931fa902d143ef0ea0f04b3feaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
146
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
47056
edge-cache-tag
414881996242346102779106307399524604551,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
166
expiration
expiry-date="Mon, 29 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/11/MIUI13-2.jpg
content-length
5054
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 29 Oct 2021 03:54:36 GMT
server
nginx
x-timer
S1638279071.096923,VS0,VE146
etag
"607d6f939092c5e3f67a49d05cc645df"
x-served-by
cache-dca17758-DCA, cache-dca17774-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
7a195214717e77641aaf024e1eb139bf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a195214717e77641aaf024e1eb139bf.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0204f86586d1eb5bfa5ff05a92b9464cfb873913bed511e4db8e90b181aa25e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
3750517
edge-cache-tag
519195973858999311292900124756826519703,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
expiration
expiry-date="Sat, 23 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a195214717e77641aaf024e1eb139bf.jpg
content-length
11182
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Wed, 22 Sep 2021 04:25:33 GMT
server
nginx
x-timer
S1638279071.105738,VS0,VE1
etag
"70ce24c0a47c7f8766e20447adf1e200"
x-served-by
cache-wdc5531-WDC, cache-dca17771-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
575380a611a1b1a51e5665b589e222ff.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/575380a611a1b1a51e5665b589e222ff.jpeg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f86c81e72a4983f653f3d4381ff29b362a75986d0e1751f0088f171b1f26fb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
1050429
edge-cache-tag
521761599676762255994637316472572635184,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
111
expiration
expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/575380a611a1b1a51e5665b589e222ff.jpeg
content-length
13838
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 11 Nov 2021 11:02:52 GMT
server
nginx
x-timer
S1638279071.113574,VS0,VE16
etag
"344a27fbedeb2f593c1c23507295f198"
x-served-by
cache-wdc5554-WDC, cache-dca17745-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 269
windows-10-blue-logo-header.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/01/windows-10-blue-logo-header.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa0be0bd905b4343bb7059d2c47a33f356c59dda6918a7324e5f9887df105e85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
86
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
1380
edge-cache-tag
609230488155397510532598038623194751088,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1864
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/01/windows-10-blue-logo-header.jpg
content-length
3678
x-request-id
494321406c4f1c1f95b264b30ed71f1f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 09 Nov 2021 02:53:08 GMT
server
nginx
x-timer
S1638279071.119026,VS0,VE86
etag
"be4102e6b941b7721fb8109832e4a211"
x-served-by
cache-bwi5048-BWI, cache-dca17760-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
Surface-Go-with-Windows-10X-1024x629.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/02/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/02/Surface-Go-with-Windows-10X-1024x629.jpg
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9595ecc4a0f440524a3eeeb8e3e3800bb6f42693fb10682fc14ce74582826b2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish, 1.1 varnish
age
414564
edge-cache-tag
296067449155933910752581770980399846848,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
264
expiration
expiry-date="Sun, 28 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.gizchina.com/wp-content/uploads/images/2020/02/Surface-Go-with-Windows-10X-1024x629.jpg
content-length
25946
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Thu, 28 Oct 2021 16:01:08 GMT
server
nginx
x-timer
S1638279071.121757,VS0,VE89
etag
"6512c09e83a5453b2cd11307a13b45c4"
x-served-by
cache-bwi5054-BWI, cache-dca17765-DCA, cache-hhn4022-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
bulk
trc.taboola.com/gizchina/log/3/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gizchina/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211128-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 30 Nov 2021 13:31:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1638279072.958202,VS0,VE10
x-served-by
cache-hhn4022-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
20664
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
zqMTRpifsl7n57rrmbauTpy15dj75+/Yr9THvoBu2iu20NuAVBrIbTIB+OLFF3ceJPrHp0hsBJU=
x-served-by
cache-hhn4022-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1638279072.013543,VS0,VE0
date
Tue, 30 Nov 2021 13:31:12 GMT
x-amz-request-id
PDAX0NJ0ZCYB7FMQ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
20
x-cache-hits
9891
sync
odr.mookie1.com/t/v2/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&ssp=admatic&gdpr=&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&ssp=admatic&gdpr=&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:13 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&ssp=admatic&gdpr=&gdpr_consent=
Date
Tue, 30 Nov 2021 13:31:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
user
ads3.admatic.com.tr/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d695850d-b0f2-534e-848b-69bee52d4e1f&ssp=admatic&expires=30&user_group=1
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:13 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:13 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9Q1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM4Mwp5MDpmOTU1JaVcZD1TZWgcozRiU1BfYXyypwYkYTYlNmx5NGE4YTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:13 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9Q1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM4Mwp5MDpmOTtkJaVcZD1TZWgcozRiU1BfYXyypwYkYTYlNmx5NGE4YTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:13 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:14 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A469 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1638279074554&pKey=797043818&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.gizchina.com%2F&playerSize=320x180&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.gizchina.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1638279074551024-580
Expires
Tue, 30 Nov 2021 13:31:14 GMT
translator
hbopenbid.pubmatic.com/ Frame A469 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
date
Tue, 30 Nov 2021 13:31:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
avjp
primis-d.openx.net/v/1.0/ Frame A469 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=15c60270-877c-42d1-94e8-2dc15c650f7f&nocache=1638279074558&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=320&vht=180&aumfs=3500
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:14 GMT
via
1.1 google
server
OXGW/16.221.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gizchina.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
adx.adform.net/adx/ Frame A469 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame A469 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 Nov 2021 13:31:14 GMT
X-SpotX-Timing-Transform
0.000779
X-SpotX-Timing-SpotMarket
0.005654
X-SpotX-Timing-Page-Mux
0.000403
X-SpotX-Timing-Page-Require
0.000473
X-fe
109
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.012528
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000417
Last-Modified
Tue, 30 Nov 2021 13:31:14 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005654
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gizchina.com
X-SpotX-Timing-Page-Misc
0.004767
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A469 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.15.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-15-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
01f9efc7139994a0005055032497b7b9caa76a64f72aff8a886f0169961b86fd

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:14 GMT
content-encoding
gzip
x-prebid
pbs-java/1.79.0
content-type
application/json
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
liveInternalSsp.php
live.primis.tech/live/ Frame A469 		25 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0EmMwAyMxMyMwJbZWyanHQyMwIyM0EkODAyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMTt1LwImMv4lMl4kNmtyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JTIlJTJDJTIloGF0JTIlJTNBJTIlNTAhMTA0OSUlMvUlQlUlMzkiovUlMvUmQSUlMwthNwI5NSUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phZ2y6Y2ucozEhY29gJTJGMwAlMSUlRwEkJTJGMwQyMxZuLW5yql12qWkhZXJuYzyfnXR5LWyhLXqcozRiq3MgoWFeZXMgnXQgZWFmrS10ol1aZXQgYWRgnW4gpzyanHRmJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQSUlMvUlMvUlQlUlMzFjpFZypaNco24yMwIyM0EyMwIyMwIyMxMyMwJlZWZypaJypvUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYyMwIyMxMyMwJaZHBlJTIlJTNBMSUlQlUlMzqxpHJDo25mZW50JTIlJTNBJTIlQ1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJTIlJTJDJTIlnXNXZVBup3NHZHBlJTIlJTNBMCUlQlUlMzNwpGEyMwIyM0EjJTJDJTIlY2NjYUNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJxo21unW4yMwIyM0EyMwJ3q3phZ2y6Y2ucozEhY29gJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MWE2Mwp5OGRvY2MkJTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0E5ODQ4MSUlQlUlMaB1Yzkcp2uypxyxJTIlJTNBMwp3NTpyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMwp3NTpyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyMxMyMwJlZWqco24yMwIyM0EyMwJFVSUlMvUlQlUlMzNuoXBunWqhplUlMvUmQSU3QvUlMwY5NDxlJTIlJTNBJTqCJTIlqHJuY2gypvUlMvUmQSUlMzNuoXBunWqhRaJypUNupCUmRDAyMwUlRwAyMwZwYW1jYWyaoxyxJTNENwx0OTIyMwZmpGFwZTJBZEyxJTNEMTM3MmQ3MDMyMwIyMxMyMwJjpzVvnWROp3NjSW5xZXtyMwIyM0EjJTJDJTIlp3BuY2UlQWRJZCUlMvUmQSUlMwEmNmM0NmAmJTIlJTJDJTIlZGVuoCUlMvUmQSU3QvUlMzymUaRvRGVuoCUlMvUmQTAyMxMyMwJlqGJEZWFfSWQyMwIyM0EyMwIyMwIyMxMyMwJlqGJTZWF0SWQyMwIyM0EyMwIyMwIyN0QyMxMyMwJlqGJXU2VuqCUlMvUmQSUlMvUlMvUlQlUlMzNuoXBunWqhSWQyMwIyM0E2OTQ5MvUlQlUlMzNuoXBunWqhU2NipGUyMwIyM0EyMwJjqWJfnWMyMwIyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMwx0NmUyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzyxZzkio3IyMwIyM0EmLwUyMxMyMwJvYXNyRzkio3IyMwIyM0EmLwUyMxMyMwJyrHQyMwIyM0EyN0IyMwJjYXJ0ozVlJTIlJTNBJTIlOTIyMwIyMxMyMwJlZXZTnGFlZSUlMvUmQSUlMwEhMDAyMwIyN0QyMxMyMwJlZWZypzVhY2VJZCUlMvUmQTElJTqEJTqEJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwE5LTI1JTIlJTJDJTIlSUFCMTxyMwIyMxMyMwJJQUImLTQyMwIyMxMyMwJJQUIkOS00JTIlJTVEJTJDJTIlpGkuY2VgZW50Q2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyMxMyMwJwo250ZW50Y2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:13 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
