urlscan.io logo urlscan.io
SecurityTrails logo

thehackernews.com Open in urlscan Pro
2606:4700:20::681a:161  Public Scan

Go To Rescan Add Verdict Report
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Submission: On May 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 79 IPs in 11 countries across 68 domains to perform 277 HTTP transactions. The main IP is 2606:4700:20::681a:161, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehackernews.com. The Cisco Umbrella rank of the primary domain is 182796.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2022. Valid for: a year.
This is the only time thehackernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
7 142.251.36.130 15169 (GOOGLE)
4 108.156.255.177 16509 (AMAZON-02)
3 51.124.210.81 8075 (MICROSOFT...)
4 23.97.225.52 8075 (MICROSOFT...)
1 3 2620:116:800d... 16509 (AMAZON-02)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 178.250.2.146 44788 (ASN-CRITE...)
11 3.248.142.99 16509 (AMAZON-02)
4 51.75.86.98 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 3.124.247.47 16509 (AMAZON-02)
1 2602:803:c004... 26667 (RUBICONPR...)
1 2 145.40.89.200 54825 (PACKET)
1 104.79.89.16 16625 (AKAMAI-AS)
1 178.250.0.165 44788 (ASN-CRITE...)
2 216.52.2.19 29791 (VOXEL-DOT...)
2 4 34.98.64.218 15169 (GOOGLE)
3 7 37.252.173.22 29990 (ASN-APPNEX)
1 34.107.148.139 15169 (GOOGLE)
1 204.237.133.116 3257 (GTT-BACKB...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:231... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
37 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
4 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 173.194.76.155 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
4 52.223.40.198 16509 (AMAZON-02)
1 104.16.190.66 13335 (CLOUDFLAR...)
1 184.87.212.24 16625 (AKAMAI-AS)
1 2620:1ec:40::45 8075 (MICROSOFT...)
4 92.122.147.28 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
1 5 104.92.74.8 16625 (AKAMAI-AS)
3 192.82.242.209 62713 (AS-PUBMATIC)
8 52.215.230.177 16509 (AMAZON-02)
1 67.202.105.23 32748 (STEADFAST)
2 185.86.139.102 201081 (SMARTADSE...)
2 5 2.22.33.42 16625 (AKAMAI-AS)
2 6 69.173.144.165 26667 (RUBICONPR...)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
1 1 34.234.148.240 14618 (AMAZON-AES)
4 4 213.19.147.45 3356 (LEVEL3)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 178.162.133.149 60781 (LEASEWEB-...)
3 3 18.156.0.31 16509 (AMAZON-02)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 3 54.239.38.253 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
6 9 142.250.186.66 15169 (GOOGLE)
3 5 209.54.180.3 16509 (AMAZON-02)
1 1 37.252.172.123 29990 (ASN-APPNEX)
1 9 34.247.233.198 16509 (AMAZON-02)
3 3 35.158.225.181 16509 (AMAZON-02)
2 2 3.123.117.219 16509 (AMAZON-02)
3 3 64.202.112.255 22075 (AS-OUTBRAIN)
1 66.155.71.25 13768 (COGECO-PEER1)
1 1 34.205.3.24 14618 (AMAZON-AES)
2 2 54.227.164.149 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 3 64.202.112.223 22075 (AS-OUTBRAIN)
1 1 104.92.72.137 16625 (AKAMAI-AS)
2 2 54.77.108.6 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 3 216.200.232.249 30419 (MEDIAMATH...)
3 3 151.101.66.49 54113 (FASTLY)
2 2 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.52 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 185.86.139.113 201081 (SMARTADSE...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
4 5 54.75.174.52 16509 (AMAZON-02)
1 141.226.228.48 200478 (TABOOLA-AS)
2 3 104.92.91.221 16625 (AKAMAI-AS)
1 1 35.186.193.173 15169 (GOOGLE)
1 2 37.157.6.253 198622 (ADFORM)
4 104.36.113.107 62713 (AS-PUBMATIC)
2 204.237.133.121 62713 (AS-PUBMATIC)
3 204.237.133.120 62713 (AS-PUBMATIC)
1 159.122.14.34 36351 (SOFTLAYER)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 198.47.127.20 ()
277 79
13    2606:4700:20::681a:161 (United States)

ASN13335 (CLOUDFLARENET, US)
thehackernews.com
4    2606:4700:4400::6812:2209 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adpushup.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
7    142.251.36.130 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s12-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
4    108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net
c.amazon-adsystem.com
3    51.124.210.81 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
4    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
11    3.248.142.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    3.124.247.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-247-47.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com
a.teads.tv
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
7    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
3    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
1    2600:9000:2315:6000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
37    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
31    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
5    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4005:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net
bid.g.doubleclick.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
4    2a00:1450:4001:10::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5lznes.c.2mdn.net
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
1    184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
4    92.122.147.28 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-28.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
3    192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    52.215.230.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
pixel.33across.com
2    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    2.22.33.42 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-33-42.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    34.234.148.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-148-240.compute-1.amazonaws.com
x.yieldlift.com
4    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    2a05:d018:d29:3602:cba9:630b:f07c:688c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
9    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
5    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
9    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
3    35.158.225.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.123.117.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-117-219.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    64.202.112.255 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    54.227.164.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-164-149.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    64.202.112.223 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    54.77.108.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-108-6.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    54.75.174.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    104.92.91.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-91-221.deploy.static.akamaitechnologies.com
px.owneriq.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
4    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    204.237.133.121 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    204.237.133.120 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
673 KB
34 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
bid.g.doubleclick.net — Cisco Umbrella Rank: 503
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
349 KB
18 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
ads.pubmatic.com — Cisco Umbrella Rank: 439
image6.pubmatic.com — Cisco Umbrella Rank: 612
simage2.pubmatic.com — Cisco Umbrella Rank: 606
image4.pubmatic.com — Cisco Umbrella Rank: 875
image2.pubmatic.com — Cisco Umbrella Rank: 932
simage4.pubmatic.com
40 KB
18 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1071
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
eus.rubiconproject.com — Cisco Umbrella Rank: 556
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
token.rubiconproject.com — Cisco Umbrella Rank: 692
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1146
26 KB
17 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1459
usersync.gumgum.com — Cisco Umbrella Rank: 2306
rtb.gumgum.com — Cisco Umbrella Rank: 1176
5 KB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
123 KB
13 thehackernews.com
thehackernews.com — Cisco Umbrella Rank: 182796
181 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1769
public.servenobid.com — Cisco Umbrella Rank: 3779
7 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
46 KB
11 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 12011
aplogger.adpushup.com — Cisco Umbrella Rank: 12275
e3.adpushup.com — Cisco Umbrella Rank: 15891
224 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
2 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
imasdk.googleapis.com — Cisco Umbrella Rank: 407
251 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
acdn.adnxs.com — Cisco Umbrella Rank: 596
secure.adnxs.com — Cisco Umbrella Rank: 424
50 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
bidder.criteo.com — Cisco Umbrella Rank: 763
dis.criteo.com — Cisco Umbrella Rank: 725
9 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 297
ads.yahoo.com — Cisco Umbrella Rank: 1156
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
4 KB
6 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 941
r4---sn-4g5lznes.c.2mdn.net — Cisco Umbrella Rank: 829272
1 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 466
3 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
6 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1210
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 520
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
147 KB
4 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13030
u.openx.net — Cisco Umbrella Rank: 756
us-u.openx.net — Cisco Umbrella Rank: 399
808 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
ce.lijit.com — Cisco Umbrella Rank: 917
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 998
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
801 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 782
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 7678
1 KB
3 connectad.io
i.connectad.io — Cisco Umbrella Rank: 6992
cdn.connectad.io — Cisco Umbrella Rank: 4524
sync-eu.connectad.io — Cisco Umbrella Rank: 3111
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 987
pixel.quantserve.com — Cisco Umbrella Rank: 427
11 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 571
950 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 690
695 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 933
464 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 646
623 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1042
955 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3750
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 598
idsync.rlcdn.com — Cisco Umbrella Rank: 330
44 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
57 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1191
contextual.media.net — Cisco Umbrella Rank: 526
9 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1183
603 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
518 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
610 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 2859
444 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 977
99 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1802
696 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 560
379 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 481
1 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 857
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1163
293 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
579 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
57 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
708 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1014
474 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
753 B
1 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3907
593 B
1 33across.com
pixel.33across.com — Cisco Umbrella Rank: 2466
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
421 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
28 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
343 B
1 districtm.io
dmx.districtm.io Failed
cdn.districtm.io — Cisco Umbrella Rank: 3270
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1212
249 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2139
484 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 660
30 KB
277 68
Domain Requested by
31 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
imasdk.googleapis.com
18 pagead2.googlesyndication.com thehackernews.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
www.googletagservices.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 thehackernews.com thehackernews.com
11 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
9 usersync.gumgum.com 1 redirects g2.gumgum.com
9 cm.g.doubleclick.net 6 redirects g2.gumgum.com
ssum-sec.casalemedia.com
7 rtb.gumgum.com g2.gumgum.com
7 www.google.com 4 redirects tpc.googlesyndication.com
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
7 ib.adnxs.com 3 redirects cdn.adpushup.com
acdn.adnxs.com
ssum-sec.casalemedia.com
6 pixel.rubiconproject.com 2 redirects public.servenobid.com
eus.rubiconproject.com
6 www.gstatic.com googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
5 match.prod.bidr.io 4 redirects ads.pubmatic.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com googleads.g.doubleclick.net
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
4 simage2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 sync.1rx.io 4 redirects
4 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
g2.gumgum.com
4 ads.pubmatic.com cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 match.adsrvr.org cdn.adpushup.com
g2.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
4 r4---sn-4g5lznes.c.2mdn.net
4 csi.gstatic.com imasdk.googleapis.com
4 imasdk.googleapis.com 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 onetag-sys.com cdn.adpushup.com
public.servenobid.com
4 gum.criteo.com 2 redirects static.criteo.net
4 e3.adpushup.com thehackernews.com
4 c.amazon-adsystem.com cdn.adpushup.com
c.amazon-adsystem.com
4 cdn.adpushup.com thehackernews.com
cdn.adpushup.com
3 image2.pubmatic.com ads.pubmatic.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 sync-tm.everesttech.net 3 redirects
3 sync.mathtag.com 3 redirects
3 b1sync.zemanta.com 2 redirects ssbsync.smartadserver.com
3 sync.outbrain.com 3 redirects
3 x.bidswitch.net 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 mug.criteo.com thehackernews.com
3 aplogger.adpushup.com thehackernews.com
2 image4.pubmatic.com ads.pubmatic.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 us-u.openx.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
2 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 gcdn.2mdn.net 2 redirects
2 bid.g.doubleclick.net imasdk.googleapis.com
2 pixel.quantserve.com 1 redirects thehackernews.com
2 ap.lijit.com cdn.adpushup.com
public.servenobid.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 idsync.rlcdn.com ads.pubmatic.com
1 cm.ctnsnet.com 1 redirects
1 sync.taboola.com ssum-sec.casalemedia.com
1 dis.criteo.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.srv.stackadapt.com 1 redirects
1 pixel-sync.sitescout.com g2.gumgum.com
1 secure.adnxs.com 1 redirects
1 id.rlcdn.com
1 ads.yahoo.com
1 px.ads.linkedin.com
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 x.yieldlift.com 1 redirects
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 sync-eu.connectad.io cdn.connectad.io
1 acdn.adnxs.com cdn.adpushup.com
1 cdn.connectad.io cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 cdn.districtm.io cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnjs.cloudflare.com thehackernews.com
1 rules.quantcount.com secure.quantserve.com
1 i.connectad.io cdn.adpushup.com
1 hbopenbid.pubmatic.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 web.hb.ad.cpe.dotomi.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 code.jquery.com cdn.adpushup.com
0 dmx.districtm.io Failed cdn.adpushup.com
277 114
Subject Issuer Validity Valid
thehackernews.com
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-22 -
2022-06-21		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adpushup.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-27 -
2022-08-29		 2 years crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-05-03 -
2022-07-12		 2 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2022-05-02 -
2023-05-02		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-17		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh

This page contains 53 frames:

Primary Page: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Frame ID: DE2B748FED9E3248D4E3DD3A1F07C794
Requests: 79 HTTP requests in this frame

Frame: https://cdn.adpushup.com/02/IL_.html
Frame ID: 1C6CD1DCC38ADC087103C267B6389A2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html
Frame ID: 593A131406658AD223C94886C69C1DAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Frame ID: 425DA627053B890363F32A3393395395
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Frame ID: E24487178DE8FD3FFF6CC3B73B4E0FD8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Frame ID: 3935F2D4CCF1818F208CF877E535A252
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1652336704&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323364&bpp=2&bdt=1038&idt=215&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250%2C970x250&nras=1&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=224
Frame ID: FE2B56A39404A0A24EA58BCFAAB7AB97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A69880632E9905CB7908774C046E4829
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 569AA0B3F6B598E563B1403E9B3A3F76
Requests: 2 HTTP requests in this frame

Frame: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA7DA6089A2F0ECC270E050C65125C06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Frame ID: 850B7958DCDC5DD5565C8AB096F75191
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 747F829B3C6E248223E9D4E48D8378AC
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4E8D036B4B8919B220B1A30AADD7612B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 083C049865BDA16B952747036B087EFE
Requests: 2 HTTP requests in this frame

Frame: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E334298FBAC90B13C223DF02B7A36BC6
Requests: 18 HTTP requests in this frame

Frame: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 241A819BAA4A91BCE6BE7815083BB56C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6362320903BA69E745F066189610096C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Frame ID: 32C9CAB6012C498D832475EE68FEFBA2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Frame ID: A762BBD606C473D4FD2BEF9253B10988
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 487075B93ADE71BE8F00B648EE787F51
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: AAE6F5FA6339AC3F8F9D4FDCF082E882
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A29EE87733AFCE3EC17A334F6F8EB673
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Frame ID: 9FB3E38693BD22C7E3ECCFF73959684A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thehackernews.com
Frame ID: 7E7C1E30563089F7BD7B466923E90E62
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 91ABC65D7C0EA3854B71C57081C80F99
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 1CA0F07CB0276FEF7114DC5441A36BC4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1652337322999
Frame ID: 79AAFAC652C0176FD07098BDFC032E4C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C172%2C2030%2C173%2C251%2C175%2C132%2C178%2C2029%2C233%2C255%2C2028%2C2027%2C3017%2C214%2C236%2C3016%2C237%2C337%2C338%2C70%2C51%2C97%2C55%2C99%2C77%2C3012%2C2043%2C2040%2C141%2C186%2C222%2C201%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: EEBB606F1376A89E77C0A9411A866306
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A7CE99E94EDB4BC031CAD9159AB1C608
Requests: 11 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: A763514DEC9FBE90A1F73716C1E09F85
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Frame ID: 018ED10A41301BEE5E102AA866051F18
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 998CEA1A2457FBE7701F240EF08E21EE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 03CE19F630AF3F80FD46C19FEBB77FA4
Requests: 10 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 369C525B8831AA49FB6FCA1946FC0CDC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 126B0EA4114A81B85802381032BBA834
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 358BDA753878F9F82C1F18B6B42E0086
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: B2C9B88E52D6CF263F720586892CD5A2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 942C7E4336EEEBDA5A84680ECB2D46F2
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: A37DA968769DFAE1FE9AFD5932568AA6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: C1B7C8518D4BD2AC2CAB443E5D0E36F3
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=336b627c-aab1-4c00-9b95-6bdff335a718&gdpr=0&gdpr_consent=
Frame ID: DCC0C91D3855665AC28E8058FDA2DEC2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=&_test=YnyqsAAAtWOmAwAo
Frame ID: 6AEF7B686DD3AD86BB1057EA3FFC4B63
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80NzkwZDNjOS1hNDIyLTQ0YjQtOTAxOS0xNGE5MmJjMWEyZmI=&gdpr=0&gdpr_consent=
Frame ID: 5A7AA9601AC7A2CCD6E6AA69636BE32E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 24E0B02D7BBCC022F1E30A9C85126E75
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 2F5E25BB9A8B0A40B694DA921C8258B6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&uid=6547980187708445070brt10071652337328280352f1
Frame ID: C2361C101897BFBA3095477A95D413FE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YnyqsMCo8YUAAIy1ozcAAAAA
Frame ID: EC0154678982FEA7F6A0818CA3C02C3B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=05WoH9Yl5rcKbtoO749Q&pi=gumgum&tc=1
Frame ID: 0F8141FF01D745A3D454BC80B07BC7F6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 9D08DA9A2EAA964BE682E98FB677BB4A
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=81938B4D-2D5C-469F-9693-587D814136A9
Frame ID: 37BFAA68136E68C2314C9A0E0DE8EC79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=
Frame ID: 5E330051BF8AC359441520A9B89A1209
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: F56CB47292AC438F5F0E6C3A6EF37D49
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&gdpr=0&gdpr_consent=
Frame ID: 0ABFABB36A43AF78F4F7DF16A9D27A44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hackers Deploy IceApple Exploitation Framework on Hacked MS Exchange Servers