openrtb
ads.adaptv.advertising.com/rtb/ Frame A469 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame A469 		171 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:14 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQmJaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PUNQUWZZq0yQUWZZq0yBY0FCQxVOQwNDZ0FBQUFBSF9BQUNcUUFBQVF2QUcNTyM4Z0M3RXNwR1RuTxgiVVFJq3JDUTZBVUFGRxFNTFJGWVFNpzqjMyZ3RS1iSVqBQ0UkQVJaUxFarEJSZ3qDQUFRQ0FKQ0yaSxFEq1FDSUFcQVFBQWqCVWqJUUFFYxFJTEFDq01BZ0FGQU5DrEFcZ0NFQ1FarU9DomVUQWqJn1qcZ25mpxFFo085nyRDRU1mp0FLQyJsUyVZQ0cRZ2qXQzgKQ3qwrHqCSUNYQ3yRTE1BQUFBLyyBQUFEX2qBQUFBQSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmODI3OTA3NDUmMSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWE2Mwp5OTRuOGE5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:14 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame 7B66 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 30 Nov 2021 07:36:34 GMT
expires
Wed, 30 Nov 2022 07:36:34 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
21280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixels
pix.spot.im/api/v1/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_RpYbjIoo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-11.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CF0D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 12:35:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 30 Nov 2021 13:35:06 GMT
v2rtqWdIEviK59U8IW9vX92CqxMZHpgeyiZpsS9ZmDiirQL9mcV184vlVa_lDPXEac3RipJdCQT_Ax1HoQA
scientificshirt.com/ 		216 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scientificshirt.com/v2rtqWdIEviK59U8IW9vX92CqxMZHpgeyiZpsS9ZmDiirQL9mcV184vlVa_lDPXEac3RipJdCQT_Ax1HoQA
Requested by
Host: scientificshirt.com
URL: https://scientificshirt.com/v2/0/dms-Wz9n017qNF14oo1PlZqDwKtKeYr2oAKeb9ZsCd4vO3HTTowp8kJNW4ow_81H6Anphre7cGCqvUqL1xUAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
b14bf966ec935d70646e743d42a51c52626b3d9c12137ebba6a3910b0b3a663e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Tue, 30 Nov 2021 13:31:15 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
0586a9fb
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Tue, 30 Nov 2021 13:31:14 GMT
v2yjuEr7NsGnWoJRPpwegcv1v_x9L5e9z9GgSGRP4P3tlag1l7lKYLy0bNUJxx5h3RUgqRuRKaOoFmt7r9A
scientificshirt.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scientificshirt.com/v2yjuEr7NsGnWoJRPpwegcv1v_x9L5e9z9GgSGRP4P3tlag1l7lKYLy0bNUJxx5h3RUgqRuRKaOoFmt7r9A
Requested by
Host: scientificshirt.com
URL: https://scientificshirt.com/v2/0/dms-Wz9n017qNF14oo1PlZqDwKtKeYr2oAKeb9ZsCd4vO3HTTowp8kJNW4ow_81H6Anphre7cGCqvUqL1xUAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Tue, 30 Nov 2021 13:31:15 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
x-hostname
0586a9fb
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
ads
pagead2.googlesyndication.com/gampad/ Frame 7B66 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2C22388914533%2Fgizchinamedia&description_url=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&env=vp&correlator=1660337472464990&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Duwgxnm&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=965826125&sdk_apis=2%2C8&sid=34060DEC-09DE-4A57-B601-FA137D6D7586&nel=1&eid=44725356&url=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&dlt=1638279064870&idt=10345&dt=1638279075519&scor=459873716357807&ged=ve4_td11_tt9_pd11_la11000_er943.-1980.1096.-1680_vi0.0.1200.1600_vp0_ts9_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:16 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
ads.adaptv.advertising.com/rtb/ Frame A469 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
v1
prg.smartadserver.com/prebid/ Frame A469 		171 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:15 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
avjp
primis-d.openx.net/v/1.0/ Frame A469 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f57db8d0-b49b-47e7-8382-a99cc0992c05&nocache=1638279076006&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=320&vht=180&aumfs=3500
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:16 GMT
via
1.1 google
server
OXGW/16.221.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gizchina.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame A469 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 Nov 2021 13:31:16 GMT
X-SpotX-Timing-Transform
0.000945
X-SpotX-Timing-SpotMarket
0.006475
X-SpotX-Timing-Page-Mux
0.000261
X-SpotX-Timing-Page-Require
0.000318
X-fe
079
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.011123
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000277
Last-Modified
Tue, 30 Nov 2021 13:31:16 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006475
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gizchina.com
X-SpotX-Timing-Page-Misc
0.002810
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame A469 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
liveInternalSsp.php
live.primis.tech/live/ Frame A469 		25 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0EmMwAyMxMyMwJbZWyanHQyMwIyM0EkODAyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMTt1LwImMv4lMl4kNmtyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JTIlJTJDJTIloGF0JTIlJTNBJTIlNTAhMTA0OSUlMvUlQlUlMzkiovUlMvUmQSUlMwthNwI5NSUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phZ2y6Y2ucozEhY29gJTJGMwAlMSUlRwEkJTJGMwQyMxZuLW5yql12qWkhZXJuYzyfnXR5LWyhLXqcozRiq3MgoWFeZXMgnXQgZWFmrS10ol1aZXQgYWRgnW4gpzyanHRmJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQSUlMvUlMvUlQlUlMzFjpFZypaNco24yMwIyM0EyMwIyMwIyMxMyMwJlZWZypaJypvUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYyMwIyMxMyMwJaZHBlJTIlJTNBMSUlQlUlMzqxpHJDo25mZW50JTIlJTNBJTIlQ1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJTIlJTJDJTIlnXNXZVBup3NHZHBlJTIlJTNBMCUlQlUlMzNwpGEyMwIyM0EjJTJDJTIlY2NjYUNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJxo21unW4yMwIyM0EyMwJ3q3phZ2y6Y2ucozEhY29gJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MWE2Mwp5OGRvY2MkJTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0E5ODQ4MSUlQlUlMaB1Yzkcp2uypxyxJTIlJTNBMwp3NTpyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMwp3NTpyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyMxMyMwJlZWqco24yMwIyM0EyMwJFVSUlMvUlQlUlMzNuoXBunWqhplUlMvUmQSU3QvUlMwY5NDxlJTIlJTNBJTqCJTIlqHJuY2gypvUlMvUmQSUlMzNuoXBunWqhRaJypUNupCUmRDAyMwUlRwAyMwZwYW1jYWyaoxyxJTNENwx0OTIyMwZmpGFwZTJBZEyxJTNEMTM3MmQ3MDMyMwIyMxMyMwJjpzVvnWROp3NjSW5xZXtyMwIyM0EjJTJDJTIlp3BuY2UlQWRJZCUlMvUmQSUlMwEmNmM0NmAmJTIlJTJDJTIlZGVuoCUlMvUmQSU3QvUlMzymUaRvRGVuoCUlMvUmQTAyMxMyMwJlqGJEZWFfSWQyMwIyM0EyMwIyMwIyMxMyMwJlqGJTZWF0SWQyMwIyM0EyMwIyMwIyN0QyMxMyMwJlqGJXU2VuqCUlMvUmQSUlMvUlMvUlQlUlMzNuoXBunWqhSWQyMwIyM0E2OTQ5MvUlQlUlMzNuoXBunWqhU2NipGUyMwIyM0EyMwJjqWJfnWMyMwIyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMwx0NmUyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzyxZzkio3IyMwIyM0EmLwUyMxMyMwJvYXNyRzkio3IyMwIyM0EmLwUyMxMyMwJyrHQyMwIyM0EyN0IyMwJjYXJ0ozVlJTIlJTNBJTIlOTIyMwIyMxMyMwJlZXZTnGFlZSUlMvUmQSUlMwEhMDAyMwIyN0QyMxMyMwJlZWZypzVhY2VJZCUlMvUmQTElJTqEJTqEJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwE5LTI1JTIlJTJDJTIlSUFCMTxyMwIyMxMyMwJJQUImLTQyMwIyMxMyMwJJQUIkOS00JTIlJTVEJTJDJTIlpGkuY2VgZW50Q2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyMxMyMwJwo250ZW50Y2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:16 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A469 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1638279076008&pKey=797098444&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.gizchina.com%2F&playerSize=320x180&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:16 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.gizchina.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1638279076151077-541
Expires
Tue, 30 Nov 2021 13:31:16 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A469 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.15.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-15-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
eb24d450440c4147dda5521341c26b18e0248d275055b325b7692f82cde2060b

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:16 GMT
content-encoding
gzip
x-prebid
pbs-java/1.79.0
content-type
application/json
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
translator
hbopenbid.pubmatic.com/ Frame A469 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
date
Tue, 30 Nov 2021 13:31:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM4Mwp5MDY1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTE2MwM4NTpzrD0mMwAzrT0kODAzoXN0YT0kMDp5MmM4MlZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5anXcwnGyhYS5wo20zp3VvSWQ9q3q3LzqcrzNbnW5uLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTt1LwImMv4lMl4kNmtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWE2Mwp5OGRvY2MkJaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PUNQUWZZq0yQUWZZq0yBY0FCQxVOQwNDZ0FBQUFBSF9BQUNcUUFBQVF2QUcNTyM4Z0M3RXNwR1RuTxgiVVFJq3JDUTZBVUFGRxFNTFJGWVFNpzqjMyZ3RS1iSVqBQ0UkQVJaUxFarEJSZ3qDQUFRQ0FKQ0yaSxFEq1FDSUFcQVFBQWqCVWqJUUFFYxFJTEFDq01BZ0FGQU5DrEFcZ0NFQ1FarU9DomVUQWqJn1qcZ25mpxFFo085nyRDRU1mp0FLQyJsUyVZQ0cRZ2qXQzgKQ3qwrHqCSUNYQ3yRTE1BQUFBLyyBQUFEX2qBQUFBQSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmODI3OTA3NwAjMvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWE2Mwp5OTRuOGE5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:15 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame 2000 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 30 Nov 2021 07:36:34 GMT
expires
Wed, 30 Nov 2022 07:36:34 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
21282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 35B7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 12:35:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 30 Nov 2021 13:35:06 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 2000 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2C22388914533%2Fgizchinamedia&description_url=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&env=vp&correlator=2521971297007529&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Duwgxnm&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=965826125&sdk_apis=2%2C8&sid=34060DEC-09DE-4A57-B601-FA137D6D7586&nel=1&eid=44725356&url=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&dlt=1638279064870&idt=11595&dt=1638279076881&scor=4289716300995991&ged=ve4_td12_tt10_pd12_la12000_er943.-1980.1096.-1680_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vid5f746a9b7f690617123080_thumb.jpg
video.primis.tech/uploads/cn17/video/users/converted/24271/video1511883989/ Frame F5C0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn17/video/users/converted/24271/video1511883989/vid5f746a9b7f690617123080_thumb.jpg?cbuster=1617610073
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
fa4fb5356329f1df868237bd98106d7f0acc959574e65f98593e89c2211e706c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:16 GMT
via
1.1 558f7ecd43929b77c262a9b755d6b164.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:26:39 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"272e90fd1f77877d57fbff6ce7e3d636"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:16 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4086
x-amz-cf-id
NLekZHiYOCu9aSxAeqyLDGNMRQqNjIfJzMK5g6d5HX5cRgIYCK_jQQ==
x-proxy-cache
HIT
vid5f7d11e10a63c847723013_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/24271/video1511883989/ Frame F5C0 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn19/video/users/converted/24271/video1511883989/vid5f7d11e10a63c847723013_thumb.jpg?cbuster=1617610073
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
63b930e7e2714515dd58421e7a945c89d75c07f3300252fd25c595d890d49aba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:16 GMT
via
1.1 5f0256b858eb482d76fb1e14a1b7a667.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:22:29 GMT
server
Tengine
x-amz-cf-pop
WAW50-C1
etag
"dce93fa12d26f806bd21e66444796593"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:16 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3492
x-amz-cf-id
0nZVBZzb_q6LuBf-owG8DrJOa6t0jYKuAQKYNClW2nDdxObfwV-B4Q==
x-proxy-cache
HIT
vid5fa12d4c19ae1053808445_thumb.jpg
video.primis.tech/uploads/cn3/video/users/converted/24271/video1511883989/ Frame F5C0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn3/video/users/converted/24271/video1511883989/vid5fa12d4c19ae1053808445_thumb.jpg?cbuster=1617610073
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
3d3214413a2c1ed9ed224a5bbff4138df7a9bd4a6437544beada425b57380cea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:16 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 18:01:34 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"20f447a3168e7809cf1007ab953308e0"
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Dec 2021 13:31:16 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1133
x-amz-cf-id
39XhQdCuWQs6g1o1fXW6Py0tHY7iSgVDNLoTEu3Cka8B4Yown17rHw==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTE2JaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MCZmqGE9MTA3OTMmODMzrD0mMwAzrT0kODAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0kMwE5NTUkJz1yZGyuUGkurUkcp3RJZD00NDYlJz1yZGyuTGymqEyxPTMkNDIzY29hqGVhqE1uqGNbVHyjZT0znXNFrGNfqWRyRaJioU9jqD0jJzqxpHI9MSZaZHBlQ29hp2VhqD1DUFFzWXqJUFFzWXqJQWNBQxJFTxImQ2qBQUFBQUusQUFDnVFBQUFRqxFKTU5TOGqDN0VmY0qUYU5Lo1VRSXqlQ1E2QVVBRxZBTUkSRyyRTXJapDJWq0Ugo0yXQUNFMUFSZ1JBZ3uCUzq3Q0FBUUNBSxNJZ0cBRHqRQ0yBnUFRQUFaQyVaSVFBRWJBSUkBQ3qNQWqBRxFOQ3uBnWqDRUNRZ3yPQ281VEFaSWgXnWqhp3JBRW9POWcUQ0VNp3NBS0JSX1JVWUNKUWqaV0JeSxN3Y3u3QxyDWEN5UUkNQUFBQS5ZQUFBRF9aQUFBQUEznXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmtlNmxjNmY5MwQzqWyxPVNyn2yhZG9TUGkurWVlNwFuNwI3OTx0YTuuOSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phZ2y6Y2ucozEhY29gJTJGMwAlMSUlRwEkJTJGMwQyMxZuLW5yql12qWkhZXJuYzyfnXR5LWyhLXqcozRiq3MgoWFeZXMgnXQgZWFmrS10ol1aZXQgYWRgnW4gpzyanHRmJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:15 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
user
ads3.admatic.com.tr/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2019882195564126656&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:18 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:17 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
ingest.php
events.newsroom.bi/ 		0
721 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=152
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.96.92.40.188.clients.your-server.de
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAZBAQbUYfV6bKVea

Response headers

date
Tue, 30 Nov 2021 13:31:20 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
https://www.gizchina.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9Q1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM4Mwp5MDtkOTU2JaVcZD1TZWgcozRiU1BfYXyypwYkYTYlNmx5NGE4YTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:21 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9Q1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM4Mwp5MDtkOTtkJaVcZD1TZWgcozRiU1BfYXyypwYkYTYlNmx5NGE4YTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:21 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
w_480_00006.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		342 KB
343 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00006.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
84386ed9a7f573a8f6cf2d0bc2f9f0f687cfe210efe0ba84989d70114851b497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:22 GMT
via
1.1 184f5b3ebeb6aa0f7b93900fc50720c4.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
content-length
350620
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
etag
"cfe4380381ebdd12bbd534be86b1115e"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
9pHICIkLD0i22xNBjhjYZlRati2KbYbXo7Dgsbr49xAYl_Y6TDhSZQ==
expires
Tue, 14 Dec 2021 13:31:22 GMT
user
ads3.admatic.com.tr/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=4cba4d96448f4d2d8985c6c6e00eb3f3&ssp=admatic&bsw_param=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:23 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:22 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame A469 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 Nov 2021 13:31:27 GMT
X-SpotX-Timing-Transform
0.000249
X-SpotX-Timing-SpotMarket
0.005645
X-SpotX-Timing-Page-Mux
0.000800
X-SpotX-Timing-Page-Require
0.000795
X-fe
090
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000017
X-SpotX-Timing-Page
0.011709
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000319
Last-Modified
Tue, 30 Nov 2021 13:31:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005645
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.gizchina.com
X-SpotX-Timing-Page-Misc
0.003870
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame A469 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A469 		67 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1638279087954&pKey=798060556&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.gizchina.com%2F&playerSize=320x180&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 30 Nov 2021 13:31:28 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.gizchina.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1638279088164029-541
Expires
Tue, 30 Nov 2021 13:31:28 GMT
avjp
primis-d.openx.net/v/1.0/ Frame A469 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d64e2f8d-122e-4afe-983a-7bee74f26552&nocache=1638279087955&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C27757%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=320&vht=180&aumfs=3500
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:27 GMT
via
1.1 google
server
OXGW/16.221.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.gizchina.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame A469 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
date
Tue, 30 Nov 2021 13:31:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame A469 		171 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:27 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
liveInternalSsp.php
live.primis.tech/live/ Frame A469 		25 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0EmMwAyMxMyMwJbZWyanHQyMwIyM0EkODAyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlMTt1LwImMv4lMl4kNmtyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JTIlJTJDJTIloGF0JTIlJTNBJTIlNTAhMTA0OSUlMvUlQlUlMzkiovUlMvUmQSUlMwthNwI5NSUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phZ2y6Y2ucozEhY29gJTJGMwAlMSUlRwEkJTJGMwQyMxZuLW5yql12qWkhZXJuYzyfnXR5LWyhLXqcozRiq3MgoWFeZXMgnXQgZWFmrS10ol1aZXQgYWRgnW4gpzyanHRmJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQSUlMvUlMvUlQlUlMzFjpFZypaNco24yMwIyM0EyMwIyMwIyMxMyMwJlZWZypaJypvUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvUlMvUlQlUlMaBuZ2UyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYyMwIyMxMyMwJaZHBlJTIlJTNBMSUlQlUlMzqxpHJDo25mZW50JTIlJTNBJTIlQ1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJTIlJTJDJTIlnXNXZVBup3NHZHBlJTIlJTNBMCUlQlUlMzNwpGEyMwIyM0EjJTJDJTIlY2NjYUNioaNyoaQyMwIyM0EyMwIyMwIyMxMyMwJxo21unW4yMwIyM0EyMwJ3q3phZ2y6Y2ucozEhY29gJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MWE2Mwp5OGRvY2MkJTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0E5ODQ4MSUlQlUlMaB1Yzkcp2uypxyxJTIlJTNBMwp3NTpyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMwp3NTpyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyMxMyMwJlZWqco24yMwIyM0EyMwJFVSUlMvUlQlUlMzNuoXBunWqhplUlMvUmQSU3QvUlMwY5NDxlJTIlJTNBJTqCJTIlqHJuY2gypvUlMvUmQSUlMzNuoXBunWqhRaJypUNupCUmRDAyMwUlRwAyMwZwYW1jYWyaoxyxJTNENwx0OTIyMwZmpGFwZTJBZEyxJTNEMTM3MmQ3MDMyMwIyMxMyMwJjpzVvnWROp3NjSW5xZXtyMwIyM0EjJTJDJTIlp3BuY2UlQWRJZCUlMvUmQSUlMwEmNmM0NmAmJTIlJTJDJTIlZGVuoCUlMvUmQSU3QvUlMzymUaRvRGVuoCUlMvUmQTAyMxMyMwJlqGJEZWFfSWQyMwIyM0EyMwIyMwIyMxMyMwJlqGJTZWF0SWQyMwIyM0EyMwIyMwIyN0QyMxMyMwJlqGJXU2VuqCUlMvUmQSUlMvUlMvUlQlUlMzNuoXBunWqhSWQyMwIyM0E2OTQ5MvUlQlUlMzNuoXBunWqhU2NipGUyMwIyM0EyMwJjqWJfnWMyMwIyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMwx0NmUyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzyxZzkio3IyMwIyM0EmLwUyMxMyMwJvYXNyRzkio3IyMwIyM0EmLwUyMxMyMwJyrHQyMwIyM0EyN0IyMwJjYXJ0ozVlJTIlJTNBJTIlOTIyMwIyMxMyMwJlZXZTnGFlZSUlMvUmQSUlMwEhMDAyMwIyN0QyMxMyMwJlZWZypzVhY2VJZCUlMvUmQTElJTqEJTqEJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwE5LTI1JTIlJTJDJTIlSUFCMTxyMwIyMxMyMwJJQUImLTQyMwIyMxMyMwJJQUIkOS00JTIlJTVEJTJDJTIlpGkuY2VgZW50Q2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyMxMyMwJwo250ZW50Y2F0JTIlJTNBJTVCJTIlSUFCMTxyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:27 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.gizchina.com
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
openrtb
ads.adaptv.advertising.com/rtb/ Frame A469 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A469 		173 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.15.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-15-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ed71e8493474da34e874b1b1b4aa69c02346b33be8d4d2cf9d23f82a2ec5dbbb