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

277
Requests

83 %
HTTPS

30 %
IPv6

68
Domains

114
Subdomains

79
IPs

11
Countries

2284 kB
Transfer

6225 kB
Size

100
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ggx9kHxZOUR4WGgvbXU1cTBPbnR5MGZRVzNpSTNiaTJrQnBWdDJqNTFqclVnVFlCMjJja1lZeit1S0FYU3RaTDFaQXV0UUFLeXB2TXFZbk5wdnNoVWRJTnRDemZHN3JFVjZQMGs5bVBnbW9iSnR0TlNaTW9IVjNQZDJiSDNhT2xnS2R6V3ZlcjZ4YUNlNXEweXh4N2FIZnM0amd2bnlRMTROZWlaTGw1Sk5iVC9YVk1paTlSMytMUlpmSFZ2RUhIaHRXTm9VTTZlWVZrVEIzdFJSV1lYbWkzYldhdXVhRjFzby8wUXlaM1E2Wk9jY2hJPXw&cppv=2
Request Chain 106
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 108
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 156
  • https://gcdn.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/687F02846C8D6DF44A04282C876BD522E1F3D09C.0FDA1C5B143B653F3559E80A698373CFF3E7BBC8/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50A0BE1136524FA57BD723EDE543A92D34AF6EC9.2CBC402F010C8D37A4F94930077AD177FAA14227/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
Request Chain 159
  • https://gcdn.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/3B05630A77D8A965533A91982EEFFC2C1DAF4FF1.0A5E5FAF04A0BD0DC543DD55FF3DDDF3BF4979CD/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/545C3E5E8706CB4358CFC00947AD464C81FC863A.2C16C39B923C46085A5061C6BAA83046EA29EA2E/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
Request Chain 177
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 186
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thehackernews.com&sn=ChromeSyncframe&so=3&topUrl=thehackernews.com&bundle=vjZZcl9adGMlMkZzUm9YVlRhOFI3U0tTUXdHSjd0TDdzRkxTb2FrYVVKJTJGbWh0TjljYmxvZXhLUmc5OUNnbkEwNG4yYVRvZnY1d1ByRmI3TnB0SXcyRmZkQW4lMkJEcTNqQWFiSiUyQmNqeDVwUFlCbVJxOVFIVWM3U0FrRlVaNkNSWDhuZ0xDSDAx&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=YNqXSHwwbTBtOTQxZnYyR3U3bUI0cFhCZjdlb0VRdGVGS05PQ3hicDdBR2JjVm05akNuMk01dzBnRyszOUFvSCsrWGl6SXc1NU5SQnR0Z3VScjBmUUVSanBrN2dtSG12Vm1kVVBQRjd3T0VicFFhdFFhUE5MaEE4b0l4NFZSRVBGRXNrblI1cGhBUWhLUHFoMXV3djdNV2VkS3V4bVdzWGJCa1Jqb1o3UUJ1WWxpLzdocjJwVWJlVlpMWWRpTlc1RGpqRjgyUjRZSnNBOFg3aUl4MTRpdkNrVFBOdzRzMjNnRkx2cWlscXV4NGhybXRxM3lScU1MYnNHU1VlelNSKzVSV0RWeGtpSEh1SlR2Qy9vaUJtVEMvZnlZcG5kTXk5cDdzaFVVOHd4OGFZeDREaz18&cppv=2
Request Chain 207
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 209
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6547980187708445070
Request Chain 210
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=EoHLqRZH39pteL0gQkCbHkWf
Request Chain 212
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYzczZTA1NWUtMDQwMS00NjFkLTgzNTMtMGM3ZmUzNmI0MDk1IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0xMlQwNjozNToyOC4yODU1NDNaIn0=
Request Chain 213
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1652337327921 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 214
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5124322321936255454
Request Chain 216
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=8013f167-3242-46e0-9eaa-ff74e8628086&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 217
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-HK1emX5E2uGzfcS.eT42J88QQTgFTRieF_p3Eh4-~A
Request Chain 218
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L32MZASO-S-HZEP
Request Chain 219
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L32MZASO-S-HZEP&sigv=1&esig=2~ce4e3f324a0c5836d672821fd4dd7d627e9c8e17
Request Chain 220
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3qoCYB2gb-JthoSyRPgHcA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=222622289380457608
Request Chain 221
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iv5Hpo_YSaSJY0yTxcgzFg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iv5Hpo_YSaSJY0yTxcgzFg
Request Chain 223
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDMyTVpBU08tUy1IWkVQ
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOEYZcsWGo-JfecK_CxnWDc&google_cver=1
Request Chain 225
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5bb_FK-LQHmULVb-QBJpaw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5bb_FK-LQHmULVb-QBJpaw
Request Chain 226
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6547980187708445070
Request Chain 227
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b841bb06-c944-4122-999d-49ec1205cd82 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b841bb06-c944-4122-999d-49ec1205cd82 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=341b8ede-b52d-4125-b357-587b4b39a947&ssp=gumgum2&expires=30&user_group=5&bsw_param=b841bb06-c944-4122-999d-49ec1205cd82 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=b841bb06-c944-4122-999d-49ec1205cd82
Request Chain 228
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%288IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%288IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&obuid=ENC(8IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=[EXCHANGE_GDPR_MACRO]&gdpr_consent=[EXCHANGE_CONSENT_MACRO]&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3D8IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Request Chain 229
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=54f3f2fc-c5ca-430f-a089-a4b1d5e1f255
Request Chain 230
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-a1bc94b2-079f-4846-6b6e-bfd13b891970$ip$217.114.218.20
Request Chain 231
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-6j3rCLxE2perdoLY04VL1JcX1SKLU3XSPIid~A
Request Chain 232
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b6a73c8d-d1bd-11ec-88cf-57c73e301717
Request Chain 235
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=1J7_8cswwyY1gdpeMqva&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MKKG5PTQY3TO53XSWJRM5SHAZKNOF3GCJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MKKG5PTQY3TO53XSWJRM5SHAZKNOF3GCJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1J7_8cswwyY1gdpeMqva&us_privacy=1---
Request Chain 236
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=6fb1c5fe-fdab-406f-aded-6f579fd4db8f
Request Chain 237
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1652337328144 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 238
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=vXwdAf4PJw0V&ev=1&pid=558355
Request Chain 241
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=336b627c-aab1-4c00-9b95-6bdff335a718&gdpr=0&gdpr_consent=
Request Chain 242
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YnyqsAAAtWOmAwAo HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=&_test=YnyqsAAAtWOmAwAo
Request Chain 246
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=6547980187708445070&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&uid=6547980187708445070brt10071652337328280352f1
Request Chain 247
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YnyqsMCo8YUAAIy1ozcAAAAA
Request Chain 248
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=05WoH9Yl5rcKbtoO749Q&pi=gumgum&tc=1
Request Chain 249
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 252
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=e-atsCy1-7Fgsa3hfre35i7jouBgsvjlfexWxadF
Request Chain 253
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=57b5e2be-015c-4c88-9b4c-1f9c7cf9110c&gdpr=0&gdpr_consent=
Request Chain 254
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPVE7E-VUAAEbYDgvNGQ&gdpr=0
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YnyqsONQSrKBgUNxxG1Y8AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItZ_qZFVjy6tWAYO0tmuII&google_cver=1&gdpr=1
Request Chain 258
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB&dcc=t
Request Chain 261
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7056237281397082256&uid=Q7056237281397082256&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 262
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c89722513d6046faae943362c3b23b17&expiration=1654929328
Request Chain 266
  • https://c1.adform.net/serving/cookie/match?party=14&cid=81938B4D-2D5C-469F-9693-587D814136A9 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=81938B4D-2D5C-469F-9693-587D814136A9
Request Chain 267
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=
Request Chain 268
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVjcwN0UtVlVBQUVhS044dFJXdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gZOLTS1cRp-Wk1h9gUE2qQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=253c627c-aab0-4400-b795-498447e07231
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODE5MzhCNEQtMkQ1Qy00NjlGLTk2OTMtNTg3RDgxNDEzNkE5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA8a4CBA3goxIi2nWRxOCIM&google_cver=1
Request Chain 276
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7484258977341777124&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=81938B4D-2D5C-469F-9693-587D814136A9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nfaGT0xE2uVgB2yLKuTQwfTVjd4B6y8-~A&gdpr=0&gdpr_consent=
Request Chain 280
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6547980187708445070&gdpr=0&gdpr_consent=
Request Chain 281
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6b7b756-d1bd-11ec-8668-ad5d60f5736e&gdpr=0&gdpr_consent=

277 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hackers-deploy-iceapple-exploitation.html
thehackernews.com/2022/05/ 		111 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WordPress VIP
Resource Hash
e3627efe4d9f472fad33ed73658ee75d69d2f14b4adcf84331085fcf1e3eb515
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
103
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, s-maxage=604800, max-age=0
cf-cache-status
HIT
cf-ray
70a1224d5c1292b4-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 12 May 2022 06:33:40 GMT
last-modified
Thu, 12 May 2022 06:25:04 GMT
link
</css/roboto.css>; as=style; rel=preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), geolocation=(), microphone=()
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApUxQwFBA4F2N5OWT9iHDrJc5Cy0L58VjPqnzWDjDBz5AG0JoHdGbX0sR00heO%2BhcC0u28HU9DqeBk2sX%2FLMU56b7zN%2B2tH1D0%2FwH9Qi5eCkJukOcSfzDVaoV0bZ7TgTdbdSzzf4YgQJvXEnm4gJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-forwarded-for
2001:1b60:2:240:3247::12
x-frame-options
DENY
x-powered-by
WordPress VIP
x-xss-protection
1; mode=block
roboto.css
thehackernews.com/css/ 		77 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehackernews.com/css/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmhQsHJjlt30TedqikI5tdWvvbjwkHh3RNvaiAIWnJdf50rs49%2BvVARptNDKnVVKEyX4I%2BPdk10I1b%2FKDkqIDddol1kmpoxPGE44VBinPvqFIFLrMwWP0UfJC3%2F%2FJN28SeFgjo8c4pA41J8eUKM1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, immutable, s-maxage=8640000
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
70a1224dfd4792b4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
malware-framework.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhb3WFndGjQ62G4i5F9GvdKjkj7AqtJLFJfTy5hAPsBTD2pYdFxOapeUf0BcfrPQBzrO4JUYGRn_RxaARRIBtBgzvU22AP0e7vmi-_6savWPLTRQ2U05cCNkZTU8xkJEFJFnIf7LndicrKGaDxbl... 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhb3WFndGjQ62G4i5F9GvdKjkj7AqtJLFJfTy5hAPsBTD2pYdFxOapeUf0BcfrPQBzrO4JUYGRn_RxaARRIBtBgzvU22AP0e7vmi-_6savWPLTRQ2U05cCNkZTU8xkJEFJFnIf7LndicrKGaDxbldG6xIslPBy4b5gQ9n0h-kw8gDyeBf1M6VIs1bft/s728-e100/malware-framework.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e84c6e2907a2bc59472b0485895f46d66fc0377bbed10f281a737db67388e0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3389
cf-polished
origSize=25049, status=webp_bigger
x-forwarded-for
51.255.49.186
content-disposition
inline;filename="malware-framework.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20298
x-xss-protection
0
expires
Sat, 20 Aug 2022 05:38:54 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v1982"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgCDVeFFuVEeCppIuS%2Bf6EEP3w7h7vSNSSKfvpgEDTshh6j1yysZSzRBAzqr5isVkWkWUffiO6AkzmhouMuizg9pqBchXL7zaQ2N8O4AGLprn9lPvprcSInBky8QJIbZiUAgSCi3ioN09rTsU8Lt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1224e1d8192b4-FRA
access-control-expose-headers
Content-Length
flow-1.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiG-KwPn2TUq7EAXkw7s5ULawfajmwb-k9NUfvTN6Za1jvmEeJWjh2Y5yLpxAO3FBVXxjs8UXUTMdEj-7Vp9PTKQIFygHGlGIvnpcfGYrYmFnWhlNrhhpoNDn79xo1chUTUSuDaIBtZ3k0QQmWtB... 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEiG-KwPn2TUq7EAXkw7s5ULawfajmwb-k9NUfvTN6Za1jvmEeJWjh2Y5yLpxAO3FBVXxjs8UXUTMdEj-7Vp9PTKQIFygHGlGIvnpcfGYrYmFnWhlNrhhpoNDn79xo1chUTUSuDaIBtZ3k0QQmWtBc76Y9g2aD9b7YpyRjaCwwZQ2JdOeZu141dOEMpE/s728-e100/flow-1.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1504e7eaa633b02aedfc19f0371f262848700fcf5beb951f281fdc0c8a1242b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3309
cf-polished
origSize=24714, status=webp_bigger
x-forwarded-for
2a03:2880:30ff:f::face:b00c
content-disposition
inline;filename="flow-1.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19351
x-xss-protection
0
expires
Sat, 20 Aug 2022 05:40:14 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v1983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVu37VeVy6XXfAj7H9eH%2Fm9s7phgUI9OQV9efaGXsXerah6flMNPRRnTKkGUuiNfZAMZHQJfpLtI2cIvhC1brCPQUk8dx3gxadPmGMC42Au5%2FwEU%2Brex68vCc43ADc0YgUZLQMl7iiWXaNUrDI8%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1224e3d819ba4-FRA
access-control-expose-headers
Content-Length
rocket-loader.min.js
thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehackernews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Fri, 06 May 2022 15:54:30 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"627544b6-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reclElULfKOX6VZctVuXT8Gbx99YvlJ2orYh3zys3WB6cILjrXup0BMYqDVxbnB0Vk5n9j0y1%2FofIEcQ%2FHxz1ZL0A5QPH6%2FNZawPj1LkkI8KcmA3H7INYlsXV3JcJ%2FWo4QislgNdV8h8esH8vVRT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
70a1224e4d8e9ba4-FRA
expires
Sat, 14 May 2022 06:35:23 GMT
adpushup.js
cdn.adpushup.com/37020/ 		443 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/37020/adpushup.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb025dcbc79c1f7591e59abda9aaf489349b2a6e38f3e68916e99005a931542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 May 2022 20:09:23 GMT
server
cloudflare
age
123492
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-cf-geodata
IL
cf-ray
70a1224eaefb92c5-FRA
expires
Thu, 12 May 2022 07:35:23 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a

Request headers

Referer
Origin
https://thehackernews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		442 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		103 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
s.js
thehackernews.com/cdn-cgi/zaraz/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehackernews.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIySGFja2VycyUyMERlcGxveSUyMEljZUFwcGxlJTIwRXhwbG9pdGF0aW9uJTIwRnJhbWV3b3JrJTIwb24lMjBIYWNrZWQlMjBNUyUyMEV4Y2hhbmdlJTIwU2VydmVycyUyMiUyQyUyMnglMjIlM0EwLjU3MzIwODE4NDcyMDk2NzQlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnRoZWhhY2tlcm5ld3MuY29tJTJGMjAyMiUyRjA1JTJGaGFja2Vycy1kZXBsb3ktaWNlYXBwbGUtZXhwbG9pdGF0aW9uLmh0bWwlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15fb6119254d23a052301d4d244dbc52c9813b171e13497b352b05c5a34ca6f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD, POST, OPTIONS
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7HMXWDUsxrzRnaR3jD6y%2BQmD6dDp2AYgVaohI4im2J3ps6KHGu%2Fj3MVb8pZIqpJZUdLR2fS41Xt5XQmlNHRovvovXiqvpqvmgtC%2Bb1sg8Ie1DnW1uIa8ZxBFWf7hJ41T7DfCjYkv9mgItQlpIvF"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://thehackernews.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
cf-ray
70a1224eae4c9ba4-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
AVvXsEiN2CRfA_ceqxVqUhWgQghksIlR--dFXivRiP_Zg-Imyju-DxkJsRqAwMZTHptnxs57fD9WZmF-r0rSMTTmTsDQxuSSveVz3PCX_3vRCCJfInCb6CwrA7DzHnLFlcTMEcG5unhBWOA42n8TdYPH4Zbev3is3ygxwbqRjajda3u7AchyDh0rSt5_WqXjyQ
thehackernews.com/new-images/img/a/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/a/AVvXsEiN2CRfA_ceqxVqUhWgQghksIlR--dFXivRiP_Zg-Imyju-DxkJsRqAwMZTHptnxs57fD9WZmF-r0rSMTTmTsDQxuSSveVz3PCX_3vRCCJfInCb6CwrA7DzHnLFlcTMEcG5unhBWOA42n8TdYPH4Zbev3is3ygxwbqRjajda3u7AchyDh0rSt5_WqXjyQ
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f1878fabdff05f47a87ea13c69587873e49579185df0fa40a3fe150b59600b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
617414
cf-polished
origSize=14792, status=webp_bigger
x-forwarded-for
3.126.19.248
content-disposition
inline;filename="hacking.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14660
x-xss-protection
0
expires
Fri, 06 May 2022 03:05:09 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"ve30c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q%2B96s5bWEJOUg2EDyPGOx00BVfgQDavO5WHVFFyqodsEbjnHnDuLDNEO%2Fq7kW90lrv9zXBauqXGZWe4aH7Mz4ULaP5JZOGl9QXzgzI65QTcLOhSN6WO7kabGwfK%2FbuebnmtXYh7qxqNcBft99Wz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1224ebe5a9ba4-FRA
access-control-expose-headers
Content-Length
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1652337323.dop103.fr8.t,1652337323.cds290.fr8.hn,1652337323.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
red-malware.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi_JJTRy0WEXV5vdQ0fCUCI6BSSboudL85qjwAQNL6Mccy9DxMPmyEMnjUHCTG0HVroriI1v6O51ZTP5AGdh3nPYt1tB6ng1EPnSHoA9pZfRQqj_xV74Ln1fZ5kVDTIrj-c0C0bdFZTUD53UfSVU... 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi_JJTRy0WEXV5vdQ0fCUCI6BSSboudL85qjwAQNL6Mccy9DxMPmyEMnjUHCTG0HVroriI1v6O51ZTP5AGdh3nPYt1tB6ng1EPnSHoA9pZfRQqj_xV74Ln1fZ5kVDTIrj-c0C0bdFZTUD53UfSVUIJyRT9JjwvTL57gJlL3aMKXFlqt3oPQO0a_namY/w72-h72-p-k-no-nu/red-malware.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c465b446e7e9537df30f5f5c41f0749f4abfd422c1fc2ca3d9bedaade0f246d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
404670
cf-polished
origFmt=jpeg, origSize=4642
x-forwarded-for
135.125.248.191
content-disposition
inline; filename="red-malware.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3982
x-xss-protection
0
expires
Sun, 08 May 2022 14:10:53 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v193e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
image/webp
vary
Accept, Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1224f98129ba4-FRA
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
access-control-expose-headers
Content-Length
exploit.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg5YVTszIPCrdhSDdbiNHZLx_7Y2PAuginDDFpNuucqQi41rQJzZBQsCVl76q-q6zR9HFVZXmi0yyFewOigZ5wHmfwe70i2i4vV2o1SBRVjWao43lzjnjfsf46ec97G23hfDsQIp9h-V1YqO63aT... 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEg5YVTszIPCrdhSDdbiNHZLx_7Y2PAuginDDFpNuucqQi41rQJzZBQsCVl76q-q6zR9HFVZXmi0yyFewOigZ5wHmfwe70i2i4vV2o1SBRVjWao43lzjnjfsf46ec97G23hfDsQIp9h-V1YqO63aTfI3IpP5L2FNeKMjZZI4kwSp-TrlkIBAZv6Cc902/w72-h72-p-k-no-nu/exploit.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd24f5731d34c929cd209444714bbb865d4d6891b77ada39b9429fc9ba05f57c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174785
cf-polished
status=not_needed
x-forwarded-for
165.225.207.57
content-disposition
inline;filename="exploit.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1972
x-xss-protection
0
expires
Wed, 11 May 2022 06:02:18 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v1950"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDfu8Z57V9mpz0VZm%2Bbvcs4TC6tguGxQkCy0MzZ968U2%2BZzBcqEofOoh%2Fd3vu4hD5X%2FnL3YQQG54hPKdcZfC9FeNX69okN5Ki%2FpTIcfApytpxJmr6RWSZOk3yqAoK6WfYese73CBKvdiMnG3A5oJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1224f98149ba4-FRA
access-control-expose-headers
Content-Length
bitcoin.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEip-c1_FZgYXkQCLSRaw4p4ov_yvNZXfdoJdW45BtLQoeZZHW4722cWZBsh2K273-lZkcjN8ceQW1WDk9bkUr8-kCQ5pGOtWQtsVdQ54NH_GTA51c_FAb54O2h-Uic0Zrv7PJn-i21B6B7N9pBLx... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEip-c1_FZgYXkQCLSRaw4p4ov_yvNZXfdoJdW45BtLQoeZZHW4722cWZBsh2K273-lZkcjN8ceQW1WDk9bkUr8-kCQ5pGOtWQtsVdQ54NH_GTA51c_FAb54O2h-Uic0Zrv7PJn-i21B6B7N9pBLx7cxt5_FJLuagcbwsGgZNde734Wo1721o5B8rRBz/w72-h72-p-k-no-nu/bitcoin.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a61e00bda005e2b7b934dd292ede74f46e57a42a0ca8acb7af794ef3adf6d5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194119
cf-polished
origSize=3059, status=webp_bigger
x-forwarded-for
2001:16a2:cce8:e700:bfe6:678b:302d:c7a6
content-disposition
inline;filename="bitcoin.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3048
x-xss-protection
0
expires
Wed, 11 May 2022 00:40:04 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v194e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITfd2d%2FVGJZI3F8G1FvLfVz1jI9X4EASwuzVYKeIIpteeS9b3VmDFagMT9GPAeBi%2F5%2F5ssTq%2BuVRnGW0r5gxwcyB07W6YPakya0S3YXXbah2%2Fk%2Blf9EGOVpIjrmqBBB075D0N3DGjmTEZVFUIxTc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1224f98169ba4-FRA
access-control-expose-headers
Content-Length
jester.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEilMLJXxcYjtUwAZKdnzWczhhd-J9QkoEihgZIDUL52I39at9BU_5SijsUXeJpJjgqenxybN_3yFDUKVQT2UNd4Cza8AalkOgdjbuJBgtJxtD82mV3P9fxDVuYNjBUcLGWPqzel88wGpC8wQzGIj... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEilMLJXxcYjtUwAZKdnzWczhhd-J9QkoEihgZIDUL52I39at9BU_5SijsUXeJpJjgqenxybN_3yFDUKVQT2UNd4Cza8AalkOgdjbuJBgtJxtD82mV3P9fxDVuYNjBUcLGWPqzel88wGpC8wQzGIjgu8hZ22V4xw43txPyhhfGIaH7LKb5wjuyKHh9Oq/w72-h72-p-k-no-nu/jester.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fabbe1a17914cfa1984c599f1d8b163ddb77efc9a2e963ff31642aca7fb01a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21815
cf-polished
status=not_needed
x-forwarded-for
94.190.200.50
content-disposition
inline;filename="jester.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2659
x-xss-protection
0
expires
Fri, 13 May 2022 00:31:48 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v1954"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h91HPYCtDYIC0phIbccjDwj3vHRXiOArTdYlBstyWT9E7%2FtTjyVwpVIoQQirv4CFpeP6a1lHLPOSeUTqYgAR4Fou9ptS6vqhlRObUwB6LyapP%2F1Q%2FNYFrH%2BE2sQiWOcwQkeVQDzJlu26bzKpcgwa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1224f981a9ba4-FRA
access-control-expose-headers
Content-Length
pb.37020.1652213309981.js
cdn.adpushup.com/prebid/ 		343 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79293b978012f4d071a29d3f1b21bb63b9c66d4256b6db72ec199700be3ee558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 May 2022 20:09:07 GMT
server
cloudflare
age
123492
etag
W/"627ac663-55a33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70a12250399292c5-FRA
expires
Fri, 12 May 2023 06:35:23 GMT
65d06b29-38da-4681-b006-d0b43cfb48d5
https://thehackernews.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thehackernews.com/65d06b29-38da-4681-b006-d0b43cfb48d5
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
3743
shellcode-malware.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgvJfLXdUTf2BzHvnefcr_Fva7UCjqWOBZwOPJoij9C9ibwvcV-5qEaY-JxGOpW5ssQx16vD43gW6tjuuynIUVQBtvKSB28AJDraP1kTWPLaodJtBwbWhXQebLyQUamwS5Vn-ImTRkaob4ot0xDu... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgvJfLXdUTf2BzHvnefcr_Fva7UCjqWOBZwOPJoij9C9ibwvcV-5qEaY-JxGOpW5ssQx16vD43gW6tjuuynIUVQBtvKSB28AJDraP1kTWPLaodJtBwbWhXQebLyQUamwS5Vn-ImTRkaob4ot0xDur334LrwRy7TlfKBKw2Eil-ReBVl-Zcjy5hqI0IW/w72-h72-p-k-no-nu/shellcode-malware.jpg
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f5b73fd7cec06eb703c026c7d4e3e68ba69c23cd2278c679763daea9b5d39c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
316793
cf-polished
origSize=3014, status=webp_bigger
x-forwarded-for
109.182.193.166
content-disposition
inline;filename="shellcode-malware.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2995
x-xss-protection
0
expires
Mon, 09 May 2022 14:35:30 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v1948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mo3nuKLuIOJkTWwTayJB99WEDyyKyZpHmCCov4haOjMONDXUMa4mBjtLXekn4wKPiB9LBuedC4bU23WnOLJUAK1Vgjuvwy%2BA%2FK8hqn%2BqH7TqMjvZR2NkPIk8qsgec7VGTqPIEhoiOl33UMoQ58C6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1225069a79ba4-FRA
access-control-expose-headers
Content-Length
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
cloudflare
age
8023987
etag
W/"60d94cdb-1c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70a12250ea5e92c5-FRA
expires
Fri, 12 May 2023 06:35:23 GMT
IL_.html
cdn.adpushup.com/02/ Frame 1C6C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/02/IL_.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07dcd17ae695c7a24cc13a362ad1e3f6e723016d18164ac482aa7cb644cf79d6