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:27 GMT
content-encoding
gzip
x-prebid
pbs-java/1.79.0
content-type
application/json
access-control-allow-origin
https://www.gizchina.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM4Mwp5MDY1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTM2NDM0ODtzrD0mMwAzrT0kODAzoXN0YT0kMDp5MmM4MlZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXq3ql5anXcwnGyhYS5wo20zp3VvSWQ9q3q3LzqcrzNbnW5uLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTt1LwImMv4lMl4kNmtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTYhMC40NwY0LwQ1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MWE2Mwp5OGRvY2MkJaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PUNQUWZZq0yQUWZZq0yBY0FCQxVOQwNDZ0FBQUFBSF9BQUNcUUFBQVF2QUcNTyM4Z0M3RXNwR1RuTxgiVVFJq3JDUTZBVUFGRxFNTFJGWVFNpzqjMyZ3RS1iSVqBQ0UkQVJaUxFarEJSZ3qDQUFRQ0FKQ0yaSxFEq1FDSUFcQVFBQWqCVWqJUUFFYxFJTEFDq01BZ0FGQU5DrEFcZ0NFQ1FarU9DomVUQWqJn1qcZ25mpxFFo085nyRDRU1mp0FLQyJsUyVZQ0cRZ2qXQzgKQ3qwrHqCSUNYQ3yRTE1BQUFBLyyBQUFEX2qBQUFBQSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmODI3OTA4Nmx0NlZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWE2Mwp5OTRuOGE5JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5anXcwnGyhYS5wo20yMxYlMDIkJTJGMTEyMxYlNCUlRzEgozV3LXZ1oG5ypzFvnWkcqHxgnW4gq2yhZG93pl1gYWgypl1cqC1yYXN5LXRiLWqyqC1uZG1cov1lnWqbqHMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:27 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gizchina.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 30 Nov 2021 13:31:27 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://www.gizchina.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
user
ads3.admatic.com.tr/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=33a55655-568c-44aa-a61e-52d54381ee9c&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:28 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:28 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
w_480_00007.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		439 KB
440 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00007.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
9b76d2a9256021674e57c636538a27ef408bb435799548a18a5b906fd9ef6b38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:28 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efd.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
449320
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
etag
"745fc1bb4c88bde648c0ec5eee352127"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
aQyOZfDM3rFdqIgAdgDjfrcEQdY7pXVKfDOc1_Tyzp-BtewERtNuAw==
expires
Tue, 14 Dec 2021 13:31:28 GMT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9Q1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM4Mwp5MDt5OTU1JaVcZD1TZWgcozRiU1BfYXyypwYkYTYlNmx5NGE4YTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:29 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTYmODI3OTA2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9OTt0ODEzp3RuPTAzrD0mMDAzrT0lNTAzqzyxX3Bup3NEo21unW49q3q3LzqcrzNbnW5uLzNioSZmqWJJZD13q3phZ2y6Y2ucozEhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kODUhMwMlLwImLwE3OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYTYlNmx4ZGJwYmEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9Q1BRZyy3SVBRZyy3SUFwQUJCRU5CM0NaQUFBQUFIX0FBQ2yRQUFBUXZBSx1OUmuaQmqFp2NHVGFOS29VUUy3pxNRNxFVQUZGQU1MUxZZUU1lZ3AlVaqFLW9JV0FDRTFBUzqSQWq4QyJaq0NBQVFDQUcDSWqKQUR3UUNJQWyBUUFBZ0JVZ0yRQUVvQUyMQUN3TUFaQUZBTxN4QWyaQ0VDUWq5T0NiNVRBZ0yeV2yaoaNlQUViTmydVENFTXNmQUgCUy9SVVyDSyFaZ1qCn0cDq2N4q0JJQ1uDrVFMTUFBQUEhWUFBQURsZ0FBQUFBJzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM4Mwp5MDt5OTtkJaVcZD1TZWgcozRiU1BfYXyypwYkYTYlNmx5NGE4YTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzqcrzNbnW5uLzNioSUlRwIjMwEyMxYkMSUlRwI0JTJGYS1hZXpgqaVfozVlYWJcoGy0rS1cov13nW5xo3qmLW1un2VmLWy0LWVup3xgqG8gZ2V0LWFxoWyhLXJcZ2u0plUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: www.gizchina.com
URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 13:31:29 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
user
ads3.admatic.com.tr/ Frame 1CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=a...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:32 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Tue, 30 Nov 2021 13:31:32 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
w_480_00008.ts
video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/ 		71 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn6/video/users/hls/24271/video1511883989/vid5fe1cc30dd4b9623651071.mp4/w_480_00008.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
194.146.38.187 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gizchina.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 13:31:35 GMT
via
1.1 11feb51f1ab40a62989608642e908bf8.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
content-length
72380
last-modified
Wed, 18 Aug 2021 04:09:22 GMT
server
Tengine
etag
"8072166cc136a1aff3e28a18980e9262"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
ktIV47uaI81XZfBcoTlJPyHgWSd5ORLKuGDomRlF3caZpLGe5RKhFw==
expires
Tue, 14 Dec 2021 13:31:35 GMT
ingest.php
events.newsroom.bi/ 		0
721 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=152
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.96.92.40.188.clients.your-server.de
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gizchina.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryIp6GYB5tchhYAYuR

Response headers

date
Tue, 30 Nov 2021 13:31:35 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
https://www.gizchina.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=3537809648984412844
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-0ty0Wy9E2uFSiU489vCKyu50WRcRZJU1~A~UPc5106481-51e1-11ec-9d65-06d2905c4e22
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=c518328b-51e1-11ec-8c76-14604df00306
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LWxjPeUloTxw30t7JdVf&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=
Domain
sync.spotim.market
URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=30EFFF7F-519A-48F9-8EFC-601CD31DD006
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=ba6af80bca1948a5b17711b873a4940a
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=S4gbyz1dqx1HTvgHG1T4HKiY7tP-SiFLgcosNJgnVLbXU_g9ui7DciBOK3-zAmIGkg_qklVCrqlH4I5JucS85A
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AAJtHMwYrF8jFKvD
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer object| marfeel object| mrf object| googletag object| gptAdSlots object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| gptConstants function| init function| injectIframe function| fileExists function| addScript object| adsbygoogle object| protag object| _wpemojiSettings undefined| $ function| jQuery object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| _taboola function| documentInitOneSignal function| OneSignal function| e function| t function| jsonFeed object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent873 object| wp object| twemoji object| gaplugins object| gaGlobal object| gaData object| FB object| ggeac object| google_js_reporting_queue object| TRC object| _tblConsole undefined| msg object| _comscore object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| __SPOTIM__ object| process object| regeneratorRuntime string| OW_AD_UNIT_TYPE object| __OPEN_WEB__ string| __SPOTIM_PAGE_VIEW_ID__ object| __OW_FLAGS__ object| webpackChunkads boolean| __OW_STANDALONE_SCRIPT_RUN__ object| gapi object| ___jsl number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| anOptions boolean| jQueryScriptOutputted function| initJQuery boolean| mrf_resized object| instant_search object| addComment function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| Waypoint object| vw_main_js function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar object| ajax_object object| _stq function| st_go function| linktracker_init object| wpcom undefined| $$SPOTIM_VID$$ string| $$SPOTIM_BID$$ string| google_user_agent_client_hint function| __tcfapi object| otStubData function| admiral function| 4dm1r11545242527 object| __twttrll object| twttr object| __twttr function| google_sa_impl object| googleToken object| googleIMState function| udm_ object| ns_p object| COMSCORE object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow string| protag_matomo_domain string| protag_matomo_SiteID function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| SPOTIM object| __OW_AD_OPS_CONFIG__ number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 boolean| sekindoFlowingPlayerOn function| owActionQueue object| otIabModule object| Optanon object| OneTrust object| freewheelssp_cache number| google_global_correlator object| closure_lm_372517 number| taboola_view_id string| prop object| placementData string| nam number| _cm_wfCounter object| cmTag

144 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=YF7UZU-qlLnfE5jS0SEhH8fEEgwW-OdSZYLfj5cLXsuspVWyd_Q5jfRnmEkaw_zbjdxKGgRpyWW99_1T2XNsFuJJlMN5bNlBhmMNUkilA4OE2J0Yzz7GbaxeQ0_oqid6yt1p0t2aDiHXsOKNRQHjxNCvnpHE5Pj_aBGGA-KiO8E
.gizchina.com/ Name: _ga
Value: GA1.2.791184729.1638279065
.gizchina.com/ Name: _gid
Value: GA1.2.1785727065.1638279065
.gizchina.com/ Name: _gat_gtag_UA_17866076_1
Value: 1
.gizchina.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1638279065%2C%22currentVisitStarted%22%3A1638279065%2C%22sessionId%22%3A%227257e84a-2969-4cd4-a423-d3d684907c5e%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/%22%2C%22referrer%22%3A%22%22%7D
.gizchina.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1638279065%2C%22userId%22%3A%228101b77f-3f4a-419c-9350-bfa5ceba9db8%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1638279065%2C%22timesVisited%22%3A1%7D
.gizchina.com/ Name: compass_uid
Value: 8101b77f-3f4a-419c-9350-bfa5ceba9db8
events.newsroom.bi/ Name: 152_u
Value: 8101b77f-3f4a-419c-9350-bfa5ceba9db8
events.newsroom.bi/ Name: 152_s
Value: 7257e84a-2969-4cd4-a423-d3d684907c5e
.gizchina.com/ Name: spotim_visitId
Value: {%22creationDate%22:%222021-11-30T13:31:05.160Z%22%2C%22duration%22:0}
.youtube.com/ Name: YSC
Value: V6Y-dD8rRKo
.scorecardresearch.com/ Name: UID
Value: 1N85NSNIURBWAVZQZ1CZSPg1638279065
.advertising.com/ Name: APID
Value: UPc5106481-51e1-11ec-9d65-06d2905c4e22
.adnxs.com/ Name: uuid2
Value: 3537809648984412844
.facebook.com/ Name: fr
Value: 0DHWcUOXfDSJXqjrE..BhpieZ...1.0.BhpieZ.
.spotxchange.com/ Name: audience
Value: c518328b-51e1-11ec-8c76-14604df00306
.yahoo.com/ Name: A3
Value: d=AQABBJonpmECEPUEZnm1k-4X55R9DETN7uwFEgEBAQF5p2GwYQAAAAAA_eMAAA&S=AQAAAm2I-NTdoyjYF4HS2r3V4XM
.casalemedia.com/ Name: CMID
Value: YaYnmrJHyWVSiueR9-xlswAA
.casalemedia.com/ Name: CMPS
Value: 5205
.yahoo.com/ Name: APID
Value: UPc5106481-51e1-11ec-9d65-06d2905c4e22
www.gizchina.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.casalemedia.com/ Name: CMPRO
Value: 1166
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 30EFFF7F-519A-48F9-8EFC-601CD31DD006
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156758:2
.pubmatic.com/ Name: DPSync3
Value: 1638316800%3A174%7C1639440000%3A201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1639094400%3A63%7C1638835200%3A2_15_223%7C1639526400%3A35%7C1640822400%3A203%7C1639440000%3A204_54_88_8_99_230_71_165_176_7_234_166_21_13_56_222_220_3_55_22_189_238_161_81
ads.stickyadstv.com/ Name: UID
Value: e01649d92dab3c91715b2736ef317b
.creativecdn.com/ Name: u
Value: LWxjPeUloTxw30t7JdVf
.creativecdn.com/ Name: ts
Value: 1638279066
ads.us.e-planning.net/ Name: CT
Value: 1
.taboola.com/ Name: t_gid
Value: 1be99ef1-5545-4629-83b7-5322508e3565-tuct89fad1a
.adfarm1.adition.com/ Name: UserID1
Value: 7036355010209380492
.e-planning.net/ Name: E
Value: AAJtHMwYrF8jFKvD
.erne.co/ Name: u
Value: 2D8KdaMDemH14jZUwRbTX52L
.mathtag.com/ Name: uuid
Value: 8cb861a6-279a-4200-b19e-17a801a8c721
.simpli.fi/ Name: suid
Value: C6089B4A63BD41C49223FB0F7F3966AD
.onaudience.com/ Name: cookie
Value: 0fd6cc87efceb9fd
.onaudience.com/ Name: done_redirects104
Value: 1
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid2
Value: 1.5123252113624498794
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7036355010209380492
.pubmatic.com/ Name: PUBMDCID
Value: 3
www.gizchina.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Nov+30+2021+13%3A31%3A06+GMT%2B0000+(GMT)&version=6.13.0&hosts=&landingPath=https%3A%2F%2Fwww.gizchina.com%2F2021%2F11%2F24%2Fa-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights%2F&groups=STACK1%3A0%2CSTACK42%3A0
.quantserve.com/ Name: d
Value: EIgBCwHsJPijAA
.quantserve.com/ Name: mc
Value: 61a6279a-a6cae-bdbbd-04dcc
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3537809648984412844
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-2D8KdaMDemH14jZUwRbTX52L
.adform.net/ Name: uid
Value: 2019882195564126656
.adsrvr.org/ Name: TDID
Value: a3401812-4a01-438f-82bf-109345f37dc4
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5123252113624498794
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YaYnmgAIbyCrrwBR
.bidr.io/ Name: bito
Value: AADX4k7DTE8AACrs8Z4j7g
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YaYnmgAIbyCrrwBR&KRTB&22978-YaYnmgAIbyCrrwBR&KRTB&23194-YaYnmgAIbyCrrwBR&KRTB&23209-YaYnmgAIbyCrrwBR
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7&KRTB&16736-uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7&KRTB&23019-uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7&KRTB&23114-uid:34b561a6-279a-4f00-9ccd-99be3f4a14a7
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003%22%7D
.bidswitch.net/ Name: tuuid
Value: c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2
.bidswitch.net/ Name: c
Value: 1638279066
.bidswitch.net/ Name: tuuid_lu
Value: 1638279066
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-NdLpkTHUscYugr7EYoalxWeB6sMu07zDYID40lLL&KRTB&19420-NdLpkTHUscYugr7EYoalxWeB6sMu07zDYID40lLL&KRTB&22979-NdLpkTHUscYugr7EYoalxWeB6sMu07zDYID40lLL
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2019882195564126656&KRTB&23263-2019882195564126656
.doubleclick.net/ Name: IDE
Value: AHWqTUmvj8AM-0qv6kMhYOrn2LBDE39KGlhtGhIWYYZIxW3CeWwQWc1izbmcZzGn_hk
.turn.com/ Name: uid
Value: 3441792153787669051
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-2594938c-3a08-48f7-8f72-f074d2a94ed8-003
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a3401812-4a01-438f-82bf-109345f37dc4&KRTB&22918-a3401812-4a01-438f-82bf-109345f37dc4&KRTB&23031-a3401812-4a01-438f-82bf-109345f37dc4
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJ0pBymUW_Cm94gs_RzF790&KRTB&16514-CAESEJ0pBymUW_Cm94gs_RzF790&KRTB&23025-CAESEJ0pBymUW_Cm94gs_RzF790
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3441792153787669051
.adscale.de/ Name: uu
Value: ba6af80bca1948a5b17711b873a4940a
ads.playground.xyz/ Name: connect.sid
Value: s%3A8GUXXsAQ67VgCvurPoZRKcTREIbX97mP.nlJOgOnCR9T0F3cgcUzgsbrJ8SHnDjTsfR4cRxvFOM4
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d44b7ae8a35bb59ea3ae19f74e4b7d11
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDExSTJPTLVINDZNSjK1TE00Tkw1tEwzN0kFiqcYGjIAQeIy9VkgGgoAbHoLOQ%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXKY%2BC0hBAQAWQAHJ"
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.onaudience.com/ Name: done_redirects147
Value: 1
ads.avct.cloud/ Name: uuid
Value: cfd292ba-918e-4099-80a9-f354261b9e70
.tribalfusion.com/ Name: ANON_ID
Value: aOnseFSyZaRGRT8vnQXfQx57CjTfCxGwgWZdrFm7crsZckrjfSrYQIsZcTMXdAbkI0qoNZcynFBWZbyEXVFIvMZbJUa
.onaudience.com/ Name: done_redirects219
Value: 1
.casalemedia.com/ Name: CMST
Value: YaYnmmGmJ5sA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c5f5ad0e-bb76-4e07-a13e-e7b1cc8a38d2
.pubmatic.com/ Name: PugT
Value: 1638279067
.zeotap.com/ Name: zc
Value: 348baf8d-3676-45fa-7981-a09ee0c5d661
.zeotap.com/ Name: zsc
Value: %C2%CE%21%87%D5%85%9Cg%AD%18V%BED%8A%BFA%14%E5+%3B%B2%B1%3D%0F%5D%06%CCL%27%EE-%06%D2A%3E%173%01%A0%99%BEqO%00%A0%C3%83w%A0%85%B0X%F3t%8E%BB%92%0FpB%97%E9t%E2%2AP%98%F2%E1%19%13VX%24bX%A8%09M%E3%EC%86z%EB%97%CD%B0%BB%DDe%E3B%BE%E4%29Bh%C7-%24%5C3%A7%C53%F6%B4%5D%09c%24%1AI%B5%1D%FA%18%97%0A%1C%A3t%8FQ%C1%2A8%B8V%EAYW%AB%ED%1F%E4q%FE5%86%E0G%CA%3C%1E%22%AE%60%1F%8F%F4Z4%84_%F1%BD%E9%C0-%D5%C1%12J%81%A9%B9A
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
.richaudience.com/ Name: avcid-zeo-uid
Value: 348baf8d-3676-45fa-7981-a09ee0c5d661
.tapad.com/ Name: TapAd_TS
Value: 1638279067248
.tapad.com/ Name: TapAd_DID
Value: 91d398ac-7f6e-41c8-8ab2-661a04801cce
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.weborama.fr/ Name: AFFICHE_W
Value: kIhY0jPIQIaQ18
.demdex.net/ Name: demdex
Value: 85189389142021428331328152492691443284
.theadex.com/ Name: axd
Value: 4278837723993718287
.theadex.com/ Name: tis
Value: EP175%3A3005
.dpm.demdex.net/ Name: dpm
Value: 85189389142021428331328152492691443284
.tidaltv.com/ Name: tidal_ttid
Value: a35fd380-2c43-4a0f-9eaf-b0cc9c52d164
.agkn.com/ Name: ab
Value: 0001%3AG4mlgdeTlJDUWY1Kt3pUx63sj0vyfUbf
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjQ1sjK0MAIAX3NxzwkAAAA="
.krxd.net/ Name: _kuid_
Value: Og0XtVFP
beacon.lynx.cognitivlabs.com/ Name: UID
Value: bdf30f9e-094b-4ad0-9f1f-ac06e4f2d734
beacon.lynx.cognitivlabs.com/ Name: ss
Value: qG6CwhVcMbZaNC6Ap6Um9avzpMCW0HaWc%2Bnt5Cm%2F21CaSaqvLs039SDHg0dWwsdiwuQuMy91%2BRhf5Gp0RwleDQ%3D%3D
.casalemedia.com/ Name: CMRUM3
Value: 3361a6279b05a0&2d61a6279b2760CAESEErTSakQDB3iAJ04zvmQu2U&e661a6279b2760&f161a6279b05a0&8261a6279b2760AADX4k7DTE8AACrs8Z4j7g&dd61a6279b2760&2761a6279b0b40&0861a6279b2760bdf30f9e-094b-4ad0-9f1f-ac06e4f2d734
.criteo.com/ Name: uid
Value: b1d24a0f-5400-4381-951e-dd656bea29f5
.adscale.de/ Name: cct
Value: 1638279067634
.analytics.yahoo.com/ Name: IDSYNC
Value: "18wk~21tp:18z8~21tp:187s~21tp"
.yahoo.com/ Name: APIDTS
Value: 1638279067
www.gizchina.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22a3401812-4a01-438f-82bf-109345f37dc4%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-30T13%3A31%3A07%22%7D
www.gizchina.com/ Name: pbjs-unifiedid_last
Value: Tue%2C%2030%20Nov%202021%2013%3A31%3A07%20GMT
.gizchina.com/ Name: panoramaId_expiry