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
161560
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
70a12250ea6992c5-FRA
content-encoding
br
content-type
text/html
date
Thu, 12 May 2022 06:35:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 12 May 2022 07:35:23 GMT
last-modified
Tue, 28 Sep 2021 10:48:38 GMT
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s12-in-f2.1e100.net
Software
sffe /
Resource Hash
7b64ae6be764e1befedf82b0bd2848d5e9d03e2b223828b0531d33f4d633400d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28393
x-xss-protection
0
server
sffe
etag
"1212 / 805 of 1000 / last-modified: 1652306762"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 May 2022 06:35:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/37020/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
678
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1NNHAH69AK5BEMSAFB3X
date
Thu, 12 May 2022 06:24:06 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
pqdYhgiWppr054lFeUXOn3czCvQ6MpPTUgWDHlSz7hdK7j-WGwvh3g==
log
aplogger.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?pxRes=false&event=PPID_ANALYTICS_C1&data=eyJ1c2VySWQiOm51bGwsInNlc3Npb25JZCI6bnVsbCwicHBpZEFwcGxpY2FibGUiOiJNaXNzaW5nIiwic2l0ZUlkIjozNzAyMH0%3D
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.210.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 12 May 2022 06:35:23 GMT
Server
nginx/1.14.0 (Ubuntu)
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:22 GMT
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NTIzMzczMjI4MDcsInBhY2tldElkIjoiMDAwMDkwOUMtODMzZTA2Y2QtZTVlNy00ZWFlLThiMjQtZmQwODE3MzRlNmNkIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzA1L2hhY2tlcnMtZGVwbG95LWljZWFwcGxlLWV4cGxvaXRhdGlvbi5odG1sIiwibW9kZSI6MiwiZXJyb3JDb2RlIjo3LCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:22 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NTIzMzczMjI4MTYsInBhY2tldElkIjoiMDAwMDkwOUMtODMzZTA2Y2QtZTVlNy00ZWFlLThiMjQtZmQwODE3MzRlNmNkIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzA1L2hhY2tlcnMtZGVwbG95LWljZWFwcGxlLWV4cGxvaXRhdGlvbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI5NjdlY2ZhZC1iZjZiLTQyOWUtOWEzOS05NzcwYzhiN2QxODgiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOTY3ZWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV85NjdlY2ZhZC1iZjZiLTQyOWUtOWEzOS05NzcwYzhiN2QxODgiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:22 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NTIzMzczMjI4MjQsInBhY2tldElkIjoiMDAwMDkwOUMtODMzZTA2Y2QtZTVlNy00ZWFlLThiMjQtZmQwODE3MzRlNmNkIiwic2l0ZUlkIjozNzAyMCwic2l0ZURvbWFpbiI6Imh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vIiwidXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzA1L2hhY2tlcnMtZGVwbG95LWljZWFwcGxlLWV4cGxvaXRhdGlvbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IlBPU1QiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4YzJkN2Y5NC1hOWM1LTQzYjItODNhNC1jZGNmNzExYWUwNWUiLCJzZWN0aW9uTmFtZSI6IkFQX1RfUl9yZXNwb25zaXZlWHJlc3BvbnNpdmVfOGMyZDciLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzM3MDIwX3Jlc3BvbnNpdmVYcmVzcG9uc2l2ZV84YzJkN2Y5NC1hOWM1LTQzYjItODNhNC1jZGNmNzExYWUwNWUiLCJzZXJ2aWNlcyI6WzIsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:22 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 19 May 2022 06:35:23 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?pxRes=false&event=IL_data&data=eyJ1c2VySWQiOiIwMDAwOTA5Qy04MzNlMDZjZC1lNWU3LTRlYWUtOGIyNC1mZDA4MTczNGU2Y2QiLCJjb3VudHJ5IjoiSUwiLCJkYXRlIjoxNjUyMzM3MzIyODUwLCJkb21haW4iOiJ0aGVoYWNrZXJuZXdzLmNvbSIsInBhdGhuYW1lIjoiLzIwMjIvMDUvaGFja2Vycy1kZXBsb3ktaWNlYXBwbGUtZXhwbG9pdGF0aW9uLmh0bWwiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJzaXRlSWQiOjM3MDIwLCJ1bmlxdWVJZCI6ImJiN2U5MmUxLTkyNDgtNDJjOC1iMzZkLTAxY2RkYmQ1ZmE5My0xNjUyMzM3MzIyODUwIiwiYWN0aXZlRXZlbnRzIjp7fSwicnVubmluZ0V2ZW50cyI6e319
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.210.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 12 May 2022 06:35:23 GMT
Server
nginx/1.14.0 (Ubuntu)
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://thehackernews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 12 May 2022 06:35:23 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1055
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220512
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a78307c11fa124f3050bbaedad86159f99e3538fd8f108892b933c9f51141bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12862
x-jsd-version
1.0.1338
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA, cache-itm18844-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-Vt+E4r0X31JqGoxLO3OUwfOXSEA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpFUIqoKdq6bqCZCw%2FUlUxNyr2NCVUwBH9sHQxZvKmzWOLEJ1kytGpMxVRf6Edtc4wFasieT2PSoR8BmiYGsLpBsi26GSF1vsy3L8t9gDM%2FD7dYvMm8nVe8wQojrAYmFaN2jO6WHa8ZKuUNL%2BME%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70a12251b8348fda-FRA
access-control-expose-headers
*
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthehackernews.com%2F&domain=thehackernews.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Ggx9kHxZOUR4WGgvbXU1cTBPbnR5MGZRVzNpSTNiaTJrQnBWdDJqNTFqclVnVFlCMjJja1lZeit1S0FYU3RaTDFaQXV0UUFLeXB2TXFZbk5wdnNoVWRJTnRDemZHN3JFVjZQMGs5bVBnbW9iSnR0TlNaTW9IVjNQZDJiSD...
358 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Ggx9kHxZOUR4WGgvbXU1cTBPbnR5MGZRVzNpSTNiaTJrQnBWdDJqNTFqclVnVFlCMjJja1lZeit1S0FYU3RaTDFaQXV0UUFLeXB2TXFZbk5wdnNoVWRJTnRDemZHN3JFVjZQMGs5bVBnbW9iSnR0TlNaTW9IVjNQZDJiSDNhT2xnS2R6V3ZlcjZ4YUNlNXEweXh4N2FIZnM0amd2bnlRMTROZWlaTGw1Sk5iVC9YVk1paTlSMytMUlpmSFZ2RUhIaHRXTm9VTTZlWVZrVEIzdFJSV1lYbWkzYldhdXVhRjFzby8wUXlaM1E2Wk9jY2hJPXw&cppv=2
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
564b8b59bede6823c53b1fd79ae8c5203efbac27ac049a263c145b5aab796210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2672
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
location
https://mug.criteo.com/sid?cpp=Ggx9kHxZOUR4WGgvbXU1cTBPbnR5MGZRVzNpSTNiaTJrQnBWdDJqNTFqclVnVFlCMjJja1lZeit1S0FYU3RaTDFaQXV0UUFLeXB2TXFZbk5wdnNoVWRJTnRDemZHN3JFVjZQMGs5bVBnbW9iSnR0TlNaTW9IVjNQZDJiSDNhT2xnS2R6V3ZlcjZ4YUNlNXEweXh4N2FIZnM0amd2bnlRMTROZWlaTGw1Sk5iVC9YVk1paTlSMytMUlpmSFZ2RUhIaHRXTm9VTTZlWVZrVEIzdFJSV1lYbWkzYldhdXVhRjFzby8wUXlaM1E2Wk9jY2hJPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1640
content-length
482
expires
0
adreq
ads.servenobid.com/ 		296 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1446
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c68c57aceffed7be1d8526d9f2d245581bb792c3d18407094aee88ce71ddf1a

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehackernews.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thehackernews.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		298 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
c7267caa7333ca26de3bb40429453d2cf02339a285fe14c129114bcb85d8f7b8

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
298
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.247.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-247-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8f12dbf851c7362501548265c39944d7fc46c67c650e839371c385dd90172eb

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
x-prebid
pbs-java/1.88.0
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.247.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-247-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
adccafef34a91917b6714c6618b20ffc17490c8b40be5ad251f4064e1de3f816

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
x-prebid
pbs-java/1.88.0
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		350 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=332834&zone_id=1745264&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C16%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,aeb138a66c47c1d438a8907993e81712,1,,,&eid_pubcid.org=1f26d5f4-6401-40cc-8299-bc2a05735284%5E1&rf=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&tk_flint=pbjs_lite_v4.43.0&x_source.tid=499c0ac4-3066-43a4-9a56-101a8a2141b9%3B8fe3b8d1-86d7-40cb-a881-af0d4aa7bbd1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.482014127128751
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b861c9da9efc0827b70733d7d34ea737e0c60e9b16384c775d8d42a5ad65762c

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:23 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
350
Expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Thu, 12 May 2022 06:35:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
74
vary
origin, Accept-Encoding
bid-request
a.teads.tv/hb/ 		16 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 12 May 2022 06:35:23 GMT
cdb
bidder.criteo.com/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=27549828416
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bid
ap.lijit.com/rtb/ 		24 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
625801c0adcd54ae65cbfe728437b9e5d7187a11994fc8b231fdcacba5142913

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 12 May 2022 06:35:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehackernews.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
arj
adpushup-d.openx.net/w/1.0/ 		73 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=525ea1b0-6baa-4536-bbd7-993f6cb543af%2C30d33dd7-f4a0-4453-b7b8-feb090b9cdba&nocache=1652337322937&pubcid=1f26d5f4-6401-40cc-8299-bc2a05735284&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&aus=730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C730x290%2C728x280%2C728x250%2C728x90%2C690x90%2C690x250%2C690x280%2C675x90%2C675x280%2C675x250%2C670x90%2C670x280%2C670x250%2C650x90%2C650x280%2C650x250%2C650x150%2C630x90%2C630x280%2C630x250%2C602x100%2C600x90%2C600x280%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C336x280%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200&divids=ADP_37020_responsivexresponsive_00000001-fd2d9f5e-e29b-4cb7-b2b9-ca1193a7eeb9%2CADP_37020_responsivexresponsive_00000001-18379273-0b83-40dd-84d6-517f3e320c1d&aucs=%2C&auid=541218336%2C541218336
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
39c832603d09d081c9192ee0c0330f5affc87714c81110957fc09f925917419a

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thehackernews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		67 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
56ea5993b7d6a22f457f5ffe6bd14710ce65789eea08bb234b8a660c454a0b05
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 12 May 2022 06:35:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd7760ed-e004-4d15-bd05-a05e11812582
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://thehackernews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0677686760452176260d8546c282ac905609ecb23041162edbaa3e0a37582672