Value: 1638365467734
.m6r.eu/ Name: test
Value: true
.fwmrm.net/ Name: _uid
Value: "e910c_7036355014487191137"
.m6r.eu/ Name: cct
Value: 1638279067852
.m6r.eu/ Name: id
Value: a9d099a4214015057c09b4bea1b14156
.ih.adscale.de/ Name: tu
Value: 4#3693545638#48~a9d099a4214015057c09b4bea1b14156~455077~0~0#101~~455077~455077~1#39~8cb861a6-279a-4200-b19e-17a801a8c721~455077~0~0#40~b1d24a0f-5400-4381-951e-dd656bea29f5~455077~0~0#42~2019882195564126656~455077~0~0#75~3537809648984412844~455077~0~0#108~8cb861a6-279a-4200-b19e-17a801a8c721~455077~0~0#63~YaYnmrJHyWVSiueR9-xlswAA&1166~455077~0~0
www.gizchina.com/ Name: cto_bundle
Value: SGnNQV9YNzdPOE9XRG9uRjZiMFo2NWxIY2JKZ0o4RUtZN2VzdWI4TzB0WUZaamk0cVVNQllTc0RYZjl3M2w4SERtZGdDM1dTQ3J3NkF3YWF3cW14TE5HOWV2Q2Ixb290bXE2a1pSNzhTVnkxbU8zOVdDSyUyRlM1eXdDUlRXU2tzb25OdVNQVmkxVjJXSUpWMlBQVzRsV1VBZEclMkJBJTNEJTNE
www.gizchina.com/ Name: cto_bidid
Value: LQLUfl9FJTJCbmxtOWVmQUpJb3ltJTJCTkxySW1seENvZ3ViZVBuWkxmQ1BKZlRvb1NMJTJGaFJ2WEZiTDRKTk9YMmY4JTJGcUwzTlJPdHgxblo3JTJCRjB6dWVUNWs2cjEwcFFKS3NTd1REV3FjUndSVSUyQndPRXdmNCUzRA
ads.stickyadstv.com/ Name: sessionId
Value: 7899a59bb0617cf115c99d5e8e368d67
ads.stickyadstv.com/ Name: uid-bp-36033
Value: e910c_7036355014487191137
ads.stickyadstv.com/ Name: MRM_UID
Value: e910c_7036355014487191137
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEB0oCP1qzOfNk6K9124XPp8
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiCyYyj9oOaOhAFGAEgASgCMgsIuK343IyEmjoQBTgBWglzdGlja3lhZHNgAg..
ads.stickyadstv.com/ Name: uid-bp-892
Value: a3401812-4a01-438f-82bf-109345f37dc4
.adsby.bidtheatre.com/ Name: __kuid
Value: 518fa506-a77c-4a30-a85d-e14c676e7b46.407493068
ads.stickyadstv.com/ Name: uid-bp-951
Value: 3537809648984412844
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: fe88a2bda6c0d68d0542df0296f96f3ed19bcc7dd6b1e2619168d1d39b4b787a
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-T3NMtApE2oP7MGLf6rMIGYCyLiBIU8kkjHl4cBpf~A
ads.stickyadstv.com/ Name: uid-bp-529
Value: 8cb861a6-279a-4200-b19e-17a801a8c721
.w55c.net/ Name: wfivefivec
Value: IyRqB4rS1MS3dW5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: IyRqB4rS1MS3dW5
ads.stickyadstv.com/ Name: uid-bp-45
Value: YaYnmgAIbyCrrwBR
.pubmatic.com/ Name: SPugT
Value: 1638279067
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AADX4k7DTE8AACrs8Z4j7g
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: d695850d-b0f2-534e-848b-69bee52d4e1f
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YaYnoQAJnPDVtxzlwOywdeOtZEuVSWNG0ZDb-w==
ads.stickyadstv.com/ Name: pxId
Value: 247
.gizchina.com/ Name: _awl
Value: 2.1638279075.0.4-800b1725-3af9b8e702fd70175de7d54e5539e7df-6763652d6575726f70652d7765737431-61a627a3-0
.admixer.net/ Name: am-uid
Value: 4cba4d96448f4d2d8985c6c6e00eb3f3
.scoota.co/ Name: tuuid
Value: 33a55655-568c-44aa-a61e-52d54381ee9c
.scoota.co/ Name: c
Value: 1638279088
.scoota.co/ Name: tuuid_lu
Value: 1638279088
.rqtrk.eu/ Name: browser_id
Value: 1:1e62a199-66ce-4fcf-999e-df8a8a3ce552

6 Console Messages

Source Level URL
Text
other warning URL: https://www.gizchina.com/2021/11/24/a-new-vulnerability-in-windows-makes-it-easy-to-get-admin-rights/(Line 1527)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=348baf8d-3676-45fa-7981-a09ee0c5d661&reqId=e36e0e16-eeab-47d0-57ce-c6e6e37af6ba&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adx.adform.net
api-2-0.spot.im
apis.google.com
bc.marfeelcache.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bn01.er.bemail.it
c.amazon-adsystem.com
c1.adform.net
cdn.admatic.com.tr
cdn.cookielaw.org
cdn.onesignal.com
cdn.taboola.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp-cdn.cookielaw.org
cms.analytics.yahoo.com
connect.facebook.net
core.iprom.net
csync.loopme.me
d5p.de17a.com
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
events.newsroom.bi
f.vimeocdn.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.vimeocdn.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
inv-nets.admixer.net
js.adscale.de
js.cookieless-data.com
launcher.spot.im
live.primis.tech
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
metrics-logger.spot.im
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pix.spot.im
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
platform.twitter.com
player.vimeo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg.smartadserver.com
primis-d.openx.net
protagcdn.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
r.scoota.co
recirculation-cf.spot.im
recirculation.spot.im
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scientificshirt.com
sdk.mrf.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssl.gstatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.adsafeprotected.com
static.fatchilli.media
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.spotim.market
sync.targeting.unrulymedia.com
sync.tidaltv.com
syndication.twitter.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
video.primis.tech
vidstat.taboola.com
ws.rqtrk.eu
www.facebook.com
www.gizchina.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
c1.adform.net
sync.console.adtarget.com.tr
sync.spotim.market
104.111.215.191
104.244.42.72
142.250.186.98
143.204.95.188
143.204.98.104
143.204.98.106
143.204.98.11
143.204.98.14
143.204.98.7
143.204.98.87
146.0.227.109
151.1.205.165
151.101.1.44
151.101.130.207
151.101.130.49
151.101.14.109
151.101.192.217
159.65.197.210
162.55.236.225
169.50.137.184
178.250.0.157
178.250.0.163
18.156.0.31
18.157.131.22
18.157.198.157
18.195.15.213
18.232.8.41
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.80
185.86.137.114
185.86.137.133
185.94.180.123
185.94.180.126
188.132.147.227
188.40.92.96
192.0.76.3
194.146.38.187
194.146.38.23
195.5.165.20
198.47.127.19
198.47.127.20
2.18.233.180
2.18.233.201
2.18.234.21
2.18.234.233
2.21.141.232
2001:678:cb4:bbbb::11
212.82.100.182
213.155.156.168
213.19.147.45
216.58.212.130
23.37.42.132
23.79.143.124
23.88.75.189
2600:1f18:6593:f601:6e36:3d7b:dfb5:1567
2600:9000:2156:2400:8:48e:53c0:93a1
2600:9000:2156:3800:1d:6a6f:6d40:93a1
2600:9000:2156:800:c:1f1:8940:93a1
2600:9000:2156:d600:19:ea68:d100:93a1
2600:9000:2156:ee00:f:4f64:8940:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b844
2606:4700:10::6816:1857
2606:4700:20::681a:78e
2606:4700:20::681a:ad1
2606:4700::6810:9540
2606:4700::6812:c05
2606:4700::6812:e134
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:802::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200d
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9a
2a02:2638::1c
2a02:fa8:8806:12::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
2a05:d018:24:b002:bc48:7748:582:a849
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8
2a0c:5c81:5139::2
3.120.154.132
34.102.253.54
34.192.120.237
34.254.122.11
34.254.143.3
34.255.77.76
34.98.67.61
35.156.156.223
35.157.138.20
35.186.253.211
35.201.81.244
35.201.98.64
35.227.248.159
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.234
37.157.3.28
37.157.4.23
37.157.4.25
37.252.172.250
37.252.173.213
37.252.173.62
37.9.170.217
46.249.52.248
5.178.65.246
5.178.65.253
51.15.145.116
51.210.112.63
51.75.146.162
51.89.9.251
52.17.151.21
52.205.58.132
52.206.55.189
52.208.103.128
52.214.119.250
52.46.154.242
52.50.27.147
52.95.125.22
54.36.109.48
54.77.6.213
63.33.178.28
66.155.71.150
66.155.71.25
69.173.144.139
72.251.244.140
72.251.245.179
85.114.159.118
87.98.228.78
89.163.159.104
89.187.190.167
96.46.183.20
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
01e105efa6aa2dac21ed4c473d9e4a2d7a4fa9b75dfbf422492b811a90d23381
01f9efc7139994a0005055032497b7b9caa76a64f72aff8a886f0169961b86fd
0204f86586d1eb5bfa5ff05a92b9464cfb873913bed511e4db8e90b181aa25e1
021039d4ba1474200d8a10c2f8838b18e9d0b9bdb25f6f79d461c43abf30be7c
04082cfaa14c7a04a29bf53810bda0de1aa03910090a4aeffb198f4e8bbf70d2
04d5b53649b6e6acc0cb59452076895b8ed5cb1d8b3928c5797e4ff4fea15bc8
05b3bb218b9b5ba0f7459c2d71d3b2190ae70a0eeaea4f8e92b50486313a4d8f
05e1a289ef978099932deeeb85db7ab67b87087e41fb5aa4a911ace171d4595c
0610ac1924543e5285c7ee0244307f951d3087fef517f07c835d864f3ab75076
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07d7ce022e9a903ec91e296c05367023e26f1dfe0f85a6491cbc360a67448dfe
08012aaf4b314a0b3df680beb89f433d55e98c3a027af9a95fdd1f3569fdcdd6
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0af6b427823563075123be79c7ee0fc8c4704bcbd1925d533ac1bd7114314c69
0b6b4c2557306b6e31354abed44eef833cdda4ea5330d88dcfc6c53b921f607f
0bff36e18dc0cf22ae67c613dc37a730653afd6895738ef983d33166860d3004
0c61699bae410dbcc526f0991e3ff1bcd22ed40d7efe0998802293c8c64a952b
0cd543c33e8db7c9de2a203857e89f827814fd31e140be17c261b5dcd1a126ca
0e48a60f342db3139bed193af47d251444a56980ba175e9c48d9f60bb8a06cec
0f2608602bd21f482959571f0eecdd73ef0c9858bbaa8961f2c09eba945556b7
0f86c81e72a4983f653f3d4381ff29b362a75986d0e1751f0088f171b1f26fb4
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12dc4cef0560e100fbe0f960f75ad037a44925232a17f2a1de6aac7aa236d32b
12e9beb9a3dced2403b1d7852ef84176f2e81df3d6715299bc695d9c6c236afc
1356f1f7c6d6697f17940cdd2d46c184734a4b552be3bc1323f690a64c840dc1
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
13b3ba67f02741edd583856df023444c20ec717794831041ed331816fa057368
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15d8821212405f6af4a07cc85b19583e6c69ecc979c97b5de1e6daaafc3da774
17f11e486efbd235f79b2695ad8f6c6aa19b1d27128c16d027f1986852742284
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
1a6874445cbb26aa3b0de94f865ac0ea010418da170c950a1357b99cc43f80f3
1b8bb2f956ef97bf8b591d13fb7d95f8bf4493fb6961067cfd416b0c5fc0a21e
1c14db6bcbfae11da6e16a6de6e7547d7986b588a10620e994c51f814bf2e2eb
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d95be89779c0d1bb2ba8668e593eb44b983eabd399aa4a8ea79a3ac74f5c54f
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
235399d879da3f6c26d63a8a2349568bbe2d4c89f574c9f350daa65fd1d054e7
2469b206eb6327f670227ca16daa71bc42e38f1988134f52cfdcd0fe90e44940
248e7cef393c77b681b12f5dd254f6c8ecc6299e52736137b9087879cefbb4cd
24fe7e4c353937e55ac1ee80c4f95679b9beaac602601dfbd1e32b30ae7699f0
2573477a01b856b7bd318a2e9534d30d7d2c28b9a6dbfbdf5a19f419495928e4
2598fd0548d38d4414901e577ef33247f82a30acdb68a74236496143f7077192
266b854cac29edb2a5c17ffcab93709dbb2923f59999d4627b4d551363185ab6
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29af0c8109de86bcf0f69ab6f293c71bff84e52c48bdc4193e2e9583f291f726
2b8e3dfab4eef2c00f0b0173378e168a2914ae05d2313b580ac42659fea9876e
2d8609a6eb17fa4d0ee22902d38c43c1e760baa7cc9037e5026ad74109e18c29
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e035d82cf61783e88da9e923ebfe74cfdeb3a7b04b8aab7026ad8176452d2b7
2e58127d16f0b46f548fb17330c3856ba5d3c09e30b1faa980e9ffd0189020de
2eb6606679ce28fdacdfcd57387ad0bffd631d6b85f1ac7c1ea910454524efd5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbb3f22ea03d0d1d145d916f36cd24a9085bc16f55bc439d796950abd3af605
2fc84096e99b2d970983e4c1ff6d1641ad4e247099df7d55467cdac571252b4c
3059a0e3fa60f9c17944195d96fa02de7702942d81694d8004146124cd04ce2c
310b28ac061650c615b0a70e171769f70c625e04a4e89bbe0d8bc892c12031ac
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
358a6fb3a6bbdcfd11f73307f4b23453770b4e1a0d49205d240fe4ca4593733f
36a79135803869f257cae495ca43ee3d321aaaa2ea929856859444522d64cca8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
375dfc3356df91765dc6bc9ec293978d4e4c55a0edc90e7b95634beb56f3954f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38eb48b02fd1a86a2e7ddeb5651e1fbc3131d12ffde7183c5456be4e82d9de57
3c192b6fbf8ae52bb04230586b02b61d023938de1fc5a4bac1e4c51243f309a7
3d3214413a2c1ed9ed224a5bbff4138df7a9bd4a6437544beada425b57380cea
3e5f28f71945ad24dad08a203ed08ac790f0e9f0093737d34af83663be4217d4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
4374d4642fed5037436ad942ee7019d2ff815d73129f30a2569d030e6717eb63
44c8ecb7c8f687d002280c1ffcc78b678de97f97a22fa3ae5ee31e1fc0f8dc06
452637e4772bc3cadb119a3bba7dc419e902fe6d848855b9bcd068ae2bb9c8dd
47e3042ff40be895b71778d58590971b6bc7f64a6253fea0808b6b89a7118073
484318f15ab82282a3649e7315f3ec6a6b598b2f1a4a8df11fed509f964034aa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491a1930b3803b2f1119633f96c7742fd1c65cf19da4faf488bf0f0fb3bef92c
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4950e443bf68c544147ba29741427865f8652181aa9b271d7aa1a6aa6829e682
4b3675ecb29180b5a8350ffee58a535435c9103188b9607d96b4f6a03a872a9d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5172abfdcf4721806a417305fb2d9e56c48b0c2d431fc0e1d223c4584bce3d87
53a0b143f4c96444b3c6a2d356746cd77369db5b443d6cd1b14dc4b91c7936cd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396
568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38
57945ae05a0f762a1c7375fb26fa7e56cf33e1fa75b62ed6c1807aea5aaf9a74
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5929615118bcd7b3c1af82d7178a77ba8fe330239a44e98042d27995f5583133
5b75883827cfc9a4678740054f465fb729643d0a459f8ee6abd4019809090c86
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c92084dec60847faa5d1719a8b8c238bf82f3f1ca97a8474acd3c67e3aed419
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d4e691effd471a4ffdd5d94819c0626adf9e0a785a9f710a1326d588be04c97
60ef0ce4272c1ae361476cf56578930a5517b8d9d699e22dffc94524d7234b6d
623ca601a8b7099f7d04a0b64cefa9a589e27a282af0a092568b951478cbf6c7
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
63b930e7e2714515dd58421e7a945c89d75c07f3300252fd25c595d890d49aba
642c8d9eb4cfed2b7e9bafa1797bf70900ce6bafc342b2513b86823a3c4f856f
65445aacbafe7ae9e7c21a38e05b09e0b8af45eb6c11e4bd0a4816d836d016ca
67f91e33374ee1809e741a8cde5fd171a4eaa8b599bada4d6a97b9293da307a4
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68f93d76f9678db52dfb4df559bc851ff60f1257456102f59a3136e325c24029
69e18acf4210e512378ef9ce202aa504c46cf34e1abc492bf676b86a04edd00d
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af
6a86cf28ce8ec2b4c9354709be1a2a7dca13e8a694a21c628362bc695862eadb
6aad48dde0907d035bdb01024f52600bec81a2c05bcc6b81469751d567faed27
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6cdce03d929deeb6af96621ad618d2dab6ecec046decf16a677ca9c8f1992e3f
6d9f061cba81145d9bab0964192d66cb2e13a71591482cdfaf5b718341171da1
6fe98587c344b58d4b05b71072ce66696d47d6df4d7a270b5c33ea1cca38a704
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
746ec13299d9a229760d2b32806884b66e476ecd0906fa4dac2b4d83bcebc361
7600c48b565c291556159b86e35dd640a64991bd1705e61cf0c3a0e61a8a4a4b
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
77f636d6b6bde765475d251a01547f342308db87cde49bb487bedc513bb3495a
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
799b1bf04a44c00ccdc439ff8ab20162c6309323aab30bdc5b1244f96a72a9d4
7bd4321b50cefdcd322744a7d1e0dafa3364a3811b329fbc2520fd08b4f854ba
7f118e242bfb2318d45f1aed9ed1f434c8f89f945023337ffb29c8d7cbc3175c
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8361482d526bffe67959ce2eca02297e409e48540a66d67114b3506fdbf1260c
84386ed9a7f573a8f6cf2d0bc2f9f0f687cfe210efe0ba84989d70114851b497
84c2158a08435ead7b8af459c5b76a2cf8f7b48e9e90ae92276928776799b79d
863609a81e34160098711637ee2ce0901c77002f51432a91511a801df73985c9
8922f1669f2fd4d415ab645524784e268d1e65383e4ce76530655469e180d297
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8bc00240a55504470959fec6b080a75d87cdb3cccd646eb83593ebe52f54c985
8c0aa0ce7080aeefae6546215179cdfe901ce1e4fdcaadd94b130da3a4cb964a