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
dmx.districtm.io/b/ 		0
0
v1
dmx.districtm.io/b/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehackernews.com
date
Thu, 12 May 2022 06:35:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
i.connectad.io/api/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
70a122524e5d9b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		2 B
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:02:44 GMT
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
server
AmazonS3
age
1959
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
content-length
2
x-amz-cf-id
asHu9hiM-1D-FKl8zOC06z6PmkzDUPTsYn0s5tDgHcSAvjsEazP6Vw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthehackernews.com&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:16:50 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
server
Server
age
1113
x-cache
Hit from cloudfront
access-control-allow-origin
https://thehackernews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
LoSSGnNV3dpf_UIu03yMVhStrcUzF95RDTll1pc3zQBwvoNBVQ4qVQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&pid=9222YaY7mtAO5&cb=0&ws=1600x1200&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22ADP_37020_responsivexresponsive_00000001-fd2d9f5e-e29b-4cb7-b2b9-ca1193a7eeb9%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055424785%22%7D%2C%7B%22sd%22%3A%22ADP_37020_responsivexresponsive_00000001-18379273-0b83-40dd-84d6-517f3e320c1d%22%2C%22s%22%3A%5B%22730x290%22%2C%22728x280%22%2C%22728x250%22%2C%22728x90%22%2C%22690x90%22%2C%22690x250%22%2C%22690x280%22%2C%22675x90%22%2C%22675x280%22%2C%22675x250%22%2C%22670x90%22%2C%22670x280%22%2C%22670x250%22%2C%22650x90%22%2C%22650x280%22%2C%22650x250%22%2C%22650x150%22%2C%22630x90%22%2C%22630x280%22%2C%22630x250%22%2C%22602x100%22%2C%22600x90%22%2C%22600x280%22%2C%22600x250%22%2C%22580x90%22%2C%22570x90%22%2C%22550x150%22%2C%22468x60%22%2C%22336x280%22%2C%22320x50%22%2C%22320x100%22%2C%22300x50%22%2C%22300x100%22%2C%22300x75%22%2C%22300x250%22%2C%22250x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F103512698%2F22055889203%22%7D%5D&schain=1.0%2C1!adpushup.com%2Caeb138a66c47c1d438a8907993e81712%2C1%2C%2C%2C&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:23 GMT
via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
RKQM954PCKSM8T7QW2WD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehackernews.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
995WcDCLFt6zJd-uZVwL6d856oqtvfAPx3-lPWXkiUFTxGbx1QX3_Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
8182
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Thu, 12 May 2022 04:19:02 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
XP5JsQSu8qN7hbc56IaVADT5AsBpGpvwo099sbFfXGxt0_O88fTYkw==
pubads_impl_2022050901.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s12-in-f2.1e100.net
Software
sffe /
Resource Hash
010c2e34dbc2aaadf863b6025f837d39a6d507fcb2389f306875b60242429822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 15:34:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127498
x-xss-protection
0
last-modified
Mon, 09 May 2022 08:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 09 May 2023 15:34:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		164 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thehackernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s12-in-f2.1e100.net
Software
cafe /
Resource Hash
019d22d3e70ec460a085db138f131a9d77cb25175dd7eecb155305c270ed221c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Thu, 12 May 2022 06:35:23 GMT
pixel;r=1562531960;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d6...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1562531960;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1021774788-1652337323049;pbc=1f26d5f4-6401-40cc-8299-bc2a05735284;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=thehackernews.com;je=0;sr=1600x1200x24;dst=0;et=1652337323049;tzo=0;ogl=site_name.The%20Hacker%20News%2Clocale.en_US%2Ctype.article%2Ctitle.Hackers%20Deploy%20IceApple%20Exploitation%20Framework%20on%20Hacked%20MS%20Exchange%20Servers%2Cimage.https%3A%2F%2Fthehackernews%252Ecom%2Fnew-images%2Fimg%2Fb%2FR29vZ2xl%2FAVvXsEhb3WFndGjQ62G4i5F9GvdK%2Cdescription.Researchers%20unveil%20IceApple%20post-exploitation%20framework%20hackers%20used%20on%20compromi%2Curl.https%3A%2F%2Fthehackernews%252Ecom%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation%252Ehtml
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Ggx9kHxZOUR4WGgvbXU1cTBPbnR5MGZRVzNpSTNiaTJrQnBWdDJqNTFqclVnVFlCMjJja1lZeit1S0FYU3RaTDFaQXV0UUFLeXB2TXFZbk5wdnNoVWRJTnRDemZHN3JFVjZQMGs5bVBnbW9iSnR0TlNaTW9IVjNQZDJiSDNhT2xnS2R6V3ZlcjZ4YUNlNXEweXh4N2FIZnM0amd2bnlRMTROZWlaTGw1Sk5iVC9YVk1paTlSMytMUlpmSFZ2RUhIaHRXTm9VTTZlWVZrVEIzdFJSV1lYbWkzYldhdXVhRjFzby8wUXlaM1E2Wk9jY2hJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 12 May 2022 06:35:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1027
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2444997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n805Jfx6MUGahlFgAZSRMSFcS1b7i4BE7igFCNMwwWTauLfelSjo9nCuFngApXp7isUdz7XalFdI1jownlLw%2FTxE8G5jiEZKdaLYfmZPaxSJTZ9DiuvsAtD%2B6WafS%2FAqOntrlH879vodNexUF04CbpB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70a12253b98d9b80-FRA
expires
Tue, 02 May 2023 06:35:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: thehackernews.com
URL: https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
819939fd16cc5973d244c90e8d053ce7a27aff99ead1fdfa4adef0bace67d8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55912
x-xss-protection
0
server
cafe
etag
12178176949545939135
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 12 May 2022 06:35:24 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/ 		305 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a02d1fa74255a0f92d315b4030d03a3f95d1dcf480151106ccceea307984c122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111288
x-xss-protection
0
server
cafe
etag
9396436699304170853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 12 May 2022 06:35:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/ Frame 593A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220509/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 11 May 2022 23:42:59 GMT
etag
1428802124239944296
expires
Wed, 25 May 2022 23:42:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		221 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=thehackernews.com&callback=_gfp_s_&client=ca-pub-7983783048239650
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a66cf7e4262d67f62d86547468ffc86eeeb3e155b1d03a513123cf400bb83cc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 425D 		96 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71baf19e7b9d0eb41eb6771395adfb6db79aeaa0d0b7e2e1d68c99e3b933f454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33184
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:25 GMT
expires
Thu, 12 May 2022 06:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220509&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d18bb7f825b619f661a9dd7b444aac38ed62e372618b0cbb2f202eed20e2789e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10677
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E244 		70 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15ba967f268eca589aeb2ba6212e16af0b9585a777c1a55f0b13e5ecb2104c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
28813
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:24 GMT
expires
Thu, 12 May 2022 06:35:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3935 		70 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c65de9238748263eabf178c951bbb58b653ffec053ec0bc49fa0d0000ba27777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
28868
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:25 GMT
expires
Thu, 12 May 2022 06:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FE2B 		132 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&adk=1812271804&adf=3025194257&lmt=1652336704&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323364&bpp=2&bdt=1038&idt=215&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250%2C970x250&nras=1&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=224
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f806589de9eca3c950dc04835404594ed8cb6c7e22c6acd4cefcaa309863dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33972
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:24 GMT
expires
Thu, 12 May 2022 06:35:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 06:35:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A698 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29497
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 May 2022 22:23:47 GMT
expires
Thu, 11 May 2023 22:23:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 569A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
443afad54ebe30521b57a4cc0b651a53de84113e2f59749e873fc541b5b66603
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DsUPPAEYXz/y5uuvRHzEsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-DsUPPAEYXz/y5uuvRHzEsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:24 GMT
expires
Thu, 12 May 2022 06:35:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		148 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4384787050799873&correlator=3045231958353668&eid=31067486%2C31065401%2C44742768%2C31067419%2C31064018&output=ldjh&gdfp_req=1&vrg=2022050901&ptt=17&impl=fifs&iu_parts=103512698%3A22548988896%2C22055424785%2C22055889203&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C730x290%7C728x280%7C728x250%7C728x90%7C690x90%7C690x250%7C690x280%7C675x90%7C675x280%7C675x250%7C670x90%7C670x280%7C670x250%7C650x90%7C650x280%7C650x250%7C650x150%7C630x90%7C630x280%7C630x250%7C602x100%7C600x90%7C600x280%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C336x280%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C730x290%7C728x280%7C728x250%7C728x90%7C690x90%7C690x250%7C690x280%7C675x90%7C675x280%7C675x250%7C670x90%7C670x280%7C670x250%7C650x90%7C650x280%7C650x250%7C650x150%7C630x90%7C630x280%7C630x250%7C602x100%7C600x90%7C600x280%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C336x280%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height%2Cheight&ifi=5&adks=2778182095%2C138948186&sfv=1-0-38&ecs=20220512&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%26hb_cache_host%3Dprebid.adnxs.com%26hb_ap_format%3Dvideo%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74d82ca541b3303%26hb_ap_bidder%3Dappnexus%26hb_cache_host_appnex%3Dprebid.adnxs.com%7Camznbid%3D2%26amznp%3D2%26adpushup_ran%3D1%26hb_ap_siteid%3D37020%26hb_ap_ran%3D1%26fluid%3D1%26refreshcount%3D0%26refreshrate%3D30%26hb_cache_host%3Dprebid.adnxs.com%26hb_ap_format%3Dvideo%26hb_ap_pb%3D0.02%26hb_ap_adid%3D75b5972010aa5c2%26hb_ap_bidder%3Dappnexus%26hb_cache_host_appnex%3Dprebid.adnxs.com&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Db59a78977e682708-227e8c7d90cd005e%3AT%3D1652337324%3ART%3D1652337324%3AS%3DALNI_MbbrPC281evJ7E7-OayuJfepz5UGQ&abxe=1&dt=1652337323772&lmt=1652336704&dlt=1652337322326&idt=853&biw=1600&bih=1200&adxs=269%2C269&adys=1315%2C2318&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=730x0%7C730x0&msz=730x0%7C730x0&fws=4%2C4&ohw=1600%2C1600&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=false&btvi=1%7C2&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s12-in-f2.1e100.net
Software
cafe /
Resource Hash
99826d09eedab85d5da34206466f0ea71528a53ffc859826ded973afb940ed33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32082
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehackernews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA7D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:24 GMT
expires
Fri, 12 May 2023 06:35:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
pagead2.googlesyndication.com/bg/ Frame A698 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 May 2023 06:29:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 569A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220509&jk=4384787050799873&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A698 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YibAXA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c10d99900b00ee0952a5499e09f8c566c872f86f4bdf48fb609eb14af41640db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52967
x-xss-protection
0
server
cafe
etag
11319206575369009205
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 May 2022 06:35:24 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehackernews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 May 2022 06:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/ Frame 850B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7983783048239650&plah=thehackernews.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 00:27:36 GMT
etag
1428802124239944296
expires
Thu, 26 May 2022 00:27:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 850B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 05:24:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 06:35:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 06:35:24 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 850B 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:24:48 GMT
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 12 May 2023 06:24:48 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 850B 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:28:31 GMT
x-content-type-options
nosniff
age
413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 12 May 2023 06:28:31 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/ Frame 850B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8280
x-xss-protection
0
server
cafe
etag
1405619832300133377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:34:59 GMT
fullscreen_api_adapter_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/ Frame 850B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/fullscreen_api_adapter_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8328cdfc86fa0595bad579513eb730c91f0630cc7f451d5c2fce7d90806a8a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 00:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5794
x-xss-protection
0
server
cafe
etag
8876664891709704534
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 00:15:38 GMT
10255267196295054454
tpc.googlesyndication.com/simgad/ Frame E244 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10255267196295054454?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlX4fQVJAdj8vTGP1wZT_sg5G9GjQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c7d03bc73c7b64fd03ca605848afe0470c78abad139b4888f319c9dbf90d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 19:59:48 GMT
x-content-type-options
nosniff
age
124536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23601
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 20:29:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 May 2023 19:59:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/ Frame E244 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:33:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame E244 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:29:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E244 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652096384767712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 06:35:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame E244 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:34:26 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame E244 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 06:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85516
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12278
x-xss-protection
0
server
cafe
etag
12178443437409350037
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 25 May 2022 06:50:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E244 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtSTMrKp8YrGHHJiNtwfPqaFwqM6D1Gjon8XIig-Qj6j4ZxABIOf75RtglcqZgqwHoAGzqLL7AcgBAqgDAcgDyQSqBIUCT9D8qfTaReofaIvkpP-lF3bWvKcP3vVKeMNf2UBjqFBnb4DxblfUzXi43R9BkVaWm1pv1xG6heBJw6TyZNwMepUx-ii1BQgjtIA8Mj5rfyZ2cyy4VdTe5rP1cLOeOYTk5gRc1Q3HwGU1F1TGrUKetKAplHIgjbCkKqUFGTT3pu4Fzi6-V8aDkt31ZGxoT_ZlIapaYh7f6goLTMLjvnoibajGCGCsTF-AG36rlSvF-oriv2_mxPtLF5vEKeoKxBt6rVHbFev-ZQdMWPuhO3YHO80f-KnXPqV0WrW-aYxyVp9_CmZ8PnH-SR7miTTz_mcf2Jhc6yx1OkXBGfqwZ0uUrcQJRXyDwATq9e3x7AOSBQQIBBgBkgUECAUYBKAGAoAHtdfNhAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCFwWzSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzk4Mzc4MzA0ODIzOTY1MBgA&sigh=jiSxc9ADK6Q&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 12 May 2022 06:35:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 12 May 2022 06:35:24 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 747F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1658
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:07:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 4E8D 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 05:26:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 06:35:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 06:35:25 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 4E8D 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:35:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/ Frame 4E8D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:33:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 4E8D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:29:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E8D 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652096384767712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 06:35:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 4E8D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:34:26 GMT
8ac99cc5020451d5a2f944f2abe6dceb.js
www.gstatic.com/mysidia/ Frame 4E8D 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 12:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12291
x-xss-protection
0
last-modified
Thu, 05 May 2022 20:56:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 12:17:25 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 747F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:25 GMT
expires
Thu, 12 May 2022 06:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 083C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1659
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:07:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 083C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220509/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:25 GMT
expires
Thu, 12 May 2022 06:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
container.html
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E334 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:24 GMT
expires
Fri, 12 May 2023 06:35:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 241A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:24 GMT
expires
Fri, 12 May 2023 06:35:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
583c04eba622323b1bc7d6fda2f57e1e.js
www.gstatic.com/mysidia/ Frame 425D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 17:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3720
x-xss-protection
0
last-modified
Mon, 02 May 2022 20:52:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 17:16:50 GMT
7e8d9be85afe70328c144e2bd1bc7ea5.js
www.gstatic.com/mysidia/ Frame 425D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7e8d9be85afe70328c144e2bd1bc7ea5.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 23:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3703
x-xss-protection
0
last-modified
Tue, 10 May 2022 23:20:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 23:15:24 GMT
css
fonts.googleapis.com/ Frame 425D 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 05:27:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 06:35:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 06:35:25 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 425D 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:35:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/ Frame 425D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:33:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 425D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:29:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 425D 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652096384767712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 06:35:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 425D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:34:26 GMT
8ac99cc5020451d5a2f944f2abe6dceb.js
www.gstatic.com/mysidia/ Frame 425D 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 12:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12291
x-xss-protection
0
last-modified
Thu, 05 May 2022 20:56:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 12:17:25 GMT
truncated
/ Frame E244 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
293e1b473edec8547fe4b7eac8f649546f9b116762cb12e5bfc2b56c517183f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/ Frame 241A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/abg_lite_fy2019.js
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:33:43 GMT
css
fonts.googleapis.com/ Frame 241A 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 05:29:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 06:35:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 06:35:25 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame 241A 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.css
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 13:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 09 May 2022 10:41:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 13:12:02 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame 241A 		349 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4065ada69c1d555792bc889ed8532656e9a4a530610e5abb2feb3f545fa5bd5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 13:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122885
x-xss-protection
0
last-modified
Mon, 09 May 2022 10:41:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 13:12:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 241A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:34:26 GMT
l
www.google.com/ads/measurement/ Frame 241A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLhihPCAWU4yfHi5_yC1KGSdg9Q5D-YRbD9dFwC1zHGMx9brLuXVtT3Axx78h1WgMYeZh6ODqNabDVt6htc10jRYcpcg
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/ Frame E334 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/abg_lite_fy2019.js
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:33:43 GMT
css
fonts.googleapis.com/ Frame E334 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 May 2022 05:22:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 May 2022 06:35:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 May 2022 06:35:25 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame E334 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.css
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 13:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 09 May 2022 10:41:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 13:12:02 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/ Frame E334 		349 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4065ada69c1d555792bc889ed8532656e9a4a530610e5abb2feb3f545fa5bd5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 13:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122885
x-xss-protection
0
last-modified
Mon, 09 May 2022 10:41:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 13:12:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame E334 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:34:26 GMT
l
www.google.com/ads/measurement/ Frame E334 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWSQk1kayvdlcpw0VcUyuFpbWwaOKz2g2qPwtSm5T50_LRcph-34nQoI5CeMi4jpxqn20yq9sQoktsnn49EaebGjfe2Q
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 425D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFZh2rKp8YquLGpWEwuIPmvGKyAKivMb-afql2NWpD-_Tx9STDhABIOf75RtglcqZgqwHoAGtrpCfA8gBAagDAcgDwwSqBIQCT9BQvgrFiRlPs9ni1qyK1Twe9o5HPDPZf6COEns0Bqg1dOQoc6NfV9l8W_nTdSD9RNAVK4-tvGtHydLA4QZIoalrdZ1Y72eEKxm2UpuKr3tJA2-mI3rW3pjgfpyhz5GCHnzx-HD1qCGmcmNWd0_5VY0ViuHRtlTI1OFCStJxM-qnQuKqayQx6pKvFlJG-sXH4yiZnQoTyBaJ-y8yVIqPTdxKhhbrFH1LEFOP3AAz2XOIon4n8gj5DvxB96OeN1tVxhcMynrOP4RPS0rUxrF8MmcTiu4A7nSYNcQQwegd0HkTHxXvrNc8TxBpOxifNRbQYu48yktKMzRvdl6PYcklkRpYB8vABI6A8sjuA5IFBAgEGAGSBQQIBRgEoAZmgAe70e9gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQt4ki0ggJCIDhgHAQARgfgAoByAsB2BMMiBQD0BUBmBYBgBcBshccChoIABIUcHViLTc5ODM3ODMwNDgyMzk2NTAYAA&sigh=u4BAZIMTfOc&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 12 May 2022 06:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6362 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1659
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:07:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 425D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ea1f1de4e54dc1fb43b56f6ef0d14db280ba4a7b93578d828fcd5b1f1f23716

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 425D 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 22:13:40 GMT
x-content-type-options
nosniff
age
116505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 22:13:40 GMT
dark.jpg
thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhDJx03RSTmg_63F6yu90cKo1f1_MJ8uh0in_bmieHg1qznOyCcE8unSM2I9OoEkRDRLjgxiZ7VLNmZD1L2d8CBjfpVj4cB7grGHevFTqRDJuIFhua1frUR_0Dvi4a_WKAHXfCYXRe0xpZMzYXe-... 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhDJx03RSTmg_63F6yu90cKo1f1_MJ8uh0in_bmieHg1qznOyCcE8unSM2I9OoEkRDRLjgxiZ7VLNmZD1L2d8CBjfpVj4cB7grGHevFTqRDJuIFhua1frUR_0Dvi4a_WKAHXfCYXRe0xpZMzYXe-nzqOfO-1aQSK5qMvZ_FbdWn_gKLVn_BoJ4lt0V6/w72-h72-p-k-no-nu/dark.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14a35c266ad60cdd4080627c46e5b351387efef6f6021a38e565999edc9452a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21816
cf-polished
origSize=1449, status=webp_bigger
x-forwarded-for
94.190.200.50
content-disposition
inline;filename="dark.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1445
x-xss-protection
0
expires
Fri, 13 May 2022 00:31:49 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"v195e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X200Ql26tPcimCWB1BGylC%2FJR7LlH1k1Gq2o1gg0k6FLDK4AbfrJwhOX4s7XTsSdPLK2fUEL%2FEcxT2srE9odUzTcqHr8DF%2FAIQyYnNkHExQABNH6cefCV5sTJQKef6A5HYC55BjFT3DqJYAhxmD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=8640000, immutable, s-maxage=8640000
accept-ranges
bytes
cf-ray
70a1225b7f7b9ba4-FRA
access-control-expose-headers
Content-Length
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6362
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:25 GMT
expires
Thu, 12 May 2022 06:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
pagead2.googlesyndication.com/bg/ Frame 32C9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=4149586040&adk=455978357&adf=3784364303&pi=t.ma~as.4149586040&w=300&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323349&bpp=1&bdt=1023&idt=207&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=661&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9em9HJcsJO&p=https%3A//thehackernews.com&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 May 2023 06:29:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220509&jk=4384787050799873&bg=!HxylHFjNAAZX5TVhd-U7ACkAdvg8WnAnE9VSrFN9J6tKdR5PaAK4xo0PqblgbugUXcC8-NHbQZ8w9wIAAABsUgAAAAJoAQcKADylcqR4HQ4nqrh8LcSRhi4_qikpLuLapiYAKyNNG8zoPj0nfkSyEHeRHWL1x0ekZS4os3keANLUpLmYlCaZAql1viKse7rVfuRClVGCsH-5c5h7x4Bvt1LM12TZ2V0i0Yi5T8Q1lUuEkz604_N-BTWZOM9DJtddD6t8pTE8DSOvDER238b40SO0lMep_4MmxHyTBU9x9OfwKN-zFzaukko4aL5QmwW7TBQEZ2I1TsOWyRhFGAYC91eGvkRr3PzHx5w3soNE28XIUSUIQX2xK1AnLU7bVCPcuCsqgYnXjnY6s4sVHASxK064xmo46oi07dIijicXJ03eiOl1o8C6RWRh6wzVRjxlZHYdQdO2IMLID6zzB7weWXCmwNSsyy5RbzEKtyD-iZ6Fa2VaMSM1kPCbIlMRhZWA_65ueXyuXIqoQW1HmWdCAxleY6me2KaP1Qqtl-P5SbNs6tfukegzj9zvrN46ZIIRVVn3QiHBmgSLwPh20iBz9R3aAX73AsNGTCwRaShGFej3bNQjF6J0NoMhwC6vyrqA7iOMSYBsZO2__RGT2wD1dwDQEBI6JnDY6XdRj5QtQCtgrTasE-yQQ9aKkO5zrbSY2Ae8gGTAYbeOaereXrAHfzC3mCZ-R8ItX28MKKQvKCjQ_gzD4obqvdmTCOnTRNaaMoTbeUJPBbww9g-c_mDg28hyPPpJnA8gizZ3kNZ8vYiMfS3-bxRDkfkstpFxEqi_gwuChvdzGVG6R3w-XQnb5nDDm2F_WX3lgXFWvftz_piwC2DD7AyrY7OfPHphLRgVue9F5Juexg3lyrdMIKVBLWhib9MB6mIWg7ztW7LhH0yMD9Jj9pP6hXtOAbpJP6UJkDWzknYj8VYyI3DSMJnnOIMyOdUIsj6HqLL90GPX6dhY_uIVxK4qa94hXfqxln_XSb8fMrZmoEsOiLxv4XqEbEaIRhfd903PZ2UHMeoBJ7YM6wT47KfUqW6D5oFghZaeAak
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 241A 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l32mzbam&c=8662177987065&slotId=4331088993532.5&qqid=CKD5ppqs2fcCFeuHgwcdZ8YKsQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4005:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 241A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 17:56:19 GMT
x-content-type-options
nosniff
age
45546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 11 May 2023 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 241A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 May 2022 01:46:21 GMT
x-content-type-options
nosniff
age
535744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 01:46:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 241A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CsqGCrKp8YqDzKuuPjuwP54yriAvQ3e39abq4kJWSEPAuEAEguoTAM2CVAqABl_6b8ALIAQWpAqUYEQn6pLE-qAMByAObBKoEpgJP0Ai1nKDXBwI2uN6DBaLrQ-0vWbtQh7zK3MzUGekIaeScs7xq7R6_FXCaHGde_c5bAd5Ar0Ek--V8_7Y8FWvOpxcgWder34ML3oGV6zYCwYxLpmPhyr_yIB6dYv-R73EFU5oU7Ko5aK9dG_KLIEr5RST5OuwUhc-T3VzMIi-pz8r6MPlu9J3zgu2Ujb85DJQJEchLYFQwVT_xTr-YT5tsWtTmU_ftBUoF6V8JfoDWJjhkx0SEjqe42YJaXKEcDWzBoQJh9Snfz4YB6K-3CKEgIwlhymf-T51GKOvUyjq2IW45fHtVaShjs6LfvLq9ayPiexnt5j_ppdM_sN2NL_4l9nywSpw23_i-f2UjECcOiaVBsl139nfljHQJpeTpMMLDu-CurgLABM7lxpn7A-AEA5AGAaAGdoAH0YHkjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjWACgPICwHgCwGADAGwE861jw_IE_X44t8D2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1652337324543&ai=CsqGCrKp8YqDzKuuPjuwP54yriAvQ3e39abq4kJWSEPAuEAEguoTAM2CVAqABl_6b8ALIAQWpAqUYEQn6pLE-qAMByAObBKoEpgJP0Ai1nKDXBwI2uN6DBaLrQ-0vWbtQh7zK3MzUGekIaeScs7xq7R6_FXCaHGde_c5bAd5Ar0Ek--V8_7Y8FWvOpxcgWder34ML3oGV6zYCwYxLpmPhyr_yIB6dYv-R73EFU5oU7Ko5aK9dG_KLIEr5RST5OuwUhc-T3VzMIi-pz8r6MPlu9J3zgu2Ujb85DJQJEchLYFQwVT_xTr-YT5tsWtTmU_ftBUoF6V8JfoDWJjhkx0SEjqe42YJaXKEcDWzBoQJh9Snfz4YB6K-3CKEgIwlhymf-T51GKOvUyjq2IW45fHtVaShjs6LfvLq9ayPiexnt5j_ppdM_sN2NL_4l9nywSpw23_i-f2UjECcOiaVBsl139nfljHQJpeTpMMLDu-CurgLABM7lxpn7A-AEA5AGAaAGdoAH0YHkjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjWACgPICwHgCwGADAGwE861jw_IE_X44t8D2BMKiBQC2BQB0BUB-BYBgBcB
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 241A 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DPuxZf8fA9gRYtMk0DcGjSn8vc8OZyDq3DRobVJXrFB7FPT5D_27D2ELE0L8GqX80FYJ00UlxCsSsw3QyNRvVRRJ60Ew&cry=1&dbm_d=AKAmf-B5yUEJWapkR-QZpYMsgXkJzR1TGyRb0YaliFrkOg0cGmk4z8213JG7GgxrPaIoyGktEx45xX8rfCxIooOINfpd1ndFEUhwJBcqPcbUw4biTYu31fErCtYzUtiy84KQmK-GUlugrYqlTprmmx3xPcClDJy8WHvsu54gWH3gZdugjdJ-0yZJvJ9hxSqW5w8d4AICb1MRkufTeOqqikwnJA11X5jxS2OAY6hPybsMNZy90Jcrbnwm0SpCuxs08B3ZPdY18Ap0jGfmCgd-bDUSEFYS2Nak-_ZnAyM4SxsPHhmI1czlA1NMd_vpnqgQppNgBndBSoQd30GUz3SaRZpZcuWlgumAtqwwClJDFGG-F8doCtBPEvHkPD8rb1ZTm1tHK0WlXdX4dco8Gj9cpXI8fCEE9aYKAwQnzbobV1fam7RDY6qRzYHCvIYL9DHNo-Wejo4GwFK3g8w3PKD6TR29KBt3LQ8RXxkawQDzkd39m9AiR506qR8cskmyCgWAFE3j8DC1UvZyeUeic-HK0d0mhr0YO6-B0Hgw_fYlHXn8f3sexvF63W17ACcQURJ2WPGsjXlla8nsWprzHUsqLh2-jgv4LzJyW8pALqdgPdAZQiiRQQGmOYHekl7hJzF71TcFTbxaEQDu9A8Byt_JX8g2MYTaeSnn7XPolPN8cMSsBtGuK1qST35bIBeghvfpQUEGtvIdp1vHfmicPKHaDUpi8k_knXkHEeoOc0BQoDK60j5m4iOGwoROKXhArWfAKAyTt2D2VeMq6CjWIpQpqQ45LIpNa7s7Jjay2v94zf_zQnKIBJ8XDJe2lWBXuyiDmivSODqrZrPXCRTBn2zeY4mhRkXjdO1yHJN5ZZ7LWhusOz6BlVaLPH4oi1bBCS5hpQg8nJm9ShXW0UqMIyv_SNK6mnVJIRTBQCMHWf6XlxeZ7PEmeTrFa7zmeo-DdmCWaVpvwDlfyjZKeYnChMNcalfIJtRE3TgH1QBKtTJoZRTy37RVR1sLLD_wxchpGru83CvnxkaKCo2_p-mpHruNh2quAMgFRfiTAptCG07zgJ0u2rtmuVwhSIRSCyDanNf1oBeLKtCx7tUl7M00oBFIKD3Pa_MnxPKuTznL-p2LsXAVQNZZ-vBmp1YeU6nLJwG_2H1GON-mebD6Qq1mvQEMTZhb5lI8WJGmHJ9lVHmurPJwmacuOzpxb4h8LWeYi5P4m2lJ0LGe0H64fCDQJZbovtyqbDUL05ihXf4LDwWFNDNmslJtwYr7rpEhL2tO9BOS7kDML4RT8RKI8w9Npkx2RCLmHlvOdxlFaVW49Cq10Q3TiR8T2AidIBr8yToZn8Nvspt0neqbIK6FJAtxKRjK99tdLYAB1qxp01BgJBqH3WcQ_sbgUoO3pDwOuDLrZLCbMNW7w6nLkZ5WXyGANgReGgOthkt0PqVOej5cVmMTIaxJTKc1M4u5ON5glcxthziXhr4g-HOofYC_TYwdcMu4mi3MsAp8CcVqPiuAEXirqbuAykRYlZJkdkU6MYf8TBOlSovt7GivXyHdwk7iadylI1WUrXFZ_rcj1Y1iDcAry3xxxZiE_bEA3sDggSrNNAEJC5vVtvkEMvMxL3GRG6_KZniAfyNYjTmr60nX0811YWRmliDJX_KyWoCt_PDi6Z8M2mRGSOWDZfGhU0ak33uGZuN6yQuybEhNY9AaMfZ6l3XyUN5ZdJa5ugrQJqpyB_O5uDj0QIUSVScIkSGYmYdPt9-7BHwh2KWsHGkxsGV_UjmlBJ7Ys73PSMbA58tRZK2DfeGYzOeeZkALzqFO2ZKeqk4HJ8ccndGXaJY7hrm1N4wVdt8kZWYJtfPtfEp9Vo9xsv2XGc_LgAwNcE5Pwgd4801FkmrWBPzzeNplbq6GdgCdaT8V96zyCIm2BfXFmbtif1GUXzY8m1qwf_2U6e4QKnP30SWU9_bGquoQ0Pgv1UMS_GciQ59OfhN5AD60GF5n6RpDOOK8M3kJ_Ua-hk0aQpBzPUvot09oEnaA3cc3JE0T3CCtiwDwKrV596Pwf7iRM5hRg6mOznJeGwK-qs5w3GPiceIGhAosE5RX30eoJQ-yR9V0fWGEfjq5E2XD2mxlNzOrGmG6Ll2evPm5Jdm8Qnod8OWXD8JnRHq_kJ79zY1rbIZb0DW1uksYN3vsR_9TIKpg0bMFJPN50wba20k1GWJACfz5hqlg80xq8kJdxOUHNKNipQivRpPKLWaOz8HgpAaYQWQxQAeFXGuRPDbif_9onAVY6f_O1ftE3bpoU2OM9yWnQ1Sr9XeUIFLzxFMGe8MNI0jw_1u5gy8Q2yLukqK58QsGVZ6UXTbtkNeJPJvg-80MjeEsBQqf6CaL_uIvNeOEhVf8GSHrLa17lRtb-hnU8txF1OCbaTzEClUeCdBXIISw183pHCbdK8qyQPIJW5ouIAsJGpXypcABNzQ-MKIUTnEFFM0iIjrH7dOAYA3vOfyuSKbri8GeDS6csRNIRD9KEiTc1cWUCfsCotCwT0sB6Jg-eRFc1H7fVDJmTKzYNHnGHvGPIiUjV3_OnOzWIJtYHADC32LaS_PN-Zt6EHiTrbCbPABAgDd5iwMq0IP4lhoomrkYF0m7cYo1V5USzh0waxFPFrRgZBWkKNFWEhggY17T6Gv4pmchmSRf06FLtQHO-Pu14CiKlOgKFGHkyVBXExyA2yV6qJFmpLcI8joEzCJye_7vxzsrSgYKa1NBv5I4p15JdO4wtjioWs6efCHu0gnAyO0vH4R5pQkIs9cvuktNt9Jt46f5T1mlU9-IbiM2j7KPhscBKTGNbF2DGH1PTIqnWxJvZXLQvx4WO8Z2gnHStvFOWYIP51r5-FcdaWgZydfCu6uIotXPpTv4Qfph-vKbvrI5yDYy-DM2u68NzJ9N3KulLz4aGjoy_UqQNEJpDYp-3S2TYMMRvXDv0-R9GWtohJJhBRkGUuCvEfoiTZLB8FnbPo1vxjJBBPON2QQ78Uv75Ev3y10WXAdGxEewTplu7Z6M2i78K_uTfJAFXDiCG_1kwWfs34_qKk0fUKHPSfVX6r9vBjNb7Nl9Zv8rWmb0udjTYXL6bw1Ss5YUXyLbPZNyGMW2Xr9blNwKaNhmjl99XN-cOxxhLLrwLVxbshzXh7KFp8O_bNw4VYPd1YjTVWWmPuZLl92NctzWfiQxfLCAjcUCVWwVs1l7qNva6YJWm6kmmAbgqm4nrCSSPgelXW14rnva4LdahJbtOGVVVrwDFgCwPigzjc0cP-vp09YTlsOKKUU-KZ-kjk2TeGI08-ZLilZqwbXKR60D9EK9eUr0cAYoMun6WafTPEYuwz-O7qSDnIrktCjzjVElzE90yPsQGc1jaZ655QWseHDXNI-2DZ4A85MDgnlzXivZbsLuXiDEy_2XpPvRgdMzYgIrfsFeTExW4msIxJIZbAGT6qDZgUZN4hF728OUfO-vHdN30wIUHDnuSvYWhapR40XRlq01LuVj5W2lI2-KVomHcPLvOUgSv4aG_j6YdM25hBf5eeIPrvEN33t8NOYdfSKpftIne3A-MTuZ_1U5lZpUPDukKnh-ARNuas1rmncd7ttewDOmBW6_BDeHPbuwIguHc1w39_ZfJkxy3vgsE-UG0d5Ykk8dBers8vA6WQq3_Rk70avgKk-YnjJ-8SBZsZOwyGcGGnoYIIawLA6fYZNolXP9QE6YSMUBHAom4lvCUR-vAT-t3YvNyTN5TjZY7u9_1dIn3xVSiC2OLvbDiDoQ7KF-9JsL3z5GfCA1IFKIy1UuuoMOwuMLRoH13RG_Z0AhRxazSPhpAEaBMDpX2twpGFOL44OZWrp22GrVmH1jDVF9QhAq7NJOKeYZ_UFTeLP9cLKqEc5v85Ii68ew-ET2pHEWGSNyUf_S18yDgkjB5GCA6QgBi2XjigPB6wweduUwjvq3fXh7q-WG56f6d-I0NanSmu1DF0jbOhaIj2WHZRnr4RtAMnYVhQdyB-21ISh9mKVIxd_7sl8crFZ4DQYdMN7AKo0giBL7fBMf_Fd8C9SJvInMioa9BcluQi_Zf31AnuMT48jKUXbS2_ZnaJ7615VdJE3FKOgbDU1tus2cQBD0_cminuuPxUBcBAd2PNSpPfi1zGbrZ3i3238yqdmAwukz0eGNdVkU0JV7dNzJRRmC01dwozEo6tH5GQ0fzgV7UqWvyw&cid=CAASKORoWqtL5Jwoh2g-zsqTDcHI6lf1xDOuUS-WZwYvyD1WamBWHyjMFm8&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f155.1e100.net
Software
cafe /
Resource Hash
c185065ae4d99800c1e4733e7a17beea3470212dd07a0e8a16d962a82ebbc38d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15842
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 241A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmpZHrKp8YqDzKuuPjuwP54yriAvQ3e39abq4kJWSEPAuEAEguoTAM2CVAqABl_6b8ALIAQWpAqUYEQn6pLE-qAMBqgSnAk_QCLWcoNcHAja43oMFoutD7S9Zu1CHvMrczNQZ6Qhp5JyzvGrtHr8VcJocZ179zlsB3kCvQST75Xz_tjwVa86nFyBZ16vfgyveHERRLcYDaueJjATPW9j-QRSkyH2HdQVToBPsqnBsr10w9pYg8PuwYww5bFBwzObeXEzXLFxMyvrH-pv3n_N3zmGOvxn5l_wSyEuVVcVWP_O7vG1Mmmyv1i9X9h7IfjSLFHtJGJh0PERHTfpMESWb6G01mBQNENaxAh7iEd8kLaDpqkg2ESH8FGzK6txyo6Yu8DGorCw25FSDmWJM3k4MK3aAJyb7G9inVKOTjvJNwiO6JJvdgjSJio5wrBTf862PdD8a3jqrpU2mtwvnCBO4Vgmr8i19jLYKezVt2uXABM7lxpn7A-AEA4gF_sPLwD6SBQYIAxABGAGSBQYIGxACGAGSBQ0IIhADGAFIjdK3AVABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfRgeSPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEPzUcBjGg9vJAdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTAxNDU2OTkwMTM2NjE2NYAKA8gLAbATzrWPD8gT9fji3wPYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=6gCMXEhqSGc&uach_m=[UACH]&cid=CAQSPwCNIrLMpkun3sIudwONFQpbljPrkix1081Ton7-Js0Ho_niC-xAsZ0hfENWYC8VWu5_5jtyIcvAuMhWAs2cxA&vt=10
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
truncated
/ Frame 241A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18ff65e7a2ca8e73d2c2bd9ee7994ffe1466b43214a678b7322ba0b3c4c8fe80