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d6cfc0fb0dbb3c529eb71e8851def3c1b1c703af5b4c298264baa8e7258d6cf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
93cef0e1248d7c800ed03050eeadc1a6037da64a18ad5477f326dd9ba436ccb4
946030cbe18f547f59378246b255c0e8e4e0d861afa0b02e374c5627643e7869
94afa4df49d3ad7a462ddfc6a29e86ce160f1ac82ba1e4dda0aecc3f1f944fff
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
9595ecc4a0f440524a3eeeb8e3e3800bb6f42693fb10682fc14ce74582826b2c
9599c95efe224dfa8ba677c01e7af503af8b52973cc07537de9c0960986343a0
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97fea9dcfcea4baf6f72f7228a1a50560a67c9e3d1a82582d9d41f11085631f6
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
989a885eb66574596678654731515e58808d282c1766cdc99e6efa05bc140046
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9b76d2a9256021674e57c636538a27ef408bb435799548a18a5b906fd9ef6b38
9c062d10663416484b5a59bb47a0308526bec56cc69e9f3499fa087d8eae5c7a
9cb59c4e6ff7d01a1c82e3a985fc33319dc1c536c4586cc72ae476f6223dcd3b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a270a38160dfdfc802f1bc2b64384c3b6119de93c6a51e62bbdfb50b9f95488c
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4
a394d231cf4239d223b519366211f838236e4a3c2b76037e013bf8dabd43a749
a435cad78cc3890a0058ed2dd9f1f1747754704cd6d9f42f7493dc3eea904a2f
a507145372ddb2cea3cc17b18c4cb33514c00931fa902d143ef0ea0f04b3feaf
a64d96fbe3b96a8098f6a3a85358449da8921ee4e2a3c6fe08537f5cc12bb69e
a69f753cef46e2969bae0a83b1fe8fa93184ce3202e9ec8aac7ad6bcaa77ae7c
a8478eb35ceb97b9c5adbbd3cc588b4dbf9c87977f4100f501314cba4eb39d03
aa0be0bd905b4343bb7059d2c47a33f356c59dda6918a7324e5f9887df105e85
aaaa4a38960b9ae9bb0514d83563c4527766fd0946c3908b5d12f381f3e9ea08
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b13aea80b09ae1c3e120876583965e1ac3375c12419d327d796c5bc8caa955b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14bf966ec935d70646e743d42a51c52626b3d9c12137ebba6a3910b0b3a663e
b1547cefa8b68df2e89e876bdfd0d31d5c11c649798420584eb7cfde121b6e4d
b23f230af837b69e07f63b9296a62e5fdb353e10a0b81497a54267ed70464507
b35da386711f632b307255514073beddde663f827e51a0a8d086fc72384e758f
b443146852a4aa58dc7ed403f544597d76a7b8d3a5bf6ac5cf918d8271e52620
b5e48f9f011448129d994fba263d4cba30591af29f6614249f1c5641a2dde076
b62c0c89435530116f73b3c24d53feef2b9bbe42680f5825c945fbe783b4e73f
b73391d004f750d7175cd8f49575121e9a1588d1b5a31a8a0437cd2e6b4c7754
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9dcd703ec4de02c9fb966af531c0cd55e0931e440df7d29a6cb67e3d33afd3e
ba6960667ed6717424e56424bb69dca442cc11d93ab7c1b3d0ed76c80c0693bb
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691
bb2027beb637fccac53fb75021ed4a489e08b5a359781da0953c6343a58433be
bb9300d534c1c874d133621fe94359cddaa410cb186899a56454d290bada166b
bc6a8d60bc144353200284c9bf6f53a08f390cdbbefc5d4eca4ba1357922b608
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c05ef9cae85ff6dbeeb4c1f8421e20110047baa8f129cec66ae3d213600e2acc
c116def1af10cabdeb912ed8bdf8776b105c34ddf15283790bda878e9a1ede15
c1b4572961ec320cc2af5af5ea6f49565511fefdb44fe776f5733554b0b29c30
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
c26bee9cd1dc3d869a9f22a80b04da4168c84f3d315754b11cf3687471397c3b
c3519194b4a6e634dedc973e01e71aad4b07d52325856c92cc452bf27603575b
c38f4320393c8ad8128e3ba8a1fe654f160ac1c8d627b676b115b79d4d52b4d0
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c3e760afd8b413ecb7bd30370d4e5e2bfd5a847e8dc2c0f0e39d7621eba92c4b
c43d1ca02109aa005d95502b6efe866ff8be5487d368c43fb84cb14928d6c919
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c6f8c51cc0e3f3115727406c16ca34ee4239314fcea51232e09c39411e3b0696
c7b6afa6f7216f28eda41fb118eb5d3b8fd0ef193fcac1f7ae5654bfc386f5c1
c7fd32e5a1d69d2ca5fae484f455e3d490dbf2faa3459e6424e6e4f0bd0b3c05
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cabb4d55605822b0575523f66c25df2b5ded543dc6a2d186adbc8c5f55dcf102
cb11e8c2e123325d6de19af0a980d7ca53434d79a3fc28ab4b39d89684f6ec0b
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
cb776b64279e66f63061277a1c2d142d259775f3ec15ce50e0d6de30322b7b57
cb979b547809a0615f8d033ba1d6b33693b9e902a178a3ead75a5dcb3c9d0543
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce8f0f49763b601127a67775440f336004d6c771e1bc6bc7b75ed049fb1a961d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4fe09874575590d6936d4a8c22f0917da3bbb3acc06074d1e1d0f5f2e8e535
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1d82743258bafc885b12da04e94af87ec633385feea740267a720ab8fe72c5e
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d3c1d39d137d9ad51044955db975a95d1a35d4c179801ab7ce8e8e399ce66727
d406bb5609c56ae895928a3489ab7b3d6a77a761da3c39dac3e45311c1c94b8d
d89c12d1719d2e6610dd33aef999b6032f479e4ef08ab41ae98b10bca24356b5
d8a6f2a85533d8b0a3572be5fa46cb09629d8f54f28bf40c52e0878d68caa046
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
da1ee31deb4e2fd3dd52ead3ef084e45f2656ad21155f2b3995c68a094010a45
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db77415882b8f40473cb5448b644d93ec964c53b9b524a9b2a064236dceee710
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc10eb4c3193b2a9e85d3e011075c703c98d79e86dee2c8647311db2f1dfeb4b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6201a9c480a1b4d244c7b11c470b146b3f6293d4a4c34e4f0b26bb055ce902
de801d89e6f71bf92faa287b9d67520105e6188e703bf3d060223ec2072a95ca
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df28fccbafb244dd6825a3eb86ec470c874a19fa978031c470f2280a5a319a5c
e21c9fbea6305d792f2a7c6550a05bbac283969cd048e0011f39792e4068fe40
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e421bba6844dc10965555b23d9dffb4064b7c85d4172ed8efefbf609dd401877
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e6838c8c1c62a12e86fe845dfb54a612d3efe7381e00053662285b7078c13c67
e6c94177e9f78da63e58da058654aa86f7b36fe7cd7225069a817255db50a74e
e6ee1117d177a5be22184dc17eb81e8216ccf1c44bf57b7624e4599bc30bc3ed
e771b76367a46dfa82ad0b70caf873310f6e4a534befecf83ccc7369766a2d67
e88f511fba0b3ab9a6021e070f971b62cc3bf2274b538b33ae9e9bfe8baf1d18
e8d099b9eeb08e1f2532e8b6c8317ba4b6135b9b2bdb5aad734be13bccc172bd
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea6de3955b61f208ffb604b48bd6e44ad721dbf5ea2fff7d3aea33065fedb313
eb24d450440c4147dda5521341c26b18e0248d275055b325b7692f82cde2060b
ec19a46529b6381ed062b18104d4821fd72d1d0897e87c874eb5b8f9818c8931
ec5f4b781d9c518523fb0bb1c31caceffbf0ac72d22a24b668fad7b50d0fe333
ec8604d4eade6552031ca2e8d3af9b3a1393bdc11b39dcb8176c41f4e5fb678c
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed71e8493474da34e874b1b1b4aa69c02346b33be8d4d2cf9d23f82a2ec5dbbb
eea465f024dbab811ab02d321761d4063d8dadabd3d3a100fa586af733fad783
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef710bca669930bfe2dc7872aff2366aced71b018f152d49898f895ff3178f36
f02ccdcb77a92a3a593afc1c7fa4f3cb5a3510b587c9fcbfebfe92ac056ccb93
f328af734b7a2385de7eb9df88725cae8f10a2ca1a0042853a606402e406f54b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3cfaf64257ca19b47726204302d388b96cb33bae327c9702906d1816958c1bd
f43ba23b35214b555e4e533ad3a7b4e1a0da33a244a122921e8f79d435bbd5f2
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7cf9c9151efb71c48539a66be64427fff3e3066ee2a7734492ef662928a72cf
f83339669b71b39f378a9144fe136dc3c31fd8fd83716a4d6a3e7a10fca56e17
f86196e20c7324cdb33cb26b09d35a56d9790c54d8529a44f48af3462d73fca0
f9fae20d30474c95bf8745df26cfa5c62803462a9ee57dd710c8266d7ece3f3e
fa4fb5356329f1df868237bd98106d7f0acc959574e65f98593e89c2211e706c
fb8839656901d4464df62f258158d1e41d17c0c2bd7ff79ad69d7dc180194eb8
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffc342b2bced57b337cad25f5434b3589d10b247ee95a2bf01ed3729f702d354
ffd613c417eee02c7fd4be829859eb33fb2f1d15e4b4821578a37a798fa29a76
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2