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame E334 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l32mzbc7&c=4389864245846&slotId=2194932122923&qqid=CJ_5ppqs2fcCFeuHgwcdZ8YKsQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4005:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E334 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 17:56:19 GMT
x-content-type-options
nosniff
age
45546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 11 May 2023 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E334 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 06 May 2022 01:46:21 GMT
x-content-type-options
nosniff
age
535744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 01:46:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E334 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CVa7urKp8Yp_zKuuPjuwP54yriAvQ3e39abq4kJWSEPAuEAEguoTAM2CVAqABl_6b8ALIAQWpAqUYEQn6pLE-qAMByAObBKoEowJP0BEDVFiEJKFp_TTCFU6WfXu3HGm12WkuxuUWU11Cr0cTlvJQrmx7yQrgjl0afbcjvECPHKMQw3nXMOcWN8n9p0xmourmdUFy4pNEWNOAQ5FwrGT-hXu5_NDXhsXryhtFxQ6kL6nrK20aJkD-bZHQ6ZhsMcz5DQyDGTubCdUjSywCjCw4GnLfeLLvWFp7yFzZjAz1NpMd_b1cZBfu0Fj8hquXsAQyz2RZUpfKy1LaxXDdSph0Ko49qFxqljR7kuSLLdPDGHVrOSTUOVBchuMVsuKUKYJ2VzONgzVuP7WpRu5qeCkACJHWpU4NplXNFtXikio6ubV2ZCW5XOTtH5wjFeh5kcJ55w2tlyuaitMxPdAwwd2qsByoBGGTOswlFdmHzOnABM7lxpn7A-AEA5AGAaAGdoAH0YHkjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjWACgPICwHgCwGADAGwE861jw_IE_X44t8D2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1652337324597&ai=CVa7urKp8Yp_zKuuPjuwP54yriAvQ3e39abq4kJWSEPAuEAEguoTAM2CVAqABl_6b8ALIAQWpAqUYEQn6pLE-qAMByAObBKoEowJP0BEDVFiEJKFp_TTCFU6WfXu3HGm12WkuxuUWU11Cr0cTlvJQrmx7yQrgjl0afbcjvECPHKMQw3nXMOcWN8n9p0xmourmdUFy4pNEWNOAQ5FwrGT-hXu5_NDXhsXryhtFxQ6kL6nrK20aJkD-bZHQ6ZhsMcz5DQyDGTubCdUjSywCjCw4GnLfeLLvWFp7yFzZjAz1NpMd_b1cZBfu0Fj8hquXsAQyz2RZUpfKy1LaxXDdSph0Ko49qFxqljR7kuSLLdPDGHVrOSTUOVBchuMVsuKUKYJ2VzONgzVuP7WpRu5qeCkACJHWpU4NplXNFtXikio6ubV2ZCW5XOTtH5wjFeh5kcJ55w2tlyuaitMxPdAwwd2qsByoBGGTOswlFdmHzOnABM7lxpn7A-AEA5AGAaAGdoAH0YHkjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTkwMTQ1Njk5MDEzNjYxNjWACgPICwHgCwGADAGwE861jw_IE_X44t8D2BMKiBQC2BQB0BUB-BYBgBcB
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame E334 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AFwj_1OdByHkhdGhB9OpfmkUKJmQwvyAeFJqKMKCA4R-ycGWgO_3OcwFgI8RoJdZyyLb3UDN_fa1pnnOLifOc-w_dmRg&cry=1&dbm_d=AKAmf-D4Jv0nXcteFW3GcAUdKNy07rCaYsUAR6LmC5csyoMyTR9kPffpib1T5yCAzOhsLdQ1Y11LTFwnKQJMI0G5AgHlurF7c9wgJKeAVgXG_7kNxyMpV5gqd-VySTXPFOL1QvL__79MytLmU7jzfUG1EQ2mFCH1yrZYeNsj6J0nExv-qniIHs_CpMCC8tz54HDM9tPY33JxfHoqbZqGTYL3y24-HrYSL219yLZQ53Zpu518B52m1thnH3ut9VxS-5FFnoRmS63ihPtRUFL-7jXsCjcGyvCcS3ONN1vA57Kd70SEozbOH1FzHmYSJbu2cXg03Iso-miqUfBzDCMEvlXMt47xDHdQVcinazoTiA_ZYfD2h9aHN4VWOvCrBhYFslfwtuxDaI95yt_XrzxEetGZ_u1kH00-dvQ2wNhOF-9ZrrDIglK9J2QX8sz9btBp4amxRCCfFQhMZrzCdKZvn4HSYNDWyGlrfsBqI_kMNAVFqDYQ1g_BeLBYJ64EqN4TEnrg7j4q_yaOdxn6VgxJJLFI-8emRyLU6ugj-xg4JkR0CSwVpovrNtJl_vgbNVEARLcZ4RzO6oieCXiGXGwKueVtpyk3t7gwbWO4V8xtyVppwgq-YZet5RU3WU5S9wxxPbD-f6RctDsIJtiTT87E7YqaxrYE69VYPw4tczNYX9fFm_pPVmISkq3sRMbPTkua7x5e_rWewH_YKr9K1m-64Wo4oVbDosdNoVgtEZ3YIzHhA5J-f6G_QBHsUnu3jaMgjC-6zSikq5hbpPPrckb-1_UF4vTXA6BTqICdywqazC226FJVrmgbSkyoM2bva_068zbmH24UyDyHLHHyWhg0Yo2SxC4ceSsTRB36HItmvitx_JA5du9A-UyTslt5y-s2Zlfamn7dalPsw3Z6Og0kWaO2nBdxjzdSqXiGDL6hGCrrVXeputm5vDGd4O6S70xwym4TKqEAgxnK50QQEbBeqpMjksl4LOjvg6bfaMfvZ6gjMKxLPdAnlTksocvaK-T1kPZwTTsYwmrLu9ylEyq91fyGAQmeY9D0wPfrV7j-xmUzAWEOaiaWX8lJ6gskR2Xjh58I0rJrUKS-GDb5JxkeDFQkX0Pvb6ULf7H72N03eVpxFaVpF_FDyiz_XhIbYywnBaCcu34e9jJjLAGOK28lKJ02hBTEXFvnKFf8nnNajQbeO-A94EhZnVMoPKXKD0Q67XDmyNYgWMXUIrJLafPdvv3SpUKi1LMvd4IoI6JqJB49ED8YPYEHPHazQByzNNvUYebW5SAIdTUzaIZKQcUS8OcVjduQc7ICxwsHOlkQX_h8Q3MK19yircNyfF7WeQyu9VI4fCKGHujREnBoNUIpaDA2St_ccZpf0vua3C5SfEKLTJpCOunmaNcFkquqD4b7Z_jq7r-NfsMdHSMj-msLAgGnB9toK-QH-rkl2xnSeu3bCllGGjypFrrPf4NvlaJNyaqc99qMx4AadAQxK-ZUMjs-zeOj_aPnuKEzkXVdtoOoUvruM1R2ocX5Z8W7Uu2qc9_0IL8V5BmI33L_GjQSnVmNmt96XJF4Q3WmfqR9BSG5ci9u6N0ysej_OFtzwL0fbR2yiJbXxNEPfEauYEaGY7B7EaQ22Y0Ouv9pPSoo83T4kZWRz9HI51pZGB4RdK4535MZzdDqsry_4tzBMTO4bqrJPX6HA-74cLPzuSnlGhJpVyRbwA-7ZzrJAhZD9KKoKwRjaMO7LrciakZrRU-Gh7OoP4EXrbFZDL86D-MSX5Q98EeIvX68xnQ1KgaQuMVr7kZ13-ShS6-YIJZ6vp6LXyjBlyEvdEwyjeq7SHnYuMyW3XhFqvisHn9-i3lutcopZ4pibh5NHDO3GEHzzjtnjLf92-nqHcg2Eoa80aZeWFgHalPTvoK3-c8QkxJ10Nky8XftUiL5SoxB-hTfqhl-XwiHmyX1S-Vw-9ztEtzvEL7PH25dRvUkzW7uPhOo1mlVAf6_paB-ZReTKldituMExasMQ5GwF8DZ_3uT04oR9Y5Uv23X9gW6lBDyIkkPzMhzy0iK3ZoRwrmWe-pmM6Y4omS3Cdyo-0IiBp8RLYHxpS0NJXbb_bJJu01awWbJFEMLiTUCz8T-hpZlcIL10UDG-DOfqGiO2Gee5QMMg7tXkfuNM3b66mnm2__7SFHMq-027zUi6ZqHU0vokVGRBF4d94gFbvk6Uc2zBWjxuFnto6Nujis_YesONHr1HBQEtiwaTECC_MdIEUDulR-JLQYOa0EtVbG8yIEwMMj41FAZcW0JMiPH4XNZlPMZYcIjD3XNEOS8NfUYRZWut5ll_05aoKClPP39L-_Hg33WiDiXPoRltHnSB8R0efQ_Kl60iSKJxp8BvmxE2bqvvB_HuFe2x7qk2iMI610RV7N_GGKRfjX0uHbgOxYAqh-YHOWqZrKMr8lUMSp5tzqLg8ktkKyLuePdEiFyX3PeBCpFnBH-nrrMgYwu8v4ZeyJbxnn95YtwdLV3-vmo8hvR9XTwAUELYJgjKE1RQh2WgidhMmGuzcv-jY5WLSzh9u9CNhx5c24sEWYwYafG5dLl14qeNKtX5Xh7DH6sToetRkVcXI6PiC152I2kpJbHjgUn8JsnI_yDUewhCju-hTbOyyeBwm1ejmNuDAW9ulLBeC85T54G-trc3l4_HT2hoB7riHO3x4fZYVTsNtnw2-fQGukxGezilTRJnj8PNyG2o5Ci6-Wt204k-JOnul7v8VvsfeI5jDyheTFH0AEA6nGTPxUCkXgKyFKrWttSvljys5ZWJm_CMGHWR_6N9lZUdJFdUVPOiEoBvrmGzObcbCpflea4D2ZDPIaTJW2fQYP0oi86usdZB1XereGNB_QuVQJnxBjgz6FYXJ9hRb7_qcJs-AoVXvOV6SXNZChxT6uyV8KTzq5reKHfVqsCfnXPq9weNelo8-EXhyC5tj0qXsvyWtv76rH1OK7GUx8cQTpIf-bwb7jdTmJf1MtIl63fAHCttMf2k4tfzfNwCWOnKccPlZBMFAjwMRh9lOsUHUVObTblikHQSA7V0bl-QVH9A0ngwDB34Pz_lPNUWVxqEj_DL4W_rbWYhhA1ysY8HKBuNVjhJZfbDd5fYzHN2iDdFkFxNFnG20dxVlmgOZVJLicvRwXPLk2y42jL_gnaZYvzLpi1Ve-W9QpMKZa1XuLY8XqC7cLJjpU4zBQxU20I62RnMDAvQm_Nl-LJOhTAMWo_HAixJbf4IEcPq1nWziv3Uzpf47tb9_JLtsOIOS6W1PPYn-3GwBVbEQFlnGcATzttLC-6hkX5oaM9suUa_qnSXg6XsrMVjUd4LR7a12wlzDpZ-8v7iFXPILqnfyeQOBj-shr2EuQRMd2GjsuKzeZHblwwhhyNya8EM0Kg4gSbZYIxdkn8dFdZyB972M0rZuj43VroO08o7PwBxEL23vCIw7z-watWBraxShwOa_yoKmmPNtv2qlidPaXzhT1N_H4SaDKDk1g8OBhnHmx-0qhCeV1di4mTrVGR2DZBf1intht0geMvyC_JN21FL52olF3zxfIYnK4vI38nzlzPgQc2tvsBmZTQIXy8yPBD1dsmAIl4se79Zn8Ct--VVc2X-NQE5cjnZ9GTlC6MfQ_Q7GX1mIWzxgdXAeQl6ZZ0Utcb94UsU2QyN8rU6tmtTMF8NwZm3o4y4XX8jNh_S4foufqAqN4XrDhhwS2vZ3KuXDBLuPIjBmzOxWy5c0q68dn_tfH_dcSry2J3dekaoGrX_crUz-bWq8z-oCNOIhWiSy3iQdZwldE4trp_yUUV6sKhYP8dupS_EM3qF_5vCdeDsAQ0SQR9_jQDlqzhxJU9mVQ4fGVbDSVVT8wUlfpeQo__v9mh1OQQAKbtDLwJwVg5wAGigLig9rI2c2w6yDb2j4MAbDGAq0_8wkcUo7HRapVKssCvnxpSFkBIGtvPETUbnWEmw01gWvfcGeve0E3ioLuqpce1wu4f4SQxYND4-oSRhMJSXjkMrp0DPD5P-mDRUctYsq6_9Xq9qR_UtI0QW3DkhWRFq63D4Pu-kRrCCBlyKLwcfg13Solow3Rvf-JfbCEtVVxPuB11YL4-geqEv_dVfTODTiJeSwLlcgDUeZ-EewFvLyMhPwUjxaCi5-Bd015csyjbsJQ5IObwH0h_R4McjO6jfFB_RkxhpmG1NDiAak6H3Q&cid=CAASKORo2_zy9oTmOBmTxCdTSD3CTdwYG9ytbuGxZBJ66_arErXdXfV66u0&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f155.1e100.net
Software
cafe /
Resource Hash
711f83fb60d4dc1b145986a696dafcd2795d2c308259fd69aa1fcfa0e77ba97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15620
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E334 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAaCyrKp8Yp_zKuuPjuwP54yriAvQ3e39abq4kJWSEPAuEAEguoTAM2CVAqABl_6b8ALIAQWpAqUYEQn6pLE-qAMBqgSkAk_QEQNUWIQkoWn9NMIVTpZ9e7ccabXZaS7G5RZTXUKvRxOW8lCubHvJCuCOXRp9tyO8QI8coxDDedcw5xY3yf2nTGai6sZ1t6JYiICaNSxsfpWpgNRbJDA65zvuwevKIULFDu0rqesAaQcm-vyY1iXqGCjEz4wODAPsOG6K1SO8L_ePLjjvUSp7ss-tWY7LXNl5DQA1kx8IvqlnFu4lWjWCqmR9MAOtLytlD4SZVvpFeaOILulo5AqaaGKWeGCC5Mc268Or08o4ISQH4F1W_hiyb7YUvJZRKGjho_QoP8S5DF1d3y23GH-Z05Y2bffKmKznmyFRpGpu3K-umPxgah0v2FuRyWoXHLGd0q6o0z0pOkzQolyEPqgKd1d3glCkQhwMN77ABM7lxpn7A-AEA4gF_sPLwD6SBQYIAxABGAGSBQYIGxACGAGSBQ0IIhADGAFIjdK3AVABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfRgeSPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEIy7bxjGg9vJAdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTAxNDU2OTkwMTM2NjE2NYAKA8gLAbATzrWPD8gT9fji3wPYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=DiD_fWJP30k&uach_m=[UACH]&cid=CAQSPwCNIrLMpkun3sIudwONFQpbljPrkix1081Ton7-Js0Ho_niC-xAsZ0hfENWYC8VWu5_5jtyIcvAuMhWAs2cxA&vt=10
Requested by
Host: 18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
URL: https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.36.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
truncated
/ Frame E334 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e4a31fd9e61c5bf0ed17c75134cac8d61d684e8c1fd94ac6d17e3836eced4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame E334 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79084
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 08:37:21 GMT
file.mp4
r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E334
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50A0BE1136524FA57BD723EDE543A92D34AF6EC9.2CBC402F010C8D37A4F94930077AD177FAA14227/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:35:25 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2659779
Last-Modified
Thu, 05 May 2022 14:00:50 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 12 May 2022 06:35:25 GMT

Redirect headers

date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
654
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50A0BE1136524FA57BD723EDE543A92D34AF6EC9.2CBC402F010C8D37A4F94930077AD177FAA14227/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
pagead2.googlesyndication.com/bg/ Frame A762 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=280&slotname=8972781702&adk=3457358315&adf=2959314990&pi=t.ma~as.8972781702&w=970&fwrn=4&fwrnh=100&lmt=1652336704&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323345&bpp=4&bdt=1019&idt=156&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&correlator=5891926308597&frm=20&pv=2&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=qw8ufiGhnk&p=https%3A//thehackernews.com&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 May 2023 06:29:18 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 241A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79084
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 08:37:21 GMT
file.mp4
r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 241A
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/545C3E5E8706CB4358CFC00947AD464C81FC863A.2C16C39B923C46085A5061C6BAA83046EA29EA2E/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:35:25 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2659779
Last-Modified
Thu, 05 May 2022 14:00:50 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 12 May 2022 06:35:25 GMT

Redirect headers

date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
654
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/545C3E5E8706CB4358CFC00947AD464C81FC863A.2C16C39B923C46085A5061C6BAA83046EA29EA2E/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 4870 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
79074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 May 2022 08:37:31 GMT
expires
Thu, 11 May 2023 08:37:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame AAE6 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
79074
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 11 May 2022 08:37:31 GMT
expires
Thu, 11 May 2023 08:37:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame 4870 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 19:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
40166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13649
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 19:25:59 GMT
NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
pagead2.googlesyndication.com/bg/ Frame AAE6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 19:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
40166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13649
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 19:25:59 GMT
file.mp4
r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 241A 		184 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/545C3E5E8706CB4358CFC00947AD464C81FC863A.2C16C39B923C46085A5061C6BAA83046EA29EA2E/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2659778/2659779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2659779
expires
Thu, 12 May 2022 06:35:25 GMT
last-modified
Thu, 05 May 2022 14:00:50 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
client-protocol
quic
file.mp4
r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E334 		198 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/8a0af59111f7ffc0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1683873325/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/50A0BE1136524FA57BD723EDE543A92D34AF6EC9.2CBC402F010C8D37A4F94930077AD177FAA14227/key/cms1/cms_redirect/yes/mh/Va/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lznes/ms/onc/mt/1652336471/mv/u/mvi/4/pl/29/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2659778/2659779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2659779
expires
Thu, 12 May 2022 06:35:25 GMT
last-modified
Thu, 05 May 2022 14:00:50 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4870 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BnITNrap8YsKoIOmP7_UPqL-r8AkAAAAAOAHgBAI&bg=!WFulWx_NAAZX5TVhd-U7ACkAdvg8Wk5ZEMMKXh7Cxdinv4pjy4xCeuO8hMqA4kUbUF-2GPkzsm_G1wIAAACKUgAAAAxoAQcKAD8ufEaoweRGnrf2WnGIciIVU67rfEATCKJbOSFNWs8Z8KhDUYqoaclORa28xwGkPTDNsaTo1t97QtfujId3nK6ZAufXCcOYjrJms4mTRT-peK62_QKgXmYtQxn0dN8mIwK5VCQ5x7NTlM9Qi5US8LTDLHASxisPXcX72DasKQd_QuHVsJdwy5veKXGXE8vDIFgu5LwcKg5OOSZGttYce0P7FrqvmFNGmevGU_vEYSOkTjnv5bjNvTX9JZniSKluRA0oUyt9G-L6i2m5iWqwhUoHLt7ooO9m3QI_SYd0z8saiSeSmqhxn81Mh1j_COwkBxlXPhbjW7OFmNo_xDGM2S5L4Yf3GNFToCmf7RAooX5mYyUS00B7xuPBKoOH7z8KCTZfESyC7UTrs-qR1N5zcsxKobX_tOpfV9IO9txaNKdQeQY14AwinhgtBSK2W26zM4RdpeC0qZ-aWRB8zdryA9T-XigNWsaVWQ0CyBTVxCvP5SZ4dhAiVyhT0hk4nZyHQIh64J_tQsUMdgbByLJgRnbwOIFeoNP1hwdvH7AKx_ZFiCBf7uJhDAG8OkmQ1rrTdccJdGYTFcmMos_SNJhbEkHe70e0dOwhWpxYwxcwicrg_heM7AsWLvUGuwn4rTIautuVkpuvcxD4TiGeSd6BPl7dbqMnYfHlK5FHH4vAcRgvQdtZ8Gzs-vxALG9L73NqE__g-vTrVst_6zf9j6Nfyys7jcx5CxaRCwnL3Vj1Wujb3dt_FaH2JY037dsuAdxchPF9-dtQyB1rFq-hCMfZ_irnlN-58nv7LfjwXIekvpmX8Le3uZqHOf0rXGfI-HQoUhkeltik8GFTIxuYQAP_ggHAe1ZgA61PvecVbu4Z3o8LO6q3e3VanN-t-e5usE8nycIJHUOFONhVuB5rJKC2di6qhHZmsDEJFQmQp9tV6DiVCky8QSB5Jcszgp1AowPX3zwDnQ5XjoSPDl3-Ihz70bdAQSWncuHU7q5kJdPTpxoVlUU_zx250UQeJuTWCeVuMTnHD0_11SUbZ8XHkiFRYaZi9_RdeH1QoGkZ9pKFhoIj_wWDlhnOHinuow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAE6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B6Renrap8YouhII7D7_UPzoum4A8AAAAAOAHgBAI&bg=!e3ileDzNAAZX5TVhd-U7ACkAdvg8WjA9Frp_gSGVLkoIjRVdM3aPow6_OCRASaVUlJhTTh8erWlJdAIAAACJUgAAAANoAQeZAuwPb_M9kt3on5Y3atUI3XHJPBg8OzQO0xJ28y-Em1BIXvG04hVwcbgYU4H_qs4ZNqFMMO0_EDttAwrhnqHUeetD8y-GfJYW8SEwA8-85vUBIK_O86DlZK0clJD_T2pYA4aa9hwR6ehGqEC4pomiHNEpnQH_jH8LaRtH7z8iG0NTeFaZKycIce-WqKrIOwZ9_LPkkC9eLPrInXlTq2qmoRs7ba89WeAFOSkUdLdt_WIB1yJHmlsBK_0Rto9QMcn9Q5dI5AM4n887srkVtxrg_w0uohpKT-VMIY74O4OIaM6qW5U99a1z97wHmJeVhqujyQpk67-Lci2W-KYcO5UjTySBEqnBhltlqvKqNpO1d2-pZIv_0eD5YfTlGY5CBIMQTL3dnMSNBI5IIyya8kQaQQYOr8Zpuxqrib6CAOoRmRttTTVUiC8bQzB_hbkR847izYBChk1xlDgDna-Z7m4eHHdoNL3xZbiCi_dpyGPrL0ScMU6dnWxPtz_JtCy3dn8o2qpMIlMHBn5RzyfNwn76DDTDv5SIbEIgI9yKZ4llQ9qDne9iObEKa6ime57e7B_aoze0oHLMSl_xTvt41ObDEaqYw_YFp88NGRiqLwLZXdGmiQAXaPwJJyl5tpRANRXRKdW14j0aKHdzI2giWotEVAUzywkMBVkffxujUJ0Ayp4Pe8J-CknWxDFW2uyWrUXZCcgL08766qnGbX6y08U2mPDX9MXLVy48Dx2hKOD_NZzvgseZ4kfVU5ERUOFWKOwGLFn0jFwLqzu-xNkhyp0thbPFw9rtLTA0l_OSlarjs_3A4a-Pl1Fpc-i3MH_qIbgL2IJmTpgPOGNrjqd8pl-gwuKqygQnXazP6kHA1B5iMl0HLm0BNfTYy5Lz_syoFjLWU6pY0JB1qAJAmeVE87w7m1jbS9NKFDi8aw-P8B0ULeJrKaYvRVfSZSDF9eFDYIgaYyhfrkiwi7T6mt-GU9yW7Gqzbvq-Xz4WzMdrqHKJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9395387526779469461
tpc.googlesyndication.com/simgad/ Frame 3935 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9395387526779469461?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmX2uryanQG6t9XUAcJghB1LAjw2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07aea7d0ef6bea037e4410f1a70b0de547c2f34d161b12f96a82883d57d964c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 21:16:32 GMT
x-content-type-options
nosniff
age
119934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147927
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 07:44:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 10 May 2023 21:16:32 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/ Frame 3935 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:33:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 3935 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:29:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3935 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1652096384767712"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 12 May 2022 06:35:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 3935 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 May 2022 06:34:26 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 3935 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 06:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12278
x-xss-protection
0
server
cafe
etag
12178443437409350037
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 25 May 2022 06:50:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3935 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CB3NZrKp8Yu3hHMjitwfI162YBJCRh_1p87XF9vYP5-OivcABEAEg5_vlG2CVypmCrAegAemo5cACyAECqQKLnhCb_o5xPqgDAcgDyQSqBIUCT9BZUOTfzr5MiPW5g8bXWPv14V44GD5KMuv8qKRrye_5_R1PkkhSaTc9v-0znwpYp_Ha_FOtFyNrvo0uoEzp2-pqgFOFd0RxvHXrMT5-3xgVUm92lJ8p091vsgLOXTiSkf1VmmFyyXXEHbVaLe3pG2MzDAXEV-DduDIaAAAyynWhc2GMGoyeVGDWnWpx1n1g-TTkqpwh56vbiQAUeEwenG_K_EfYIxFiHbWElr-IK4r6tu_YCjTsF3KZiq18M0kv6rxZrK6psv4AppJaamsj-h88gMknR59sJ2anpCvOsJbINTMf6gi4_-yLBkZQEd8qb-ciFUvx1Rcyv1mU7pqRBeA0PNB-wATCnpKu-gOSBQQIBBgBkgUECAUYBKAGAoAH_9aavwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDT10rSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzk4Mzc4MzA0ODIzOTY1MBgA&sigh=K7_KjgsahCc&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 12 May 2022 06:35:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame A29E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:07:46 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3935 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a9af7a87b386d63afb763673fd7be281059085a812f5328a99c32a9d6f1384e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame A29E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:26 GMT
expires
Thu, 12 May 2022 06:35:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:26 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
pagead2.googlesyndication.com/bg/ Frame 9FB3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7983783048239650&output=html&h=250&slotname=8972781702&adk=3509986032&adf=536986986&pi=t.ma~as.8972781702&w=970&lmt=1652336704&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fthehackernews.com%2F2022%2F05%2Fhackers-deploy-iceapple-exploitation.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652337323350&bpp=1&bdt=1024&idt=219&shv=r20220509&mjsv=m202205050101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C300x250&correlator=5891926308597&frm=20&pv=1&ga_vid=587249312.1652337324&ga_sid=1652337324&ga_hid=733193635&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31067528%2C31067419%2C31064018&oid=2&pvsid=4384787050799873&pem=328&tmod=1645996325&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2BHCoahwoU&p=https%3A//thehackernews.com&dtd=225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 May 2023 06:29:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E244 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyVv9k6OkAH2VikefMgN-ZJd1QfVdFqbQSGBtZzqludygjtpszeYXTNTtl0MJwKy828WRQhraudjIH0o_JlafbKn1ek29bFUxZJfhCTuSQTDYGM13q_VgN9enY&sai=AMfl-YScYkmz_Qqs1NqB36tvlxbtFF2b-pJzpi10gE3XfGoJDs99K_jYn5pqBxStIroyvniha0XOh3kyeEFG&sig=Cg0ArKJSzK2ol3a4e40VEAE&id=lidar2&mcvt=1012&p=0,0,250,300&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=455978357&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652337323565&rpt=745&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 425D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstg2aZkon5JJg7PbVCz3JY0fAx4aQCYusDmWn_S1t-2jGx9_LW5dIEtBdyfpwjgGmnWs1vpfWlRQM6V8rCTCOWP_ILkyBbiUgMDZDNvdxEkeimhx0wx4T1DwinA&sai=AMfl-YTqlnqWsdXw9bxpMWLQF9N7sk5W7XucOGxQWzJu1PuqhT-syBcjk6HyifXxWAR3CI-ALt3flZH2SbGc&sig=Cg0ArKJSzAg5SI0ezjTfEAE&id=lidar2&mcvt=1000&p=0,0,280,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3457358315&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652337323533&rpt=1185&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 241A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l32mzbb4&c=8662177987065&slotId=4331088993532.5&qqid=CKD5ppqs2fcCFeuHgwcdZ8YKsQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=864&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4005:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E334 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l32mzbcm&c=4389864245846&slotId=2194932122923&qqid=CJ_5ppqs2fcCFeuHgwcdZ8YKsQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=864&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220509_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4005:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:26 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 May 2022 06:35:26 GMT
syncframe
gum.criteo.com/ Frame 7E7C 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thehackernews.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5884
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:26 GMT
server-processing-duration-in-ticks
2131
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 May 2022 06:35:27 GMT
sid
mug.criteo.com/ Frame 7E7C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thehackernews.com&sn=ChromeSyncframe&so=3&topUrl=thehackernews.com&bundle=vjZZcl9adGMlMkZzUm9YVlRhOFI3U0tTUXdHSjd0TDdzRkxTb2FrYVVKJTJGbWh0...
  • https://mug.criteo.com/sid?cpp=YNqXSHwwbTBtOTQxZnYyR3U3bUI0cFhCZjdlb0VRdGVGS05PQ3hicDdBR2JjVm05akNuMk01dzBnRyszOUFvSCsrWGl6SXc1NU5SQnR0Z3VScjBmUUVSanBrN2dtSG12Vm1kVVBQRjd3T0VicFFhdFFhUE5MaEE4b0l4NF...
478 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YNqXSHwwbTBtOTQxZnYyR3U3bUI0cFhCZjdlb0VRdGVGS05PQ3hicDdBR2JjVm05akNuMk01dzBnRyszOUFvSCsrWGl6SXc1NU5SQnR0Z3VScjBmUUVSanBrN2dtSG12Vm1kVVBQRjd3T0VicFFhdFFhUE5MaEE4b0l4NFZSRVBGRXNrblI1cGhBUWhLUHFoMXV3djdNV2VkS3V4bVdzWGJCa1Jqb1o3UUJ1WWxpLzdocjJwVWJlVlpMWWRpTlc1RGpqRjgyUjRZSnNBOFg3aUl4MTRpdkNrVFBOdzRzMjNnRkx2cWlscXV4NGhybXRxM3lScU1MYnNHU1VlelNSKzVSV0RWeGtpSEh1SlR2Qy9vaUJtVEMvZnlZcG5kTXk5cDdzaFVVOHd4OGFZeDREaz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7cf0da52f056d72a092bd409620e765760858680fbd1fe2513a9cfd09686a146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:26 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4418
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:26 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=YNqXSHwwbTBtOTQxZnYyR3U3bUI0cFhCZjdlb0VRdGVGS05PQ3hicDdBR2JjVm05akNuMk01dzBnRyszOUFvSCsrWGl6SXc1NU5SQnR0Z3VScjBmUUVSanBrN2dtSG12Vm1kVVBQRjd3T0VicFFhdFFhUE5MaEE4b0l4NFZSRVBGRXNrblI1cGhBUWhLUHFoMXV3djdNV2VkS3V4bVdzWGJCa1Jqb1o3UUJ1WWxpLzdocjJwVWJlVlpMWWRpTlc1RGpqRjgyUjRZSnNBOFg3aUl4MTRpdkNrVFBOdzRzMjNnRkx2cWlscXV4NGhybXRxM3lScU1MYnNHU1VlelNSKzVSV0RWeGtpSEh1SlR2Qy9vaUJtVEMvZnlZcG5kTXk5cDdzaFVVOHd4OGFZeDREaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1352
content-length
567
expires
0
rid
match.adsrvr.org/track/ 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
24432789e11862397b275c6ea7e4933e23449cfd172e2f69fa045d29d7c43617

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thehackernews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 11 Jun 2022 06:35:27 GMT
pd
u.openx.net/w/1.0/ Frame 91AB 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 12 May 2022 06:35:27 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
index.html
cdn.districtm.io/ids/ Frame 1CA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
*
cf-ray
70a1226a1fce5b8c-FRA
date
Thu, 12 May 2022 06:35:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 79AA 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1652337322999
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame EEBB 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C172%2C2030%2C173%2C251%2C175%2C132%2C178%2C2029%2C233%2C255%2C2028%2C2027%2C3017%2C214%2C236%2C3016%2C237%2C337%2C338%2C70%2C51%2C97%2C55%2C99%2C77%2C3012%2C2043%2C2040%2C141%2C186%2C222%2C201%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
02077423523585fa737aeeb5ec10567259c1f3c8c817fdcfc01f5f7da8676d27
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8272
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:27 GMT
expires
Sat, 14 May 2022 06:35:27 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame A7CE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba644f0fddbedd145f222319852b63c370c3cb827de34c21e5f0823e6d33057

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 12 May 2022 06:35:27 GMT
etag
"a067ca1c11975e052149fcb5fac5e2d3"
last-modified
Tue, 26 Apr 2022 01:37:54 GMT
server
AmazonS3
x-amz-id-2
kdvmaAqFPNILohJYOsVOUtgaXHUfxNTIdBreZmloq3cIxeav0VOIdDWbYYIGqOHQlwCGt8WDC2s=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5eb96107-ea8e-4447-a80a-9b951732aaca
x-amz-meta-codebuild-content-md5
e5441cba1c83e44c16f2d792acc1823c
x-amz-meta-codebuild-content-sha256
3b14aefb08d603d224cbf56f0ff34e70ebd576659dc2557c0629a8ec6943dc55
x-amz-request-id
JTP6Z6XCQCZGVX74
x-azure-ref
0r6p8YgAAAABHGpOd8getTpMFI5pafSHSRlJBMjMxMDUwNDE5MDM3ADg0ZTdkZmEyLTE0NDItNDMzNC1iMzRmLWU0MmQzZjdkZGFkOQ==
x-azure-ref-originshield
0uoN8YgAAAABHLxkFqeVHTI88msvyVJ0LQU1TMDRFREdFMTkyMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-cache
TCP_HIT
connectmyusers.php
cdn.connectad.io/ Frame A763 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70a12269dcfa9b31-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 018E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19103
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 12 May 2022 11:53:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 998C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
7742
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 12 May 2022 06:35:27 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 09 May 2022 04:26:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 115649
X-Served-By
cache-lga13628-LGA, cache-hhn4080-HHN
X-Timer
S1652337328.737818,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 03CE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.37020.1652213309981.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 May 2022 06:35:27 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
1
sync-eu.connectad.io/syncer/ Frame 369C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
70a1226a8e1c9b31-FRA
date
Thu, 12 May 2022 06:35:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 03CE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:35:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18392
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Thu, 12 May 2022 11:41:59 GMT
async_usersync
ib.adnxs.com/ Frame 998C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:27 GMT
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c31150df-4a71-40ae-835e-c3435bc82053
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 018E 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96529452&p=158261&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5991c0f9e503e716e66d80c13dac61239ef4a59173c5896f4c6c9c9abcbe39b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 126B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19103
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 12 May 2022 11:53:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 358B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
445fe027eca0e90701d57c43dfde552c45b7ae2d6940ca8e527f91d60f0a2057

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 12 May 2022 06:35:27 GMT
etag
W/"0b662fd01361af59efc73dba556450ab0"
server
nginx
timing-allow-origin
*
ps
pixel.33across.com/ Frame B2C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
server
33XP001
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame 942C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame A37D 		735 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
ed6f8925f83c420d6500f9d16191a82e637bf5b66616c03ee908a3ac980311f1

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
735
content-type
text/html
date
Thu, 12 May 2022 06:35:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C1B7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.33.42 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-33-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4c9a73cac0b6f02ef8616bc9d9656100821fb4e2f8a12d62c1f508e3f92af2c3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1696
Content-Type
text/html
Date
Thu, 12 May 2022 06:35:28 GMT
Dropped-Udsids
45|39|241|230|26|31|109|190
Expires
Thu, 12 May 2022 06:35:28 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 12 May 2022 06:35:28 GMT
Expires
Thu, 12 May 2022 06:35:28 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync.php
pixel.rubiconproject.com/exchange/ Frame A7CE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
sync
ads.servenobid.com/ Frame A7CE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6547980187708445070
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6547980187708445070
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:27 GMT
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1dccc72d-acff-486e-bf1b-213878df6ef5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=6547980187708445070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame A7CE
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=EoHLqRZH39pteL0gQkCbHkWf
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EoHLqRZH39pteL0gQkCbHkWf
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:27 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=EoHLqRZH39pteL0gQkCbHkWf
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame A7CE 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 12 May 2022 06:35:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame A7CE
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYzczZTA1NWUtMDQwMS00NjFkLTgzNTMtMGM3ZmUzNmI0MDk1IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0xMlQwNjozNToyOC4yODU1NDNaIn0=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYzczZTA1NWUtMDQwMS00NjFkLTgzNTMtMGM3ZmUzNmI0MDk1IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0xMlQwNjozNToyOC4yODU1NDNaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiYzczZTA1NWUtMDQwMS00NjFkLTgzNTMtMGM3ZmUzNmI0MDk1IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0xMlQwNjozNToyOC4yODU1NDNaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
ads.servenobid.com/ Frame A7CE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1652337327921
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:27 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame A7CE
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5124322321936255454
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5124322321936255454
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5124322321936255454
Date
Thu, 12 May 2022 06:35:27 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame A7CE 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:27 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame A7CE
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=8013f167-3242-46e0-9eaa-ff74e8628086&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=8013f167-3242-46e0-9eaa-ff74e8628086&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=8013f167-3242-46e0-9eaa-ff74e8628086&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Thu, 12 May 2022 06:35:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame A7CE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-HK1emX5E2uGzfcS.eT42J88QQTgFTRieF_p3Eh4-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-HK1emX5E2uGzfcS.eT42J88QQTgFTRieF_p3Eh4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-HK1emX5E2uGzfcS.eT42J88QQTgFTRieF_p3Eh4-~A
date
Thu, 12 May 2022 06:35:27 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
px.ads.linkedin.com/ Frame 03CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L32MZASO-S-HZEP
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L32MZASO-S-HZEP
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 77904D19B42D4053A6BF47965D43FB37 Ref B: FRAEDGE1310 Ref C: 2022-05-12T06:35:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXeysOAzYrYCOVPHMSJlQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L32MZASO-S-HZEP
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 03CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L32MZASO-S-HZEP&sigv=1&esig=2~ce4e3f324a0c5836d672821fd4dd7d627e9c8e17
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L32MZASO-S-HZEP&sigv=1&esig=2~ce4e3f324a0c5836d672821fd4dd7d627e9c8e17
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L32MZASO-S-HZEP&sigv=1&esig=2~ce4e3f324a0c5836d672821fd4dd7d627e9c8e17
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 03CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/3qoCYB2gb-JthoSyRPgHcA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=222622289380457608
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=222622289380457608
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Thu, 12 May 2022 06:35:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=222622289380457608
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 03CE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iv5Hpo_YSaSJY0yTxcgzFg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iv5Hpo_YSaSJY0yTxcgzFg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iv5Hpo_YSaSJY0yTxcgzFg
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9H9JPH1WNXXV7TT8GBQN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iv5Hpo_YSaSJY0yTxcgzFg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 03CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 03CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDMyTVpBU08tUy1IWkVQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDMyTVpBU08tUy1IWkVQ
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDMyTVpBU08tUy1IWkVQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 03CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOEYZcsWGo-JfecK_CxnWDc&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOEYZcsWGo-JfecK_CxnWDc&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOEYZcsWGo-JfecK_CxnWDc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 03CE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5bb_FK-LQHmULVb-QBJpaw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5bb_FK-LQHmULVb-QBJpaw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5bb_FK-LQHmULVb-QBJpaw
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V5MVKV5PRWS446AS9TS8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5bb_FK-LQHmULVb-QBJpaw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame 358B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6547980187708445070
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6547980187708445070
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
05911799-cb8e-43a5-9606-466f6da34467
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=6547980187708445070
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 358B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b841bb06-c944-4122-999d-49ec1205cd82
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=b841bb06-c944-4122-999d-49ec1205cd82
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=341b8ede-b52d-4125-b357-587b4b39a947&ssp=gumgum2&expires=30&user_group=5&bsw_param=b841bb06-c944-4122-999d-49ec1205cd82
  • https://rtb.gumgum.com/usersync?b=bsw&i=b841bb06-c944-4122-999d-49ec1205cd82
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=b841bb06-c944-4122-999d-49ec1205cd82
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=b841bb06-c944-4122-999d-49ec1205cd82
Date
Thu, 12 May 2022 06:35:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 358B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%288IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&obuid=ENC(8IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=[EXCHANGE_GDPR_MACRO]&gdpr_consent=[EXCHANGE_CONSENT_MACRO]&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7Bu...
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=[EXCHANGE_GDPR_MACRO]&gdpr_consent=[EXCHANGE_CONSENT_MACRO]&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3D8IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
server
AC1.1

Redirect headers

Location
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=[EXCHANGE_GDPR_MACRO]&gdpr_consent=[EXCHANGE_CONSENT_MACRO]&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3D8IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Date
Thu, 12 May 2022 06:35:29 GMT
X-TraceId
2ada52c0bc76815b46e7e7a440278c9a
Content-Length
0
usersync
usersync.gumgum.com/ Frame 358B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=54f3f2fc-c5ca-430f-a089-a4b1d5e1f255
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=54f3f2fc-c5ca-430f-a089-a4b1d5e1f255
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 12 May 2022 06:35:28 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=54f3f2fc-c5ca-430f-a089-a4b1d5e1f255
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 358B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-a1bc94b2-079f-4846-6b6e-bfd13b891970$ip$217.114.218.20
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-a1bc94b2-079f-4846-6b6e-bfd13b891970$ip$217.114.218.20
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-a1bc94b2-079f-4846-6b6e-bfd13b891970$ip$217.114.218.20
Date
Thu, 12 May 2022 06:35:28 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 358B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-6j3rCLxE2perdoLY04VL1JcX1SKLU3XSPIid~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-6j3rCLxE2perdoLY04VL1JcX1SKLU3XSPIid~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 12 May 2022 06:35:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-6j3rCLxE2perdoLY04VL1JcX1SKLU3XSPIid~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 358B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b6a73c8d-d1bd-11ec-88cf-57c73e301717
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b6a73c8d-d1bd-11ec-88cf-57c73e301717
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b6a73c8d-d1bd-11ec-88cf-57c73e301717
Date
Thu, 12 May 2022 06:35:28 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b6a73c8e-d1bd-11ec-88cf-57c73e301717
services
sync.technoratimedia.com/ Frame 358B 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
405520869
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 358B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:27 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 358B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=1J7_8cswwyY1gdpeMqva&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MKKG5PTQY3TO53XSWJRM5SHAZKNOF3GCJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1J7_8cswwyY1gdpeMqva&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1J7_8cswwyY1gdpeMqva&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=1J7_8cswwyY1gdpeMqva&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 358B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=6fb1c5fe-fdab-406f-aded-6f579fd4db8f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=6fb1c5fe-fdab-406f-aded-6f579fd4db8f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=6fb1c5fe-fdab-406f-aded-6f579fd4db8f
date
Thu, 12 May 2022 06:35:28 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 358B
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1652337328144
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 358B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=vXwdAf4PJw0V&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=vXwdAf4PJw0V&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=vXwdAf4PJw0V&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 358B 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
content-length
0
sync
ads.servenobid.com/ Frame 358B 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_4790d3c9-a422-44b4-9019-14a92bc1a2fb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame DCC0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=336b627c-aab1-4c00-9b95-6bdff335a718&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=336b627c-aab1-4c00-9b95-6bdff335a718&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 12 May 2022 06:35:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 12 May 2022 06:35:28 GMT
Expires
Thu, 12 May 2022 06:35:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master ord-pixel-x22 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=336b627c-aab1-4c00-9b95-6bdff335a718&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 6AEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YnyqsAAAtWOmAwAo
  • https://usersync.gumgum.com/usersync?b=atm&i=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=&_test=YnyqsAAAtWOmAwAo
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=&_test=YnyqsAAAtWOmAwAo
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 12 May 2022 06:35:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 12 May 2022 06:35:28 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=&_test=YnyqsAAAtWOmAwAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4083-HHN
x-timer
S1652337328.337084,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5A7A 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80NzkwZDNjOS1hNDIyLTQ0YjQtOTAxOS0xNGE5MmJjMWEyZmI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 24E0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19102
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 06:35:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 12 May 2022 11:53:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2F5E 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 12 May 2022 06:35:28 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame C236
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=6547980187708445070&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID
  • https://usersync.gumgum.com/usersync?b=emx&uid=6547980187708445070brt10071652337328280352f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&uid=6547980187708445070brt10071652337328280352f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 12 May 2022 06:35:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Thu, 12 May 2022 06:35:27 GMT
location
https://usersync.gumgum.com/usersync?b=emx&uid=6547980187708445070brt10071652337328280352f1
usersync
rtb.gumgum.com/ Frame EC01
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YnyqsMCo8YUAAIy1ozcAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YnyqsMCo8YUAAIy1ozcAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 12 May 2022 06:35:29 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 12 May 2022 06:35:28 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YnyqsMCo8YUAAIy1ozcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
29
X-SO-HostName
a-ad40259.dc2p.scaleout.jp
X-SO-IP
217.114.218.20
X-SO-Key
YnyqsMCo8YUAAIy1ozcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":29,"gdpr":true,"ipv4":"0.0.0.0","key":"YnyqsMCo8YUAAIy1ozcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40259"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40259
usersync
rtb.gumgum.com/ Frame 0F81
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=05WoH9Yl5rcKbtoO749Q&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=05WoH9Yl5rcKbtoO749Q&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 12 May 2022 06:35:28 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 12 May 2022 06:35:28 GMT Thu, 12 May 2022 06:35:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=05WoH9Yl5rcKbtoO749Q&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 9D08
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 May 2022 06:35:28 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 12 May 2022 06:35:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame A37D 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5032687238609259300&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
b1sync.zemanta.com/usersync/smart/ Frame A37D 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:35:28 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A37D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=e-atsCy1-7Fgsa3hfre35i7jouBgsvjlfexWxadF
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=e-atsCy1-7Fgsa3hfre35i7jouBgsvjlfexWxadF
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=e-atsCy1-7Fgsa3hfre35i7jouBgsvjlfexWxadF
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A37D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=57b5e2be-015c-4c88-9b4c-1f9c7cf9110c&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=57b5e2be-015c-4c88-9b4c-1f9c7cf9110c&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:27 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:27 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=57b5e2be-015c-4c88-9b4c-1f9c7cf9110c&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1558403
content-length
0
expires
Thu, 12 May 2022 00:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame A37D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPVE7E-VUAAEbYDgvNGQ&gdpr=0
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPVE7E-VUAAEbYDgvNGQ&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPVE7E-VUAAEbYDgvNGQ&gdpr=0
Date
Thu, 12 May 2022 06:35:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
usync.js
eus.rubiconproject.com/ Frame 9D08 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:35:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18391
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Thu, 12 May 2022 11:41:59 GMT
crum
dsum-sec.casalemedia.com/ Frame C1B7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YnyqsONQSrKBgUNxxG1Y8AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItZ_qZFVjy6tWAYO0tmuII&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItZ_qZFVjy6tWAYO0tmuII&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
2.22.33.42 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-33-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 12 May 2022 06:35:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItZ_qZFVjy6tWAYO0tmuII&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C1B7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame C1B7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R1M4N2Q4FY59AJV21C9S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FQF86J2CC49TA7PNN0V9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C1B7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame C1B7 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YnyqsONQSrKBgUNxxG1Y8AAA%261123
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28321
noop
px.owneriq.net/ Frame C1B7
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7056237281397082256&uid=Q7056237281397082256&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
104.92.91.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-91-221.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Thu, 12 May 2022 06:35:28 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Thu, 12 May 2022 06:35:28 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame C1B7
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c89722513d6046faae943362c3b23b17&expiration=1654929328
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c89722513d6046faae943362c3b23b17&expiration=1654929328
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
2.22.33.42 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-33-42.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 12 May 2022 06:35:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:27 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=c89722513d6046faae943362c3b23b17&expiration=1654929328
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame C1B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame C1B7 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 9D08 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L32MZASO-S-HZEP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 37BF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=81938B4D-2D5C-469F-9693-587D814136A9
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=81938B4D-2D5C-469F-9693-587D814136A9
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=81938B4D-2D5C-469F-9693-587D814136A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 12 May 2022 06:35:28 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 12 May 2022 06:35:28 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=81938B4D-2D5C-469F-9693-587D814136A9
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5E33
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=
1 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 12 May 2022 06:35:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug002:0:536

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 12 May 2022 06:35:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YnyqsAAAtWOmAwAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4083-HHN
x-timer
S1652337328.346584,VS0,VE0
adx
match.prod.bidr.io/cookie-sync/ Frame F56C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVjcwN0UtVlVBQUVhS044dFJXdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.174.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Thu, 12 May 2022 06:35:28 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 May 2022 06:35:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0ABF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&gdpr=0&gdpr_consent=
42 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 12 May 2022 06:35:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug011:0:483

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 12 May 2022 06:35:28 GMT
Expires
Thu, 12 May 2022 06:35:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master ord-pixel-x11 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 018E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gZOLTS1cRp-Wk1h9gUE2qQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
92.122.147.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-147-28.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19102
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 12 May 2022 11:53:50 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame 018E 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=81938B4D-2D5C-469F-9693-587D814136A9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 018E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=253c627c-aab0-4400-b795-498447e07231
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=253c627c-aab0-4400-b795-498447e07231
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 12 May 2022 06:35:28 GMT
Server
MT3 4390 fb8620d master ord-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=253c627c-aab0-4400-b795-498447e07231
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 May 2022 06:35:27 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 018E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODE5MzhCNEQtMkQ1Qy00NjlGLTk2OTMtNTg3RDgxNDEzNkE5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:29 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:594
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 018E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA8a4CBA3goxIi2nWRxOCIM&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA8a4CBA3goxIi2nWRxOCIM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:29 GMT
cache-control
no-store, no-cache, private
x-lat
sv3pug009:0:569
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA8a4CBA3goxIi2nWRxOCIM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 018E 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 11 May 2022 06:35:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 018E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7484258977341777124&gdpr=0&gdpr_consent=&us_privacy=
1 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7484258977341777124&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 00:34:39 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug021:0:379
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7484258977341777124&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 12 May 2022 06:35:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame 018E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 May 2022 06:35:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
81938B4D-2D5C-469F-9693-587D814136A9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 018E 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/81938B4D-2D5C-469F-9693-587D814136A9?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:cba9:630b:f07c:688c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 018E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=81938B4D-2D5C-469F-9693-587D814136A9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nfaGT0xE2uVgB2yLKuTQwfTVjd4B6y8-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nfaGT0xE2uVgB2yLKuTQwfTVjd4B6y8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nfaGT0xE2uVgB2yLKuTQwfTVjd4B6y8-~A&gdpr=0&gdpr_consent=
date
Thu, 12 May 2022 06:35:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 018E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6547980187708445070&gdpr=0&gdpr_consent=
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6547980187708445070&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 21:40:24 GMT
cache-control
no-store, no-cache, private
x-lat
sv3pug015:0:573
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
734ae2eb-6de8-4bf3-a37e-910d9c100c9f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6547980187708445070&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 018E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6b7b756-d1bd-11ec-8668-ad5d60f5736e&gdpr=0&gdpr_consent=
1 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6b7b756-d1bd-11ec-8668-ad5d60f5736e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:28 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug022:0:377
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b6b7b756-d1bd-11ec-8668-ad5d60f5736e&gdpr=0&gdpr_consent=
Date
Thu, 12 May 2022 06:35:28 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
b6b7b757-d1bd-11ec-8668-ad5d60f5736e
log
aplogger.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aplogger.adpushup.com/log?event=ADP_ERROR&data=eyJsb2dzIjpbeyJuYW1lIjoiYWRwdXNodXAuZXJyIiwic3RhY2siOiJTeW50YXhFcnJvcjogVW5leHBlY3RlZCB0b2tlbiBvIGluIEpTT04gYXQgcG9zaXRpb24gMVxuICAgIGF0IEpTT04ucGFyc2UgKDxhbm9ueW1vdXM%2BKVxuICAgIGF0IHUgKGh0dHBzOi8vY2RuLmFkcHVzaHVwLmNvbS8zNzAyMC9hZHB1c2h1cC5qczoxOjMxMjY5OSlcbiAgICBhdCBwIChodHRwczovL2Nkbi5hZHB1c2h1cC5jb20vMzcwMjAvYWRwdXNodXAuanM6MTozMTI4MjMpXG4gICAgYXQgaHR0cHM6Ly9jZG4uYWRwdXNodXAuY29tLzM3MDIwL2FkcHVzaHVwLmpzOjE6MzEzNzM1XG4gICAgYXQgYyAoaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS9jZG4tY2dpL3NjcmlwdHMvN2QwZmExMGEvY2xvdWRmbGFyZS1zdGF0aWMvcm9ja2V0LWxvYWRlci5taW4uanM6MTo5NDA1KSIsIm1lc3NhZ2UiOiJVbmV4cGVjdGVkIHRva2VuIG8gaW4gSlNPTiBhdCBwb3NpdGlvbiAxIDogSlNPTiBpcyBub3QgcGFyc2FibGUifV0sInR5cGUiOiJFUlJPUl9MT0dTIiwidGltZXN0YW1wIjoxNjUyMzM3MzI3Njg4LCJwYWdlVXJsIjoiaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzA1L2hhY2tlcnMtZGVwbG95LWljZWFwcGxlLWV4cGxvaXRhdGlvbi5odG1sIiwicGF0aCI6Ii8yMDIyLzA1L2hhY2tlcnMtZGVwbG95LWljZWFwcGxlLWV4cGxvaXRhdGlvbi5odG1sIiwiZG9tYWluIjoidGhlaGFja2VybmV3cy5jb20iLCJjb3VudHJ5IjoiSUwiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJicm93c2VyIjoiY2hyb21lIiwic2l0ZUlkIjozNzAyMH0%3D&pxRes=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.210.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehackernews.com/2022/05/hackers-deploy-iceapple-exploitation.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 12 May 2022 06:35:28 GMT
Server
nginx/1.14.0 (Ubuntu)
async_usersync
ib.adnxs.com/ Frame 998C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 May 2022 06:35:28 GMT
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
92d0cee5-2ee7-4937-b9bb-52905c242a5d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 018E 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158261&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 126B 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36932663&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:30 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 24E0 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88353922&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 06:35:31 GMT
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| zarazData object| zaraz object| adpushup string| share_url string| share_title object| adsbygoogle object| lazySizes function| head object| __cfQR function| defer function| deferscript object| dataLayer function| setImmediate function| clearImmediate function| $ function| jQuery string| currentState function| _apPbJsChunk object| _apPbJs object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| googletag object| hbAnalytics object| apstag object| adpTags object| _qevents boolean| IL_MessageTriggered object| Criteo function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| apstagLOADED object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| google_measure_js_timing boolean| __cfRLUnblockHandlers number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_llp object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123

100 Cookies

Domain/Path Name / Value
.thehackernews.com/ Name: _ga
Value: 48e107f9-b277-45bf-9363-2cf1861b3a8d
thehackernews.com/ Name: __AP_SESSION__
Value: fe5c0f5b-4f42-473c-8307-bcec9baf7c8b
thehackernews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.thehackernews.com/ Name: _pubcid
Value: 1f26d5f4-6401-40cc-8299-bc2a05735284
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.quantserve.com/ Name: mc
Value: 627caaab-e723c-5c783-fb608
.thehackernews.com/ Name: __qca
Value: P0-1021774788-1652337323049
.rubiconproject.com/ Name: khaos
Value: L32MZASO-S-HZEP
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2C/S0Huwd4ELU1ZxogGjlwOA+xFj1I9sdCW7L1Z9UHRoFYYGh8Fr102zVKN9QC9H1b0ga5GOemx+CAnekPgJibqOEA3D1yU1zQD5U7tEfUTQ==
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwrNXykwY4AUABSAEQrNXykwYYAA..
.adnxs.com/ Name: uuid2
Value: 6547980187708445070
prebid.a-mo.net/ Name: __amc
Value: 1_1652337324_1652337324
thehackernews.com/ Name: cto_bidid
Value: f_uGe19CUlROJTJCTVFPdXJlc2ZHVEpwNkFDWU92VHhrJTJGMmRBdHhJQW1vdzVuQzdQNkkwTzdubk1CJTJGYUtBJTJGT0prS0l1dVN2aVFvVmUlMkJvRyUyRlVHTGtpNG9ObU5PdyUzRCUzRA
thehackernews.com/ Name: cto_bundle
Value: vjZZcl9adGMlMkZzUm9YVlRhOFI3U0tTUXdHSjd0TDdzRkxTb2FrYVVKJTJGbWh0TjljYmxvZXhLUmc5OUNnbkEwNG4yYVRvZnY1d1ByRmI3TnB0SXcyRmZkQW4lMkJEcTNqQWFiSiUyQmNqeDVwUFlCbVJxOVFIVWM3U0FrRlVaNkNSWDhuZ0xDSDAx
.doubleclick.net/ Name: IDE
Value: AHWqTUl0HtV4rbMPSLN42dg6t_kSDFJZbtBAa3pEUl178uCCojsuhVxGWk-0KGugxZU
.thehackernews.com/ Name: __gads
Value: ID=b59a78977e682708-227e8c7d90cd005e:T=1652337324:S=ALNI_MbbrPC281evJ7E7-OayuJfepz5UGQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: 57b5e2be-015c-4c88-9b4c-1f9c7cf9110c
.thehackernews.com/ Name: cto_bundle
Value: XZMquV9adGMlMkZzUm9YVlRhOFI3U0tTUXdHSjNDJTJGa1glMkJYNWIlMkZreldhbUVLR1ZZbXpoJTJCd1dmYXRKN3lscDQlMkJ3bzVkTzcxTmU4d3gxeHlRb2FiT21ORXFBYXg1VzVIejBMaFNoWGFxU3JUNFJlTGdKRSUyQm04eTdpYWRXd2pJOXF2VWlaOEglMkJGRmM5aFVHQXB0WDZ0WmRlTFl6alZDS1hkOER4cVVSemNJdWR4amRTJTJGcGslM0Q
thehackernews.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-05-12T06%3A35%3A27%22%7D
.ads.pubmatic.com/ Name: KCCH
Value: YES
.servenobid.com/ Name: pid_312
Value: 6547980187708445070
.lijit.com/ Name: ljt_reader
Value: EoHLqRZH39pteL0gQkCbHkWf
.yahoo.com/ Name: A3
Value: d=AQABBK-qfGICEFbkjeDCHVWPTbDLeYiBj2AFEgEBAQH8fWKGYgAAAAAA_eMAAA&S=AQAAAsOwPnVNJrYWrFzf8FKamJI
.a-mo.net/ Name: amuid2
Value: 8013f167-3242-46e0-9eaa-ff74e8628086
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MrQ0NjMyNTUxNRHiM9T1yjfOy0p0cUrxMTGQ4jU0MzUyNjY3NjK3NLEAADpFgCE0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADslzmtoZmpkbGxubGRuaWIBALLgiesQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MrQ0NjMyNTUxNRHiM9T1yjfOy0p0cUrxMTEAAE-lWrUlAAAA
.gumgum.com/ Name: vst
Value: e_4790d3c9-a422-44b4-9019-14a92bc1a2fb
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_327
Value: 8013f167-3242-46e0-9eaa-ff74e8628086
.servenobid.com/ Name: pid_324
Value: 5124322321936255454
.servenobid.com/ Name: pid_321
Value: OPTOUT
.servenobid.com/ Name: pid_337
Value: y-HK1emX5E2uGzfcS.eT42J88QQTgFTRieF_p3Eh4-~A
.servenobid.com/ Name: pid_310
Value: EoHLqRZH39pteL0gQkCbHkWf
.smartadserver.com/ Name: pid
Value: 5032687238609259300
.servenobid.com/ Name: pid_309
Value: e_4790d3c9-a422-44b4-9019-14a92bc1a2fb
.casalemedia.com/ Name: CMID
Value: YnyqsONQSrKBgUNxxG1Y8AAA
.casalemedia.com/ Name: CMPS
Value: 5192
.openx.net/ Name: i
Value: 706269d5-4458-44ae-9d24-7cb47996c0ee|1652337328
.quantserve.com/ Name: d
Value: EEYBDQGPJoir0QA
.servenobid.com/ Name: pid_317
Value: 5032687238609259300
.bidswitch.net/ Name: tuuid
Value: b841bb06-c944-4122-999d-49ec1205cd82
.bidswitch.net/ Name: c
Value: 1652337328
.bidswitch.net/ Name: tuuid_lu
Value: 1652337328
.creativecdn.com/ Name: u
Value: 05WoH9Yl5rcKbtoO749Q
.creativecdn.com/ Name: ts
Value: 1652337328
.casalemedia.com/ Name: CMPRO
Value: 1123
.casalemedia.com/ Name: CMST
Value: YnyqsGJ8qrAA
.emxdgt.com/ Name: euid
Value: 10071652337328280352f1
.servenobid.com/ Name: pid_333
Value: YnyqsONQSrKBgUNxxG1Y8AAABGMAAAIB
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YnyqsAAAtWOmAwAo
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 81938B4D-2D5C-469F-9693-587D814136A9
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158261:2
.pubmatic.com/ Name: DPSync3
Value: 1652918400%3A164%7C1652400000%3A174%7C1653523200%3A197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1653523200%3A21_13_54_7_3_220_71_166_104_22%7C1652918400%3A2_223
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiYzczZTA1NWUtMDQwMS00NjFkLTgzNTMtMGM3ZmUzNmI0MDk1IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0xMlQwNjozNToyOC4yODU1NDNaIn0=
.ctnsnet.com/ Name: cid_c89722513d6046faae943362c3b23b17
Value: 1
.owneriq.net/ Name: si
Value: Q7056237281397082256
.owneriq.net/ Name: p2
Value: cc
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~24u6:18z8~24u6"
.servenobid.com/ Name: pid_314
Value: eyJ4dWlkIjoiYzczZTA1NWUtMDQwMS00NjFkLTgzNTMtMGM3ZmUzNmI0MDk1IiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0xMlQwNjozNToyOC4yODU1NDNaIn0=
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&78235274-bf45-49c5-898d-dbd34e932bbc"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTIzMzczMjg7MjswMjGHHQQFfyXGnW4WEXia1bd1Fo+znnyky8dRN2dOs6Gq7w==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2624:u=1:x=1:i=1652337328:t=1652423728:v=2:sig=AQG8rrs_i-QmuTgryI4YrvKtJm36Fl2T"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.emxdgt.com/ Name: eapn_id
Value: 6547980187708445070
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 7484258977341777124
.simpli.fi/ Name: suid
Value: DD2A7A70EA224541822EEC07866A4D4F
.adform.net/ Name: uid
Value: 2000852750264752950
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AACPVE7E-VUAAEbYDgvNGQ
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.creative-serving.com/ Name: tuuid
Value: 341b8ede-b52d-4125-b357-587b4b39a947
.creative-serving.com/ Name: c
Value: 1652337328
.creative-serving.com/ Name: tuuid_lu
Value: 1652337328
.casalemedia.com/ Name: CMRUM3
Value: 1a627caab005a0&f1627caab005a0&1f627caab005a00&6d627caab005a0&27627caab00b40&be627caab005a0&2d627caab02760CAESEItZ_qZFVjy6tWAYO0tmuII&e6627caab02760
.360yield.com/ Name: tuuid
Value: 6fb1c5fe-fdab-406f-aded-6f579fd4db8f
.360yield.com/ Name: tuuid_lu
Value: 1652337328
.smartadserver.com/ Name: csync
Value: 79:57b5e2be-015c-4c88-9b4c-1f9c7cf9110c|127:AACPVE7E-VUAAEbYDgvNGQ
.zemanta.com/ Name: zuid
Value: 1J7_8cswwyY1gdpeMqva
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a1bc94b2-079f-4846-6b6e-bfd13b891970.ykWoYhlNp4tWJT%2BSmQsjQjSxDvhk4CvELNejIGTqSFA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AobyUsgefSEZrbr_RO4kZcNly2hQ.VMAv6ojCmlPK%2BSyhXQZ1h3dhj9PlL7NsErGq0Gfues4
.outbrain.com/ Name: obuid
Value: 82245403-4909-4906-9c3b-553e9723a42b
.amazon-adsystem.com/ Name: ad-id
Value: A62oFGbwKUJJur7trEjMH-Q
.ipredictive.com/ Name: cu
Value: b6b7b756-d1bd-11ec-8668-ad5d60f5736e|1652337328616
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 509bd1dfaf6bc5fa
.mathtag.com/ Name: uuid
Value: 253c627c-aab0-4400-b795-498447e07231
.pubmatic.com/ Name: SPugT
Value: 1652337328
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-b6b7b756-d1bd-11ec-8668-ad5d60f5736e&KRTB&23011-b6b7b756-d1bd-11ec-8668-ad5d60f5736e&KRTB&23355-b6b7b756-d1bd-11ec-8668-ad5d60f5736e
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&KRTB&16736-uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&KRTB&23019-uid:f284627c-aab0-4c00-a6cf-e9ee29673c06&KRTB&23208-uid:f284627c-aab0-4c00-a6cf-e9ee29673c06
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7484258977341777124
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YnyqsAAAtWOmAwAo&KRTB&22978-YnyqsAAAtWOmAwAo&KRTB&23194-YnyqsAAAtWOmAwAo&KRTB&23209-YnyqsAAAtWOmAwAo
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6547980187708445070&KRTB&23339-6547980187708445070
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEA8a4CBA3goxIi2nWRxOCIM&KRTB&16514-CAESEA8a4CBA3goxIi2nWRxOCIM&KRTB&23025-CAESEA8a4CBA3goxIi2nWRxOCIM
.pubmatic.com/ Name: PugT
Value: 1652337329

6 Console Messages

Source Level URL
Text
network error URL: https://dmx.districtm.io/b/v1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://dmx.districtm.io/b/v1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://idsync.rlcdn.com/420486.gif?partner_uid=81938B4D-2D5C-469F-9693-587D814136A9
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=[EXCHANGE_GDPR_MACRO]&gdpr_consent=[EXCHANGE_CONSENT_MACRO]&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3D8IRMi_BAT58KJyQLYqNP79Lyls6U0RcLmH_Hzey20eUhcX-XSUeocv9JhyBgh8hw&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18ea01d777b988af25e7c9f63e01cb1a.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.adpushup.com
cdn.connectad.io
cdn.districtm.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.ctnsnet.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
creativecdn.com
cs.emxdgt.com
csi.gstatic.com
dis.criteo.com
dmx.districtm.io
dsum-sec.casalemedia.com
e3.adpushup.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcdn.2mdn.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.connectad.io
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.33across.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
px.owneriq.net
r4---sn-4g5lznes.c.2mdn.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
tg.socdm.com
thehackernews.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
web.hb.ad.cpe.dotomi.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
dmx.districtm.io
104.16.190.66
104.36.113.107
104.79.89.16
104.92.72.137
104.92.74.8
104.92.91.221
108.156.255.177
124.146.215.52
141.226.228.48
142.250.186.66
142.251.36.130
145.40.89.200
150.136.25.38
151.101.193.108
151.101.66.49
159.122.14.34
169.197.150.8
173.194.76.155
178.162.133.149
178.250.0.163
178.250.0.165
178.250.2.146
18.156.0.31
18.195.155.181
184.87.212.24
185.184.8.90
185.86.139.102
185.86.139.113
192.82.242.209
193.0.160.129
198.148.27.139
198.47.127.20
2.22.33.42
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
204.237.133.116
204.237.133.120
204.237.133.121
209.54.180.3
213.19.147.45
216.200.232.249
216.52.2.19
23.97.225.52
2600:9000:2315:6000:6:44e3:f8c0:93a1
2602:803:c004:200::143
2606:4700:10::6816:37ce
2606:4700:20::681a:161
2606:4700:4400::6812:2209
2606:4700::6810:5514
2606:4700::6811:180e
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:21::14
2620:1ec:40::45
2a00:1288:80:807::1
2a00:1450:4001:10::9
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4005:80a::2003
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:20::2100
2a05:d018:d29:3602:cba9:630b:f07c:688c
3.123.117.219
3.124.247.47
3.248.142.99
34.107.148.139
34.205.3.24
34.234.148.240
34.247.233.198
34.98.64.218
35.158.225.181
35.186.193.173
35.244.174.68
37.157.6.253
37.252.172.123
37.252.173.22
51.124.210.81
51.75.86.98
52.215.230.177
52.223.40.198
54.227.164.149
54.239.38.253
54.75.174.52
54.77.108.6
64.202.112.223
64.202.112.255
66.155.71.25
67.202.105.23
69.173.144.138
69.173.144.165
72.251.249.13
92.122.147.28
010c2e34dbc2aaadf863b6025f837d39a6d507fcb2389f306875b60242429822
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
019d22d3e70ec460a085db138f131a9d77cb25175dd7eecb155305c270ed221c
02077423523585fa737aeeb5ec10567259c1f3c8c817fdcfc01f5f7da8676d27
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0677686760452176260d8546c282ac905609ecb23041162edbaa3e0a37582672
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07aea7d0ef6bea037e4410f1a70b0de547c2f34d161b12f96a82883d57d964c5
07dcd17ae695c7a24cc13a362ad1e3f6e723016d18164ac482aa7cb644cf79d6
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e84c6e2907a2bc59472b0485895f46d66fc0377bbed10f281a737db67388e0b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
13f1878fabdff05f47a87ea13c69587873e49579185df0fa40a3fe150b59600b
1504e7eaa633b02aedfc19f0371f262848700fcf5beb951f281fdc0c8a1242b3
15ba967f268eca589aeb2ba6212e16af0b9585a777c1a55f0b13e5ecb2104c7e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ff65e7a2ca8e73d2c2bd9ee7994ffe1466b43214a678b7322ba0b3c4c8fe80
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
24432789e11862397b275c6ea7e4933e23449cfd172e2f69fa045d29d7c43617
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
293e1b473edec8547fe4b7eac8f649546f9b116762cb12e5bfc2b56c517183f2
2a61e00bda005e2b7b934dd292ede74f46e57a42a0ca8acb7af794ef3adf6d5c
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39c832603d09d081c9192ee0c0330f5affc87714c81110957fc09f925917419a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8ab8467b889847c12c542bee765afc54acbaff1cc91ce3197ab4f2be8f08ff
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4065ada69c1d555792bc889ed8532656e9a4a530610e5abb2feb3f545fa5bd5f
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443afad54ebe30521b57a4cc0b651a53de84113e2f59749e873fc541b5b66603
445fe027eca0e90701d57c43dfde552c45b7ae2d6940ca8e527f91d60f0a2057
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4c68c57aceffed7be1d8526d9f2d245581bb792c3d18407094aee88ce71ddf1a
4c9a73cac0b6f02ef8616bc9d9656100821fb4e2f8a12d62c1f508e3f92af2c3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
54c7d03bc73c7b64fd03ca605848afe0470c78abad139b4888f319c9dbf90d9a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564b8b59bede6823c53b1fd79ae8c5203efbac27ac049a263c145b5aab796210
56ea5993b7d6a22f457f5ffe6bd14710ce65789eea08bb234b8a660c454a0b05
5991c0f9e503e716e66d80c13dac61239ef4a59173c5896f4c6c9c9abcbe39b3
5ba644f0fddbedd145f222319852b63c370c3cb827de34c21e5f0823e6d33057
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f806589de9eca3c950dc04835404594ed8cb6c7e22c6acd4cefcaa309863dd8
5fb025dcbc79c1f7591e59abda9aaf489349b2a6e38f3e68916e99005a931542
60fabbe1a17914cfa1984c599f1d8b163ddb77efc9a2e963ff31642aca7fb01a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625801c0adcd54ae65cbfe728437b9e5d7187a11994fc8b231fdcacba5142913
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6795c5c8b9b0aeb87d6663ccd7a71fb9d2f2817fe9b5c2e67bce0d5a5e1309a1
688a1e2444a1171a4cfbc8674c62d53bc663bf35a7825eb3563851e79694411c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a9af7a87b386d63afb763673fd7be281059085a812f5328a99c32a9d6f1384e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ea1f1de4e54dc1fb43b56f6ef0d14db280ba4a7b93578d828fcd5b1f1f23716
711f83fb60d4dc1b145986a696dafcd2795d2c308259fd69aa1fcfa0e77ba97c
71baf19e7b9d0eb41eb6771395adfb6db79aeaa0d0b7e2e1d68c99e3b933f454
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e
79293b978012f4d071a29d3f1b21bb63b9c66d4256b6db72ec199700be3ee558
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b64ae6be764e1befedf82b0bd2848d5e9d03e2b223828b0531d33f4d633400d
7cf0da52f056d72a092bd409620e765760858680fbd1fe2513a9cfd09686a146
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
819939fd16cc5973d244c90e8d053ce7a27aff99ead1fdfa4adef0bace67d8c8
8328cdfc86fa0595bad579513eb730c91f0630cc7f451d5c2fce7d90806a8a61
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4a31fd9e61c5bf0ed17c75134cac8d61d684e8c1fd94ac6d17e3836eced4ec
99826d09eedab85d5da34206466f0ea71528a53ffc859826ded973afb940ed33
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
a02d1fa74255a0f92d315b4030d03a3f95d1dcf480151106ccceea307984c122
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15fb6119254d23a052301d4d244dbc52c9813b171e13497b352b05c5a34ca6f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66cf7e4262d67f62d86547468ffc86eeeb3e155b1d03a513123cf400bb83cc7
a71328300f380217ae0abf7f805052a10a0c196cb241eb97adf9b905e4a48c8a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78307c11fa124f3050bbaedad86159f99e3538fd8f108892b933c9f51141bcd
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
adccafef34a91917b6714c6618b20ffc17490c8b40be5ad251f4064e1de3f816
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b861c9da9efc0827b70733d7d34ea737e0c60e9b16384c775d8d42a5ad65762c
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c10d99900b00ee0952a5499e09f8c566c872f86f4bdf48fb609eb14af41640db
c14a35c266ad60cdd4080627c46e5b351387efef6f6021a38e565999edc9452a
c185065ae4d99800c1e4733e7a17beea3470212dd07a0e8a16d962a82ebbc38d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c465b446e7e9537df30f5f5c41f0749f4abfd422c1fc2ca3d9bedaade0f246d7
c65de9238748263eabf178c951bbb58b653ffec053ec0bc49fa0d0000ba27777
c6a9d65e5bd6eb2447ea57e398e1d30f3c6e2d022ecf195933d161ffed964690
c7267caa7333ca26de3bb40429453d2cf02339a285fe14c129114bcb85d8f7b8
c8f12dbf851c7362501548265c39944d7fc46c67c650e839371c385dd90172eb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd24f5731d34c929cd209444714bbb865d4d6891b77ada39b9429fc9ba05f57c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
d18bb7f825b619f661a9dd7b444aac38ed62e372618b0cbb2f202eed20e2789e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05
e3627efe4d9f472fad33ed73658ee75d69d2f14b4adcf84331085fcf1e3eb515
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed6f8925f83c420d6500f9d16191a82e637bf5b66616c03ee908a3ac980311f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f5f5b73fd7cec06eb703c026c7d4e3e68ba69c23cd2278c679763daea9b5d39c
f88754ecdaeedbf69845f3cb4015909beff31f92b173185c075ff8ab40ae3d02
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e